Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/dosbox-0.74-3/include/mem.h Examining data/dosbox-0.74-3/include/control.h Examining data/dosbox-0.74-3/include/mouse.h Examining data/dosbox-0.74-3/include/regs.h Examining data/dosbox-0.74-3/include/hardware.h Examining data/dosbox-0.74-3/include/cross.h Examining data/dosbox-0.74-3/include/cpu.h Examining data/dosbox-0.74-3/include/setup.h Examining data/dosbox-0.74-3/include/callback.h Examining data/dosbox-0.74-3/include/inout.h Examining data/dosbox-0.74-3/include/dma.h Examining data/dosbox-0.74-3/include/modules.h Examining data/dosbox-0.74-3/include/paging.h Examining data/dosbox-0.74-3/include/programs.h Examining data/dosbox-0.74-3/include/dos_system.h Examining data/dosbox-0.74-3/include/joystick.h Examining data/dosbox-0.74-3/include/dos_inc.h Examining data/dosbox-0.74-3/include/debug.h Examining data/dosbox-0.74-3/include/vga.h Examining data/dosbox-0.74-3/include/logging.h Examining data/dosbox-0.74-3/include/bios.h Examining data/dosbox-0.74-3/include/keyboard.h Examining data/dosbox-0.74-3/include/serialport.h Examining data/dosbox-0.74-3/include/render.h Examining data/dosbox-0.74-3/include/video.h Examining data/dosbox-0.74-3/include/bios_disk.h Examining data/dosbox-0.74-3/include/ipxserver.h Examining data/dosbox-0.74-3/include/shell.h Examining data/dosbox-0.74-3/include/support.h Examining data/dosbox-0.74-3/include/fpu.h Examining data/dosbox-0.74-3/include/ipx.h Examining data/dosbox-0.74-3/include/dosbox.h Examining data/dosbox-0.74-3/include/timer.h Examining data/dosbox-0.74-3/include/mixer.h Examining data/dosbox-0.74-3/include/mapper.h Examining data/dosbox-0.74-3/include/pic.h Examining data/dosbox-0.74-3/src/gui/render_scalers.cpp Examining data/dosbox-0.74-3/src/gui/midi_oss.h Examining data/dosbox-0.74-3/src/gui/render_loops.h Examining data/dosbox-0.74-3/src/gui/render_templates_hq3x.h Examining data/dosbox-0.74-3/src/gui/midi.cpp Examining data/dosbox-0.74-3/src/gui/render_templates.h Examining data/dosbox-0.74-3/src/gui/midi_coreaudio.h Examining data/dosbox-0.74-3/src/gui/dosbox_splash.h Examining data/dosbox-0.74-3/src/gui/midi_coremidi.h Examining data/dosbox-0.74-3/src/gui/render_templates_hq.h Examining data/dosbox-0.74-3/src/gui/render_templates_hq2x.h Examining data/dosbox-0.74-3/src/gui/midi_win32.h Examining data/dosbox-0.74-3/src/gui/render.cpp Examining data/dosbox-0.74-3/src/gui/render_simple.h Examining data/dosbox-0.74-3/src/gui/render_templates_sai.h Examining data/dosbox-0.74-3/src/gui/sdl_gui.cpp Examining data/dosbox-0.74-3/src/gui/render_scalers.h Examining data/dosbox-0.74-3/src/gui/dosbox_logo.h Examining data/dosbox-0.74-3/src/gui/midi_alsa.h Examining data/dosbox-0.74-3/src/gui/sdl_mapper.cpp Examining data/dosbox-0.74-3/src/gui/sdlmain.cpp Examining data/dosbox-0.74-3/src/debug/debug.cpp Examining data/dosbox-0.74-3/src/debug/disasm_tables.h Examining data/dosbox-0.74-3/src/debug/debug_disasm.cpp Examining data/dosbox-0.74-3/src/debug/debug_win32.cpp Examining data/dosbox-0.74-3/src/debug/debug_gui.cpp Examining data/dosbox-0.74-3/src/debug/debug_inc.h Examining data/dosbox-0.74-3/src/libs/zmbv/zmbv.cpp Examining data/dosbox-0.74-3/src/libs/zmbv/zmbv.h Examining data/dosbox-0.74-3/src/libs/gui_tk/gui_tk.h Examining data/dosbox-0.74-3/src/libs/gui_tk/gui_tk.cpp Examining data/dosbox-0.74-3/src/shell/shell_misc.cpp Examining data/dosbox-0.74-3/src/shell/shell_batch.cpp Examining data/dosbox-0.74-3/src/shell/shell.cpp Examining data/dosbox-0.74-3/src/shell/shell_cmds.cpp Examining data/dosbox-0.74-3/src/platform/visualc/unistd.h Examining data/dosbox-0.74-3/src/platform/visualc/config.h Examining data/dosbox-0.74-3/src/platform/visualc/ntddcdrm.h Examining data/dosbox-0.74-3/src/platform/visualc/ntddscsi.h Examining data/dosbox-0.74-3/src/ints/int10_modes.cpp Examining data/dosbox-0.74-3/src/ints/int10_vptable.cpp Examining data/dosbox-0.74-3/src/ints/mouse.cpp Examining data/dosbox-0.74-3/src/ints/int10_char.cpp Examining data/dosbox-0.74-3/src/ints/int10_video_state.cpp Examining data/dosbox-0.74-3/src/ints/int10_put_pixel.cpp Examining data/dosbox-0.74-3/src/ints/bios_disk.cpp Examining data/dosbox-0.74-3/src/ints/int10_vesa.cpp Examining data/dosbox-0.74-3/src/ints/int10.cpp Examining data/dosbox-0.74-3/src/ints/int10_pal.cpp Examining data/dosbox-0.74-3/src/ints/xms.cpp Examining data/dosbox-0.74-3/src/ints/int10.h Examining data/dosbox-0.74-3/src/ints/xms.h Examining data/dosbox-0.74-3/src/ints/int10_memory.cpp Examining data/dosbox-0.74-3/src/ints/ems.cpp Examining data/dosbox-0.74-3/src/ints/int10_misc.cpp Examining data/dosbox-0.74-3/src/ints/bios_keyboard.cpp Examining data/dosbox-0.74-3/src/ints/bios.cpp Examining data/dosbox-0.74-3/src/cpu/modrm.h Examining data/dosbox-0.74-3/src/cpu/paging.cpp Examining data/dosbox-0.74-3/src/cpu/core_normal/table_ea.h Examining data/dosbox-0.74-3/src/cpu/core_normal/prefix_66_0f.h Examining data/dosbox-0.74-3/src/cpu/core_normal/prefix_0f.h Examining data/dosbox-0.74-3/src/cpu/core_normal/helpers.h Examining data/dosbox-0.74-3/src/cpu/core_normal/string.h Examining data/dosbox-0.74-3/src/cpu/core_normal/prefix_none.h Examining data/dosbox-0.74-3/src/cpu/core_normal/support.h Examining data/dosbox-0.74-3/src/cpu/core_normal/prefix_66.h Examining data/dosbox-0.74-3/src/cpu/core_full.cpp Examining data/dosbox-0.74-3/src/cpu/cpu.cpp Examining data/dosbox-0.74-3/src/cpu/core_dynrec/decoder.h Examining data/dosbox-0.74-3/src/cpu/core_dynrec/decoder_basic.h Examining data/dosbox-0.74-3/src/cpu/core_dynrec/operators.h Examining data/dosbox-0.74-3/src/cpu/core_dynrec/risc_armv4le-thumb.h Examining data/dosbox-0.74-3/src/cpu/core_dynrec/risc_armv4le-thumb-niw.h Examining data/dosbox-0.74-3/src/cpu/core_dynrec/risc_armv4le-common.h Examining data/dosbox-0.74-3/src/cpu/core_dynrec/risc_mipsel32.h Examining data/dosbox-0.74-3/src/cpu/core_dynrec/risc_x86.h Examining data/dosbox-0.74-3/src/cpu/core_dynrec/risc_x64.h Examining data/dosbox-0.74-3/src/cpu/core_dynrec/risc_armv4le-s3.h Examining data/dosbox-0.74-3/src/cpu/core_dynrec/decoder_opcodes.h Examining data/dosbox-0.74-3/src/cpu/core_dynrec/risc_armv4le-o3.h Examining data/dosbox-0.74-3/src/cpu/core_dynrec/dyn_fpu.h Examining data/dosbox-0.74-3/src/cpu/core_dynrec/risc_armv4le.h Examining data/dosbox-0.74-3/src/cpu/core_dynrec/risc_armv4le-thumb-iw.h Examining data/dosbox-0.74-3/src/cpu/core_dynrec/cache.h Examining data/dosbox-0.74-3/src/cpu/core_dyn_x86/decoder.h Examining data/dosbox-0.74-3/src/cpu/core_dyn_x86/dyn_fpu_dh.h Examining data/dosbox-0.74-3/src/cpu/core_dyn_x86/risc_x86.h Examining data/dosbox-0.74-3/src/cpu/core_dyn_x86/helpers.h Examining data/dosbox-0.74-3/src/cpu/core_dyn_x86/string.h Examining data/dosbox-0.74-3/src/cpu/core_dyn_x86/dyn_fpu.h Examining data/dosbox-0.74-3/src/cpu/core_dyn_x86/cache.h Examining data/dosbox-0.74-3/src/cpu/core_full/op.h Examining data/dosbox-0.74-3/src/cpu/core_full/string.h Examining data/dosbox-0.74-3/src/cpu/core_full/loadwrite.h Examining data/dosbox-0.74-3/src/cpu/core_full/ea_lookup.h Examining data/dosbox-0.74-3/src/cpu/core_full/save.h Examining data/dosbox-0.74-3/src/cpu/core_full/support.h Examining data/dosbox-0.74-3/src/cpu/core_full/optable.h Examining data/dosbox-0.74-3/src/cpu/core_full/load.h Examining data/dosbox-0.74-3/src/cpu/modrm.cpp Examining data/dosbox-0.74-3/src/cpu/lazyflags.h Examining data/dosbox-0.74-3/src/cpu/instructions.h Examining data/dosbox-0.74-3/src/cpu/core_prefetch.cpp Examining data/dosbox-0.74-3/src/cpu/core_simple.cpp Examining data/dosbox-0.74-3/src/cpu/core_normal.cpp Examining data/dosbox-0.74-3/src/cpu/core_dynrec.cpp Examining data/dosbox-0.74-3/src/cpu/core_dyn_x86.cpp Examining data/dosbox-0.74-3/src/cpu/callback.cpp Examining data/dosbox-0.74-3/src/cpu/flags.cpp Examining data/dosbox-0.74-3/src/fpu/fpu.cpp Examining data/dosbox-0.74-3/src/fpu/fpu_instructions.h Examining data/dosbox-0.74-3/src/fpu/fpu_instructions_x86.h Examining data/dosbox-0.74-3/src/dosbox.cpp Examining data/dosbox-0.74-3/src/hardware/dbopl.cpp Examining data/dosbox-0.74-3/src/hardware/pic.cpp Examining data/dosbox-0.74-3/src/hardware/joystick.cpp Examining data/dosbox-0.74-3/src/hardware/vga.cpp Examining data/dosbox-0.74-3/src/hardware/vga_dac.cpp Examining data/dosbox-0.74-3/src/hardware/vga_other.cpp Examining data/dosbox-0.74-3/src/hardware/dbopl.h Examining data/dosbox-0.74-3/src/hardware/adlib.cpp Examining data/dosbox-0.74-3/src/hardware/sblaster.cpp Examining data/dosbox-0.74-3/src/hardware/tandy_sound.cpp Examining data/dosbox-0.74-3/src/hardware/pcspeaker.cpp Examining data/dosbox-0.74-3/src/hardware/vga_memory.cpp Examining data/dosbox-0.74-3/src/hardware/memory.cpp Examining data/dosbox-0.74-3/src/hardware/timer.cpp Examining data/dosbox-0.74-3/src/hardware/disney.cpp Examining data/dosbox-0.74-3/src/hardware/dma.cpp Examining data/dosbox-0.74-3/src/hardware/vga_seq.cpp Examining data/dosbox-0.74-3/src/hardware/vga_tseng.cpp Examining data/dosbox-0.74-3/src/hardware/adlib.h Examining data/dosbox-0.74-3/src/hardware/opl.cpp Examining data/dosbox-0.74-3/src/hardware/hardware.cpp Examining data/dosbox-0.74-3/src/hardware/opl.h Examining data/dosbox-0.74-3/src/hardware/ipxserver.cpp Examining data/dosbox-0.74-3/src/hardware/vga_xga.cpp Examining data/dosbox-0.74-3/src/hardware/vga_paradise.cpp Examining data/dosbox-0.74-3/src/hardware/cmos.cpp Examining data/dosbox-0.74-3/src/hardware/mame/emu.h Examining data/dosbox-0.74-3/src/hardware/mame/sn76496.cpp Examining data/dosbox-0.74-3/src/hardware/mame/saa1099.cpp Examining data/dosbox-0.74-3/src/hardware/mame/sn76496.h Examining data/dosbox-0.74-3/src/hardware/mame/saa1099.h Examining data/dosbox-0.74-3/src/hardware/vga_crtc.cpp Examining data/dosbox-0.74-3/src/hardware/vga_misc.cpp Examining data/dosbox-0.74-3/src/hardware/mpu401.cpp Examining data/dosbox-0.74-3/src/hardware/serialport/serialdummy.cpp Examining data/dosbox-0.74-3/src/hardware/serialport/directserial.h Examining data/dosbox-0.74-3/src/hardware/serialport/nullmodem.h Examining data/dosbox-0.74-3/src/hardware/serialport/misc_util.cpp Examining data/dosbox-0.74-3/src/hardware/serialport/softmodem.h Examining data/dosbox-0.74-3/src/hardware/serialport/serialport.cpp Examining data/dosbox-0.74-3/src/hardware/serialport/libserial.h Examining data/dosbox-0.74-3/src/hardware/serialport/serialdummy.h Examining data/dosbox-0.74-3/src/hardware/serialport/libserial.cpp Examining data/dosbox-0.74-3/src/hardware/serialport/directserial.cpp Examining data/dosbox-0.74-3/src/hardware/serialport/misc_util.h Examining data/dosbox-0.74-3/src/hardware/serialport/softmodem.cpp Examining data/dosbox-0.74-3/src/hardware/serialport/nullmodem.cpp Examining data/dosbox-0.74-3/src/hardware/vga_gfx.cpp Examining data/dosbox-0.74-3/src/hardware/vga_draw.cpp Examining data/dosbox-0.74-3/src/hardware/gus.cpp Examining data/dosbox-0.74-3/src/hardware/vga_s3.cpp Examining data/dosbox-0.74-3/src/hardware/gameblaster.cpp Examining data/dosbox-0.74-3/src/hardware/ipx.cpp Examining data/dosbox-0.74-3/src/hardware/iohandler.cpp Examining data/dosbox-0.74-3/src/hardware/keyboard.cpp Examining data/dosbox-0.74-3/src/hardware/mixer.cpp Examining data/dosbox-0.74-3/src/hardware/vga_attr.cpp Examining data/dosbox-0.74-3/src/dos/cdrom.h Examining data/dosbox-0.74-3/src/dos/dos_tables.cpp Examining data/dosbox-0.74-3/src/dos/dos_misc.cpp Examining data/dosbox-0.74-3/src/dos/cdrom.cpp Examining data/dosbox-0.74-3/src/dos/dos_classes.cpp Examining data/dosbox-0.74-3/src/dos/cdrom_aspi_win32.cpp Examining data/dosbox-0.74-3/src/dos/scsidefs.h Examining data/dosbox-0.74-3/src/dos/cdrom_ioctl_os2.cpp Examining data/dosbox-0.74-3/src/dos/dos_memory.cpp Examining data/dosbox-0.74-3/src/dos/drive_virtual.cpp Examining data/dosbox-0.74-3/src/dos/dos_ioctl.cpp Examining data/dosbox-0.74-3/src/dos/drives.cpp Examining data/dosbox-0.74-3/src/dos/drive_local.cpp Examining data/dosbox-0.74-3/src/dos/dos_codepages.h Examining data/dosbox-0.74-3/src/dos/dos_keyboard_layout_data.h Examining data/dosbox-0.74-3/src/dos/drive_cache.cpp Examining data/dosbox-0.74-3/src/dos/dev_con.h Examining data/dosbox-0.74-3/src/dos/cdrom_ioctl_linux.cpp Examining data/dosbox-0.74-3/src/dos/wnaspi32.h Examining data/dosbox-0.74-3/src/dos/cdrom_image.cpp Examining data/dosbox-0.74-3/src/dos/drives.h Examining data/dosbox-0.74-3/src/dos/cdrom_ioctl_win32.cpp Examining data/dosbox-0.74-3/src/dos/dos_devices.cpp Examining data/dosbox-0.74-3/src/dos/drive_iso.cpp Examining data/dosbox-0.74-3/src/dos/dos_keyboard_layout.cpp Examining data/dosbox-0.74-3/src/dos/dos_execute.cpp Examining data/dosbox-0.74-3/src/dos/dos_files.cpp Examining data/dosbox-0.74-3/src/dos/dos.cpp Examining data/dosbox-0.74-3/src/dos/dos_mscdex.cpp Examining data/dosbox-0.74-3/src/dos/dos_programs.cpp Examining data/dosbox-0.74-3/src/dos/drive_fat.cpp Examining data/dosbox-0.74-3/src/misc/programs.cpp Examining data/dosbox-0.74-3/src/misc/cross.cpp Examining data/dosbox-0.74-3/src/misc/messages.cpp Examining data/dosbox-0.74-3/src/misc/setup.cpp Examining data/dosbox-0.74-3/src/misc/support.cpp FINAL RESULTS: data/dosbox-0.74-3/src/hardware/serialport/softmodem.h:124:7: [5] (buffer) gets: Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead. void gets(Bit8u * _str,Bitu _len) { data/dosbox-0.74-3/src/shell/shell_misc.cpp:251:8: [5] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is high; the length parameter appears to be a constant, instead of computing the number of characters left. strncat(mask, "*",DOS_PATHLENGTH - 1); data/dosbox-0.74-3/src/shell/shell_misc.cpp:252:12: [5] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is high; the length parameter appears to be a constant, instead of computing the number of characters left. else strncat(mask, "*.*",DOS_PATHLENGTH - 1); data/dosbox-0.74-3/include/cross.h:37:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/dosbox-0.74-3/include/cross.h:37:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/dosbox-0.74-3/include/cross.h:38:9: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define vsnprintf _vsnprintf data/dosbox-0.74-3/include/dos_system.h:75:103: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). virtual void SetName(const char* _name) { if (name) delete[] name; name = new char[strlen(_name)+1]; strcpy(name,_name); } data/dosbox-0.74-3/include/dos_system.h:232:42: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). virtual void SetDir(const char* path) { strcpy(curdir,path); }; data/dosbox-0.74-3/src/cpu/callback.cpp:135:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(CallBack_Description[nr],descr); data/dosbox-0.74-3/src/debug/debug.cpp:198:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(out1,"%s: s:%08X type:%02X p",selname,desc.GetSelector(),desc.saved.gate.type); data/dosbox-0.74-3/src/debug/debug.cpp:206:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(out1,"%s: b:%08X type:%02X pag",selname,desc.GetBase(),desc.saved.seg.type); data/dosbox-0.74-3/src/debug/debug.cpp:211:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(out1,"%s: s:%08X type:%02X p params: %02X",selname,desc.GetSelector(),desc.saved.gate.type,desc.saved.gate.paramcount); data/dosbox-0.74-3/src/debug/debug.cpp:218:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(out1,"%s: s:%08X type:%02X p",selname,desc.GetSelector(),desc.saved.gate.type); data/dosbox-0.74-3/src/debug/debug.cpp:222:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(out1,"%s: b:%08X type:%02X parbg",selname,desc.GetBase(),desc.saved.seg.type); data/dosbox-0.74-3/src/debug/debug.cpp:1326:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(instu,inst); data/dosbox-0.74-3/src/debug/debug.cpp:1369:8: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(result,outmask,prefix,adr,val); data/dosbox-0.74-3/src/debug/debug.cpp:1373:8: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(result,outmask,prefix,adr,val); data/dosbox-0.74-3/src/debug/debug.cpp:1377:8: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(result,outmask,prefix,adr,val); data/dosbox-0.74-3/src/debug/debug.cpp:1391:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(temp,pos2); // save end data/dosbox-0.74-3/src/debug/debug.cpp:1393:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(inst,var->GetName()); // add var name data/dosbox-0.74-3/src/debug/debug.cpp:1394:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(inst,temp); // add end data/dosbox-0.74-3/src/debug/debug.cpp:1399:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(curSelectorName,prefix); data/dosbox-0.74-3/src/debug/debug.cpp:1409:24: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(inst," ("); strcat(inst,descr); strcat(inst,")"); data/dosbox-0.74-3/src/debug/debug.cpp:1907:4: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(ibytes,tmpc); data/dosbox-0.74-3/src/debug/debug.cpp:2152:4: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buffer,temp); data/dosbox-0.74-3/src/debug/debug.cpp:2165:4: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buffer,temp); data/dosbox-0.74-3/src/debug/debug.cpp:2297:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(inst.dline,dline); data/dosbox-0.74-3/src/debug/debug.cpp:2300:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(inst.res,res); data/dosbox-0.74-3/src/debug/debug_disasm.cpp:490:2: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. vsprintf(ubufp, s, arg_ptr); data/dosbox-0.74-3/src/debug/debug_gui.cpp:60:2: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. vsprintf(buf,format,msg); data/dosbox-0.74-3/src/debug/debug_gui.cpp:108:2: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. vsprintf(buf,format,msg); data/dosbox-0.74-3/src/debug/debug_gui.cpp:210:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf,loggrp[i].front); data/dosbox-0.74-3/src/debug/debug_gui.cpp:255:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buf,loggrp[i].front); data/dosbox-0.74-3/src/dos/cdrom.cpp:48:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buffer,path); data/dosbox-0.74-3/src/dos/cdrom.cpp:156:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buffer,path); data/dosbox-0.74-3/src/dos/cdrom_image.cpp:183:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(upc, this->mcn.c_str()); data/dosbox-0.74-3/src/dos/cdrom_ioctl_win32.cpp:570:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(pathname,letter); data/dosbox-0.74-3/src/dos/dos_devices.cpp:104:41: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). name=new char [strlen(orig.name) + 1];strcpy(name,orig.name); data/dosbox-0.74-3/src/dos/dos_devices.cpp:120:41: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). name=new char [strlen(orig.name) + 1];strcpy(name,orig.name); data/dosbox-0.74-3/src/dos/dos_files.cpp:108:23: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). if (upname[0]!='\\') strcpy(fullname,Drives[*drive]->curdir); data/dosbox-0.74-3/src/dos/dos_files.cpp:183:4: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(fullname,tempdir); data/dosbox-0.74-3/src/dos/dos_files.cpp:200:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buffer,Drives[drive]->curdir); data/dosbox-0.74-3/src/dos/dos_files.cpp:209:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(Drives[drive]->curdir,fulldir); data/dosbox-0.74-3/src/dos/dos_files.cpp:316:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(pattern,fullsearch); data/dosbox-0.74-3/src/dos/dos_files.cpp:320:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(pattern,find_last+1); data/dosbox-0.74-3/src/dos/dos_files.cpp:321:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(dir,fullsearch); data/dosbox-0.74-3/src/dos/dos_files.cpp:451:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(temp,name); data/dosbox-0.74-3/src/dos/dos_files.cpp:666:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(&big[3],fullname); data/dosbox-0.74-3/src/dos/dos_files.cpp:884:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(ext,find+1); data/dosbox-0.74-3/src/dos/dos_files.cpp:887:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(filename,name); data/dosbox-0.74-3/src/dos/dos_keyboard_layout.cpp:263:27: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). if (specific_layout==-1) strcpy(current_keyboard_file_name, keyboard_file_name); data/dosbox-0.74-3/src/dos/dos_keyboard_layout.cpp:272:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(nbuf, "%s.kl", keyboard_file_name); data/dosbox-0.74-3/src/dos/dos_keyboard_layout.cpp:617:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(nbuf, "%s.kl", keyboard_file_name); data/dosbox-0.74-3/src/dos/dos_keyboard_layout.cpp:696:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(cp_filename, codepage_file_name); data/dosbox-0.74-3/src/dos/dos_keyboard_layout.cpp:734:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(nbuf, "%s", cp_filename); data/dosbox-0.74-3/src/dos/dos_keyboard_layout.cpp:958:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tbuf, new_layout); data/dosbox-0.74-3/src/dos/dos_programs.cpp:711:8: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(cmdlist,buf); data/dosbox-0.74-3/src/dos/dos_programs.cpp:735:8: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(cmdlist,buf); data/dosbox-0.74-3/src/dos/dos_programs.cpp:977:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(args,temp_line.c_str()); data/dosbox-0.74-3/src/dos/dos_programs.cpp:1375:6: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(cp_file_name, cp_string.c_str()); data/dosbox-0.74-3/src/dos/drive_cache.cpp:127:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(basePath,baseDir); data/dosbox-0.74-3/src/dos/drive_cache.cpp:159:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(path,GetExpandName(path)); data/dosbox-0.74-3/src/dos/drive_cache.cpp:167:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (dir,path); data/dosbox-0.74-3/src/dos/drive_cache.cpp:176:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(dir,pos+1); data/dosbox-0.74-3/src/dos/drive_cache.cpp:178:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(work,dir); data/dosbox-0.74-3/src/dos/drive_cache.cpp:203:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(file,pos+1); data/dosbox-0.74-3/src/dos/drive_cache.cpp:254:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tmp,path); data/dosbox-0.74-3/src/dos/drive_cache.cpp:296:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(shortname,curDir->longNameList[mid]->shortname); data/dosbox-0.74-3/src/dos/drive_cache.cpp:443:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(shortName,curDir->fileList[mid]->orgname); data/dosbox-0.74-3/src/dos/drive_cache.cpp:457:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(shortName,curDir->fileList[i]->orgname); data/dosbox-0.74-3/src/dos/drive_cache.cpp:486:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tmpName,info->orgname); data/dosbox-0.74-3/src/dos/drive_cache.cpp:509:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buffer,tmpName); data/dosbox-0.74-3/src/dos/drive_cache.cpp:526:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(info->shortname,buffer); data/dosbox-0.74-3/src/dos/drive_cache.cpp:560:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(info->shortname,tmpName); data/dosbox-0.74-3/src/dos/drive_cache.cpp:577:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(expandedPath,save_expanded); data/dosbox-0.74-3/src/dos/drive_cache.cpp:585:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(expandedPath,basePath); data/dosbox-0.74-3/src/dos/drive_cache.cpp:589:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(work,basePath); data/dosbox-0.74-3/src/dos/drive_cache.cpp:593:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buffer,dirPath); data/dosbox-0.74-3/src/dos/drive_cache.cpp:595:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(dirPath,buffer); data/dosbox-0.74-3/src/dos/drive_cache.cpp:604:11: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). else { strcpy(dir,start); }; data/dosbox-0.74-3/src/dos/drive_cache.cpp:608:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(expandedPath,dir); data/dosbox-0.74-3/src/dos/drive_cache.cpp:618:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (curDir->orgname,dir); data/dosbox-0.74-3/src/dos/drive_cache.cpp:623:6: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buffer,dirPath); data/dosbox-0.74-3/src/dos/drive_cache.cpp:625:6: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(dirPath,buffer); data/dosbox-0.74-3/src/dos/drive_cache.cpp:631:4: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(expandedPath,split); data/dosbox-0.74-3/src/dos/drive_cache.cpp:637:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(save_path,path); data/dosbox-0.74-3/src/dos/drive_cache.cpp:638:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(save_expanded,expandedPath); data/dosbox-0.74-3/src/dos/drive_cache.cpp:658:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(expandcopy,expand); data/dosbox-0.74-3/src/dos/drive_cache.cpp:661:57: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). if (expandcopy[strlen(expandcopy)-1]!=CROSS_FILESPLIT) strcat(expandcopy,end); data/dosbox-0.74-3/src/dos/drive_cache.cpp:669:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(dirPath,expandcopy); data/dosbox-0.74-3/src/dos/drive_cache.cpp:679:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(info->orgname, name); data/dosbox-0.74-3/src/dos/drive_cache.cpp:715:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(info->orgname, from->orgname); data/dosbox-0.74-3/src/dos/drive_cache.cpp:716:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(info->shortname, from->shortname); data/dosbox-0.74-3/src/dos/drive_cache.cpp:770:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(res,info->shortname); data/dosbox-0.74-3/src/dos/drive_fat.cpp:402:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(dirtoken,fullname); data/dosbox-0.74-3/src/dos/drive_fat.cpp:414:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(entname, findFile); data/dosbox-0.74-3/src/dos/drive_fat.cpp:426:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(dirtoken,filename); data/dosbox-0.74-3/src/dos/drive_fat.cpp:471:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(dirtoken,dir); data/dosbox-0.74-3/src/dos/drive_fat.cpp:947:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(find_name, extension); data/dosbox-0.74-3/src/dos/drive_iso.cpp:160:4: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(info, fileName); data/dosbox-0.74-3/src/dos/drive_iso.cpp:169:4: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(info, fileName); data/dosbox-0.74-3/src/dos/drive_iso.cpp:308:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(findName, (char*)de.ident); data/dosbox-0.74-3/src/dos/drive_iso.cpp:509:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy((char*)(&de->ident[8]),dotpos); data/dosbox-0.74-3/src/dos/drive_local.cpp:54:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(newname,basedir); data/dosbox-0.74-3/src/dos/drive_local.cpp:55:2: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(newname,name); data/dosbox-0.74-3/src/dos/drive_local.cpp:93:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(newname,basedir); data/dosbox-0.74-3/src/dos/drive_local.cpp:94:2: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(newname,name); data/dosbox-0.74-3/src/dos/drive_local.cpp:120:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(newname,basedir); data/dosbox-0.74-3/src/dos/drive_local.cpp:121:2: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(newname,name); data/dosbox-0.74-3/src/dos/drive_local.cpp:130:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(sysName, basedir); data/dosbox-0.74-3/src/dos/drive_local.cpp:131:2: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(sysName, dosName); data/dosbox-0.74-3/src/dos/drive_local.cpp:139:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(newname,basedir); data/dosbox-0.74-3/src/dos/drive_local.cpp:140:2: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(newname,name); data/dosbox-0.74-3/src/dos/drive_local.cpp:180:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tempDir,basedir); data/dosbox-0.74-3/src/dos/drive_local.cpp:181:2: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(tempDir,_dir); data/dosbox-0.74-3/src/dos/drive_local.cpp:189:51: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). if (tempDir[strlen(tempDir)-1]!=CROSS_FILESPLIT) strcat(tempDir,end); data/dosbox-0.74-3/src/dos/drive_local.cpp:196:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(srchInfo[id].srch_dir,tempDir); data/dosbox-0.74-3/src/dos/drive_local.cpp:251:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(full_name,srchInfo[id].srch_dir); data/dosbox-0.74-3/src/dos/drive_local.cpp:252:2: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(full_name,dir_ent); data/dosbox-0.74-3/src/dos/drive_local.cpp:257:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(dir_entcopy,dir_ent); data/dosbox-0.74-3/src/dos/drive_local.cpp:270:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(find_name,dir_entcopy); data/dosbox-0.74-3/src/dos/drive_local.cpp:289:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(newname,basedir); data/dosbox-0.74-3/src/dos/drive_local.cpp:290:2: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(newname,name); data/dosbox-0.74-3/src/dos/drive_local.cpp:306:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(newdir,basedir); data/dosbox-0.74-3/src/dos/drive_local.cpp:307:2: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(newdir,dir); data/dosbox-0.74-3/src/dos/drive_local.cpp:321:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(newdir,basedir); data/dosbox-0.74-3/src/dos/drive_local.cpp:322:2: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(newdir,dir); data/dosbox-0.74-3/src/dos/drive_local.cpp:331:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(newdir,basedir); data/dosbox-0.74-3/src/dos/drive_local.cpp:332:2: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(newdir,dir); data/dosbox-0.74-3/src/dos/drive_local.cpp:343:11: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. int temp=access(newdir,F_OK); data/dosbox-0.74-3/src/dos/drive_local.cpp:349:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(newold,basedir); data/dosbox-0.74-3/src/dos/drive_local.cpp:350:2: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(newold,oldname); data/dosbox-0.74-3/src/dos/drive_local.cpp:355:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(newnew,basedir); data/dosbox-0.74-3/src/dos/drive_local.cpp:356:2: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(newnew,newname); data/dosbox-0.74-3/src/dos/drive_local.cpp:376:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(newname,basedir); data/dosbox-0.74-3/src/dos/drive_local.cpp:377:2: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(newname,name); data/dosbox-0.74-3/src/dos/drive_local.cpp:388:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(newname,basedir); data/dosbox-0.74-3/src/dos/drive_local.cpp:389:2: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(newname,name); data/dosbox-0.74-3/src/dos/drive_local.cpp:425:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(basedir,startdir); data/dosbox-0.74-3/src/dos/drive_local.cpp:426:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(info,"local directory %s",startdir); data/dosbox-0.74-3/src/dos/drive_local.cpp:563:2: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(info, startdir); data/dosbox-0.74-3/src/dos/drives.cpp:185:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(newDisk->curdir, oldDisk->curdir); data/dosbox-0.74-3/src/gui/sdl_gui.cpp:222:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(line,l.c_str()); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:464:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"Key %s",SDL_GetKeyName(MapSDLCode((Bitu)key))); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:544:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"%s axis %d %d",group->ConfigStart(),axis,positive ? 1 : 0); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:547:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"%s Axis %d%s",group->BindStart(),axis,positive ? "+" : "-"); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:562:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"%s button %d",group->ConfigStart(),button); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:565:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"%s Button %d",group->BindStart(),button); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:586:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"%s hat %d %d",group->ConfigStart(),hat,dir); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:589:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"%s Hat %d %s",group->BindStart(),hat,(dir==SDL_HAT_UP)?"up": data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:1364:2: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. vsprintf(caption,format,msg); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:1588:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"%s \"key %d%s%s%s\"", data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:1680:2: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buf,entry); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:1688:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"jaxis_%d_%d%s",stick,axis,positive ? "+" : "-"); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:1695:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf,"jaxis_%d_%d%s",stick,axis,positive ? "+" : "-"); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:2061:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buffer,"key_%s \"key %d\"",DefaultKeys[i].eventend,DefaultKeys[i].key); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:2114:2: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(tempname,eventname); data/dosbox-0.74-3/src/gui/sdlmain.cpp:81:74: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. typedef GLvoid* (APIENTRYP PFNGLMAPBUFFERARBPROC) (GLenum target, GLenum access); data/dosbox-0.74-3/src/gui/sdlmain.cpp:294:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(title,"DOSBox %s, Cpu speed: max %3d%% cycles, Frameskip %2d, Program: %8s",VERSION,internal_cycles,internal_frameskip,RunningProgram); data/dosbox-0.74-3/src/gui/sdlmain.cpp:296:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(title,"DOSBox %s, Cpu speed: %8d cycles, Frameskip %2d, Program: %8s",VERSION,internal_cycles,internal_frameskip,RunningProgram); data/dosbox-0.74-3/src/gui/sdlmain.cpp:1622:2: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. vsprintf(buf,format,msg); data/dosbox-0.74-3/src/gui/sdlmain.cpp:1759:3: [4] (shell) execlp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execlp(edit.c_str(),edit.c_str(),path.c_str(),(char*) 0); data/dosbox-0.74-3/src/gui/sdlmain.cpp:1785:2: [4] (shell) execlp: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. execlp(edit.c_str(),edit.c_str(),path.c_str(),(char*) 0); data/dosbox-0.74-3/src/hardware/hardware.cpp:105:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(file_start,RunningProgram); data/dosbox-0.74-3/src/hardware/hardware.cpp:122:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(file_name,"%s%c%s%03d%s",capturedir.c_str(),CROSS_FILESPLIT,file_start,last,ext); data/dosbox-0.74-3/src/hardware/ipx.cpp:983:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(strHost, temp_line.c_str()); data/dosbox-0.74-3/src/hardware/serialport/serialport.cpp:209:3: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. vsprintf(buf+strlen(buf),format,msg); data/dosbox-0.74-3/src/ints/bios_disk.cpp:194:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy((char *)diskname, (const char *)imgName); data/dosbox-0.74-3/src/misc/cross.cpp:52:40: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). if(len + strlen(appdata) < MAX_PATH) strcat(result,appdata); data/dosbox-0.74-3/src/misc/cross.cpp:143:10: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. return (access(dirname,0) ? NULL : &dir); data/dosbox-0.74-3/src/misc/cross.cpp:210:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buffer,dirp->base_path); data/dosbox-0.74-3/src/misc/cross.cpp:211:2: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buffer,entry_name); data/dosbox-0.74-3/src/misc/cross.cpp:241:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buffer,dirp->base_path); data/dosbox-0.74-3/src/misc/cross.cpp:242:2: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buffer,entry_name); data/dosbox-0.74-3/src/misc/messages.cpp:99:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(name,linein+1); data/dosbox-0.74-3/src/misc/messages.cpp:109:4: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(string,linein); data/dosbox-0.74-3/src/misc/programs.cpp:136:2: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(buf,2047,format,msg); data/dosbox-0.74-3/src/misc/programs.cpp:354:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(copy,temp_line.c_str()); data/dosbox-0.74-3/src/misc/programs.cpp:378:22: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). char buffer[1024];strcpy(buffer,copy);strcat(buffer,"=");strcat(buffer,temp); data/dosbox-0.74-3/src/misc/programs.cpp:378:61: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). char buffer[1024];strcpy(buffer,copy);strcat(buffer,"=");strcat(buffer,temp); data/dosbox-0.74-3/src/misc/programs.cpp:381:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(copy,sec->GetName()); data/dosbox-0.74-3/src/misc/setup.cpp:618:2: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(outfile,MSG_Get("CONFIGFILE_INTRO"),VERSION); data/dosbox-0.74-3/src/misc/setup.cpp:623:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(temp,(*tel)->GetName()); data/dosbox-0.74-3/src/misc/support.cpp:180:2: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. vsprintf(buf,format,msg); data/dosbox-0.74-3/src/shell/shell.cpp:100:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf((autoexec_data+auto_len),"%s\r\n",(*it).c_str()); data/dosbox-0.74-3/src/shell/shell.cpp:290:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(input_line,line.c_str()); data/dosbox-0.74-3/src/shell/shell.cpp:309:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(input_line,line.c_str()); data/dosbox-0.74-3/src/shell/shell.cpp:389:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(buffer,line.c_str()); data/dosbox-0.74-3/src/shell/shell.cpp:392:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buffer,cross_filesplit); data/dosbox-0.74-3/src/shell/shell.cpp:393:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buffer,line.c_str()); data/dosbox-0.74-3/src/shell/shell.cpp:405:6: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buffer,cross_filesplit); data/dosbox-0.74-3/src/shell/shell.cpp:406:6: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(buffer,line.c_str()); data/dosbox-0.74-3/src/shell/shell.cpp:412:9: [4] (race) access: This usually indicates a security flaw. If an attacker can change anything along the path between the call to access() and the file's actual use (e.g., by moving files), the attacker can exploit the race condition (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid()) and try to open the file directly. if (access(buffer,F_OK)) goto nomount; data/dosbox-0.74-3/src/shell/shell.cpp:416:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(orig,name); data/dosbox-0.74-3/src/shell/shell.cpp:644:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(tail.buffer,init_line); data/dosbox-0.74-3/src/shell/shell_batch.cpp:107:6: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(cmd_write,file_name); data/dosbox-0.74-3/src/shell/shell_batch.cpp:122:6: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(cmd_write,word.c_str()); data/dosbox-0.74-3/src/shell/shell_batch.cpp:139:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(cmd_write,equals); data/dosbox-0.74-3/src/shell/shell_cmds.cpp:112:2: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(newcom,test->GetName()); strcat(newcom," "); data/dosbox-0.74-3/src/shell/shell_cmds.cpp:113:2: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(newcom,cmd_in);strcat(newcom,line); data/dosbox-0.74-3/src/shell/shell_cmds.cpp:113:24: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(newcom,cmd_in);strcat(newcom,line); data/dosbox-0.74-3/src/shell/shell_cmds.cpp:206:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(end,name); data/dosbox-0.74-3/src/shell/shell_cmds.cpp:244:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(dir_source,arg1); data/dosbox-0.74-3/src/shell/shell_cmds.cpp:685:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(nameSource,pathSource); data/dosbox-0.74-3/src/shell/shell_cmds.cpp:686:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(nameSource,name); data/dosbox-0.74-3/src/shell/shell_cmds.cpp:690:6: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(nameTarget,pathTarget); data/dosbox-0.74-3/src/shell/shell_cmds.cpp:691:50: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). if (nameTarget[strlen(nameTarget)-1]=='\\') strcat(nameTarget,name); data/dosbox-0.74-3/src/shell/shell_cmds.cpp:762:6: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(p_parsed,temp.substr(equals+1).c_str()); data/dosbox-0.74-3/src/shell/shell_cmds.cpp:957:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(mountstring,temp_str); data/dosbox-0.74-3/src/shell/shell_cmds.cpp:966:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(newname, ldp->basedir); data/dosbox-0.74-3/src/shell/shell_cmds.cpp:967:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(newname,fulldir); data/dosbox-0.74-3/src/shell/shell_cmds.cpp:971:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(mountstring, newname); data/dosbox-0.74-3/src/shell/shell_cmds.cpp:1071:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(pathstring,args); data/dosbox-0.74-3/src/shell/shell_misc.cpp:126:6: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(line, it_history->c_str()); data/dosbox-0.74-3/src/shell/shell_misc.cpp:155:6: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(line, it_history->c_str()); data/dosbox-0.74-3/src/shell/shell_misc.cpp:301:6: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(&line[completion_index], it_completion->c_str()); data/dosbox-0.74-3/src/shell/shell_misc.cpp:393:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(fullname,p_fullname); data/dosbox-0.74-3/src/shell/shell_misc.cpp:405:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(temp_name,fullname); data/dosbox-0.74-3/src/shell/shell_misc.cpp:408:41: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). if (temp_fullname) { extension=".com";strcpy(fullname,temp_fullname); } data/dosbox-0.74-3/src/shell/shell_misc.cpp:412:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(temp_name,fullname); data/dosbox-0.74-3/src/shell/shell_misc.cpp:415:43: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). if (temp_fullname) { extension=".exe";strcpy(fullname,temp_fullname);} data/dosbox-0.74-3/src/shell/shell_misc.cpp:419:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(temp_name,fullname); data/dosbox-0.74-3/src/shell/shell_misc.cpp:422:44: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). if (temp_fullname) { extension=".bat";strcpy(fullname,temp_fullname);} data/dosbox-0.74-3/src/shell/shell_misc.cpp:524:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(which_ret,name); data/dosbox-0.74-3/src/shell/shell_misc.cpp:525:2: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(which_ret,com_ext); data/dosbox-0.74-3/src/shell/shell_misc.cpp:527:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(which_ret,name); data/dosbox-0.74-3/src/shell/shell_misc.cpp:528:2: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(which_ret,exe_ext); data/dosbox-0.74-3/src/shell/shell_misc.cpp:530:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(which_ret,name); data/dosbox-0.74-3/src/shell/shell_misc.cpp:531:2: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(which_ret,bat_ext); data/dosbox-0.74-3/src/shell/shell_misc.cpp:573:4: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(path,name); data/dosbox-0.74-3/src/shell/shell_misc.cpp:575:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(which_ret,path); data/dosbox-0.74-3/src/shell/shell_misc.cpp:577:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(which_ret,path); data/dosbox-0.74-3/src/shell/shell_misc.cpp:578:4: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(which_ret,com_ext); data/dosbox-0.74-3/src/shell/shell_misc.cpp:580:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(which_ret,path); data/dosbox-0.74-3/src/shell/shell_misc.cpp:581:4: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(which_ret,exe_ext); data/dosbox-0.74-3/src/shell/shell_misc.cpp:583:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(which_ret,path); data/dosbox-0.74-3/src/shell/shell_misc.cpp:584:4: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(which_ret,bat_ext); data/dosbox-0.74-3/include/setup.h:204:14: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. std::string realpath; data/dosbox-0.74-3/src/dos/cdrom_aspi_win32.cpp:267:10: [3] (misc) LoadLibrary: Ensure that the full path to the library is specified, or current directory may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to find library path, if you aren't already. hASPI = LoadLibrary ( "WNASPI32.DLL" ); data/dosbox-0.74-3/src/dos/dos_files.cpp:1071:9: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. Bit32u random; data/dosbox-0.74-3/src/dos/dos_files.cpp:1077:16: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. fcb.GetRandom(random); data/dosbox-0.74-3/src/dos/dos_files.cpp:1078:25: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. fcb.SetRecord((Bit16u)(random / 128),(Bit8u)(random & 127)); data/dosbox-0.74-3/src/dos/dos_files.cpp:1078:47: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. fcb.SetRecord((Bit16u)(random / 128),(Bit8u)(random & 127)); data/dosbox-0.74-3/src/dos/dos_files.cpp:1096:9: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. Bit32u random; data/dosbox-0.74-3/src/dos/dos_files.cpp:1102:16: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. fcb.GetRandom(random); data/dosbox-0.74-3/src/dos/dos_files.cpp:1103:25: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. fcb.SetRecord((Bit16u)(random / 128),(Bit8u)(random & 127)); data/dosbox-0.74-3/src/dos/dos_files.cpp:1103:47: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. fcb.SetRecord((Bit16u)(random / 128),(Bit8u)(random & 127)); data/dosbox-0.74-3/src/dos/dos_files.cpp:1133:16: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. fcb.SetRandom(random); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:2509:24: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. mapper.filename = pp->realpath; data/dosbox-0.74-3/src/gui/sdlmain.cpp:1948:7: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. if (getenv("SDL_VIDEODRIVER")==NULL) { data/dosbox-0.74-3/src/gui/sdlmain.cpp:1962:25: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. char* sdl_videodrv = getenv("SDL_VIDEODRIVER"); data/dosbox-0.74-3/src/hardware/hardware.cpp:736:26: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. capturedir = proppath->realpath; data/dosbox-0.74-3/src/misc/cross.cpp:47:25: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. char const * windir = getenv("windir"); data/dosbox-0.74-3/src/misc/cross.cpp:105:17: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. char * home = getenv("HOME"); data/dosbox-0.74-3/src/misc/cross.cpp:276:17: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. char* check = realpath(work,NULL); data/dosbox-0.74-3/src/misc/cross.cpp:291:17: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. char* check = realpath(path,NULL); data/dosbox-0.74-3/src/misc/messages.cpp:142:42: [3] (buffer) realpath: This function does not protect against buffer overflows, and some implementations can overflow internally (CWE-120/CWE-785!). Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN. if(pathprop) LoadMessageFile(pathprop->realpath.c_str()); data/dosbox-0.74-3/include/cross.h:87:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char base_path[MAX_PATH+4]; data/dosbox-0.74-3/include/cross.h:98:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char base_path[CROSS_LEN]; data/dosbox-0.74-3/include/dos_inc.h:38:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[127]; /* the buffer itself */ data/dosbox-0.74-3/include/dos_inc.h:485:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[DOS_NAMELENGTH_ASCII]; data/dosbox-0.74-3/include/dos_system.h:77:37: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). virtual bool IsOpen() { return open; }; data/dosbox-0.74-3/include/dos_system.h:89:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). bool open; data/dosbox-0.74-3/include/dos_system.h:167:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char orgname [CROSS_LEN]; data/dosbox-0.74-3/include/dos_system.h:168:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char shortname [DOS_NAMELENGTH_ASCII]; data/dosbox-0.74-3/include/dos_system.h:195:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dirPath [CROSS_LEN]; data/dosbox-0.74-3/include/dos_system.h:196:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char basePath [CROSS_LEN]; data/dosbox-0.74-3/include/dos_system.h:200:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char save_path [CROSS_LEN]; data/dosbox-0.74-3/include/dos_system.h:201:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char save_expanded [CROSS_LEN]; data/dosbox-0.74-3/include/dos_system.h:205:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dirSearchName [MAX_OPENDIRS]; data/dosbox-0.74-3/include/dos_system.h:210:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char label [CROSS_LEN]; data/dosbox-0.74-3/include/dos_system.h:239:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char curdir[DOS_PATHLENGTH]; data/dosbox-0.74-3/include/dos_system.h:240:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char info[256]; data/dosbox-0.74-3/include/mixer.h:102:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char m_name[32]; data/dosbox-0.74-3/src/cpu/core_dyn_x86/decoder.h:175:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tempmem,activecb->cache.wmapmask,activecb->cache.masklen); data/dosbox-0.74-3/src/cpu/core_dynrec/decoder_basic.h:273:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tempmem,activecb->cache.wmapmask,activecb->cache.masklen); data/dosbox-0.74-3/src/cpu/core_normal.cpp:170:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tempcode[16*2+1];char * writecode=tempcode; data/dosbox-0.74-3/src/cpu/core_normal.cpp:172:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(writecode,"%02X",mem_readb(core.cseip++)); data/dosbox-0.74-3/src/cpu/core_prefetch.cpp:275:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tempcode[16*2+1];char * writecode=tempcode; data/dosbox-0.74-3/src/cpu/core_prefetch.cpp:277:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(writecode,"%02X",mem_readb(core.cseip++)); data/dosbox-0.74-3/src/cpu/core_simple.cpp:167:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tempcode[16*2+1];char * writecode=tempcode; data/dosbox-0.74-3/src/cpu/paging.cpp:143:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&old_lflags,&lflags,sizeof(LazyFlags)); data/dosbox-0.74-3/src/cpu/paging.cpp:165:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&lflags,&old_lflags,sizeof(LazyFlags)); data/dosbox-0.74-3/src/debug/debug.cpp:121:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char curSelectorName[3] = { 0,0,0 }; data/dosbox-0.74-3/src/debug/debug.cpp:148:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char inputStr[255]; data/dosbox-0.74-3/src/debug/debug.cpp:149:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char prevInputStr[255]; data/dosbox-0.74-3/src/debug/debug.cpp:199:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(out2," TaskGate dpl : %01X %1X",desc.saved.gate.dpl,desc.saved.gate.p); data/dosbox-0.74-3/src/debug/debug.cpp:207:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(out2," l:%08X dpl : %01X %1X%1X%1X",desc.GetLimit(),desc.saved.seg.dpl,desc.saved.seg.p,desc.saved.seg.avl,desc.saved.seg.g); data/dosbox-0.74-3/src/debug/debug.cpp:212:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(out2," o:%08X dpl : %01X %1X",desc.GetOffset(),desc.saved.gate.dpl,desc.saved.gate.p); data/dosbox-0.74-3/src/debug/debug.cpp:219:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(out2," o:%08X dpl : %01X %1X",desc.GetOffset(),desc.saved.gate.dpl,desc.saved.gate.p); data/dosbox-0.74-3/src/debug/debug.cpp:223:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(out2," l:%08X dpl : %01X %1X%1X%1X%1X%1X",desc.GetLimit(),desc.saved.seg.dpl,desc.saved.seg.p,desc.saved.seg.avl,desc.saved.seg.r,desc.saved.seg.big,desc.saved.seg.g); data/dosbox-0.74-3/src/debug/debug.cpp:226:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(out1," "); data/dosbox-0.74-3/src/debug/debug.cpp:227:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(out2," "); data/dosbox-0.74-3/src/debug/debug.cpp:246:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[16]; data/dosbox-0.74-3/src/debug/debug.cpp:638:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dline[200];Bitu size; data/dosbox-0.74-3/src/debug/debug.cpp:753:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char out1[200], out2[200]; data/dosbox-0.74-3/src/debug/debug.cpp:768:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dline[200];Bitu size;Bitu c; data/dosbox-0.74-3/src/debug/debug.cpp:769:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char line20[21] = " "; data/dosbox-0.74-3/src/debug/debug.cpp:987:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[16]; data/dosbox-0.74-3/src/debug/debug.cpp:1001:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[13]; data/dosbox-0.74-3/src/debug/debug.cpp:1013:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[13]; data/dosbox-0.74-3/src/debug/debug.cpp:1153:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). cpuLogFile.open("LOGCPU.TXT"); data/dosbox-0.74-3/src/debug/debug.cpp:1194:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char out1[200],out2[200]; data/dosbox-0.74-3/src/debug/debug.cpp:1320:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char result[256]; data/dosbox-0.74-3/src/debug/debug.cpp:1322:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char instu[256]; data/dosbox-0.74-3/src/debug/debug.cpp:1323:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char prefix[3]; data/dosbox-0.74-3/src/debug/debug.cpp:1342:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(prefix,"ss"); data/dosbox-0.74-3/src/debug/debug.cpp:1345:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(prefix,"ds"); data/dosbox-0.74-3/src/debug/debug.cpp:1381:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(result,"[illegal]"); data/dosbox-0.74-3/src/debug/debug.cpp:1390:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[256]; data/dosbox-0.74-3/src/debug/debug.cpp:1409:4: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(inst," ("); strcat(inst,descr); strcat(inst,")"); data/dosbox-0.74-3/src/debug/debug.cpp:1481:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(result,"(down)"); data/dosbox-0.74-3/src/debug/debug.cpp:1483:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(result,"(up)"); data/dosbox-0.74-3/src/debug/debug.cpp:1487:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(result,"(no jmp)"); data/dosbox-0.74-3/src/debug/debug.cpp:1566:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dline[200]; data/dosbox-0.74-3/src/debug/debug.cpp:1707:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[9]; // 8 characters plus a terminating NUL data/dosbox-0.74-3/src/debug/debug.cpp:1765:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char out1[512]; data/dosbox-0.74-3/src/debug/debug.cpp:1774:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(out1,"%04X: b:%08X type: %02X parbg",(i<<3),desc.GetBase(),desc.saved.seg.type); data/dosbox-0.74-3/src/debug/debug.cpp:1776:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(out1," l:%08X dpl : %01X %1X%1X%1X%1X%1X",desc.GetLimit(),desc.saved.seg.dpl,desc.saved.seg.p,desc.saved.seg.avl,desc.saved.seg.r,desc.saved.seg.big,desc.saved.seg.g); data/dosbox-0.74-3/src/debug/debug.cpp:1783:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char out1[512]; data/dosbox-0.74-3/src/debug/debug.cpp:1794:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(out1,"%04X: b:%08X type: %02X parbg",(i<<3)|4,desc.GetBase(),desc.saved.seg.type); data/dosbox-0.74-3/src/debug/debug.cpp:1796:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(out1," l:%08X dpl : %01X %1X%1X%1X%1X%1X",desc.GetLimit(),desc.saved.seg.dpl,desc.saved.seg.p,desc.saved.seg.avl,desc.saved.seg.r,desc.saved.seg.big,desc.saved.seg.g); data/dosbox-0.74-3/src/debug/debug.cpp:1803:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char out1[512]; data/dosbox-0.74-3/src/debug/debug.cpp:1808:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(out1,"%04X: sel:%04X off:%02X",address/8,desc.GetSelector(),desc.GetOffset()); data/dosbox-0.74-3/src/debug/debug.cpp:1816:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char out1[512]; data/dosbox-0.74-3/src/debug/debug.cpp:1829:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(out1,"page %05Xxxx -> %04Xxxx flags [uw] %x:%x::%x:%x [d=%x|a=%x]", data/dosbox-0.74-3/src/debug/debug.cpp:1844:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(out1,"page %05Xxxx -> %04Xxxx flags [puw] %x:%x::%x:%x::%x:%x",sel,entry.block.base,entry.block.p,table.block.p,entry.block.us,table.block.us,entry.block.wr,table.block.wr); data/dosbox-0.74-3/src/debug/debug.cpp:1847:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(out1,"pagetable %03X not present, flags [puw] %x::%x::%x",(sel >> 10),table.block.p,table.block.us,table.block.wr); data/dosbox-0.74-3/src/debug/debug.cpp:1855:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char out1[512]; data/dosbox-0.74-3/src/debug/debug.cpp:1856:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(out1,"cr0:%08X cr2:%08X cr3:%08X cpl=%x",cpu.cr0,paging.cr2,paging.cr3,cpu.cpl); data/dosbox-0.74-3/src/debug/debug.cpp:1858:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(out1,"eflags:%08X [vm=%x iopl=%x nt=%x]",reg_flags,GETFLAG(VM)>>17,GETFLAG(IOPL)>>12,GETFLAG(NT)>>14); data/dosbox-0.74-3/src/debug/debug.cpp:1860:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(out1,"GDT base=%08X limit=%08X",cpu.gdt.GetBase(),cpu.gdt.GetLimit()); data/dosbox-0.74-3/src/debug/debug.cpp:1862:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(out1,"IDT base=%08X limit=%08X",cpu.idt.GetBase(),cpu.idt.GetLimit()); data/dosbox-0.74-3/src/debug/debug.cpp:1868:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(out1,"TR selector=%04X, base=%08X limit=%08X*%X",sel,desc.GetBase(),desc.GetLimit(),desc.saved.seg.g?0x4000:1); data/dosbox-0.74-3/src/debug/debug.cpp:1873:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(out1,"LDT selector=%04X, base=%08X limit=%08X*%X",sel,desc.GetBase(),desc.GetLimit(),desc.saved.seg.g?0x4000:1); data/dosbox-0.74-3/src/debug/debug.cpp:1880:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char empty[23] = { 32,32,32,32,32,32,32,32,32,32,32,32,32,32,32,32,32,32,32,32,32,32,0 }; data/dosbox-0.74-3/src/debug/debug.cpp:1883:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dline[200];Bitu size; data/dosbox-0.74-3/src/debug/debug.cpp:1902:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ibytes[200]=""; char tmpc[200]; data/dosbox-0.74-3/src/debug/debug.cpp:1902:24: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ibytes[200]=""; char tmpc[200]; data/dosbox-0.74-3/src/debug/debug.cpp:1905:43: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. if (mem_readb_checked(start+i,&value)) sprintf(tmpc,"?? ",value); data/dosbox-0.74-3/src/debug/debug.cpp:1906:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. else sprintf(tmpc,"%02X ",value); data/dosbox-0.74-3/src/debug/debug.cpp:1954:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[128]; data/dosbox-0.74-3/src/debug/debug.cpp:1955:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char args[256+1]; data/dosbox-0.74-3/src/debug/debug.cpp:2091:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(name,"wb+"); data/dosbox-0.74-3/src/debug/debug.cpp:2115:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(name,"rb"); data/dosbox-0.74-3/src/debug/debug.cpp:2123:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[16]; data/dosbox-0.74-3/src/debug/debug.cpp:2137:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen("MEMDUMP.TXT","wt"); data/dosbox-0.74-3/src/debug/debug.cpp:2143:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[128]; data/dosbox-0.74-3/src/debug/debug.cpp:2144:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[16]; data/dosbox-0.74-3/src/debug/debug.cpp:2147:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer,"%04X:%04X ",seg,ofs1); data/dosbox-0.74-3/src/debug/debug.cpp:2150:58: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. if (mem_readb_checked(GetAddress(seg,ofs1+x),&value)) sprintf(temp,"?? ",value); data/dosbox-0.74-3/src/debug/debug.cpp:2151:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. else sprintf(temp,"%02X ",value); data/dosbox-0.74-3/src/debug/debug.cpp:2160:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer,"%04X:%04X ",seg,ofs1); data/dosbox-0.74-3/src/debug/debug.cpp:2163:58: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. if (mem_readb_checked(GetAddress(seg,ofs1+x),&value)) sprintf(temp,"?? ",value); data/dosbox-0.74-3/src/debug/debug.cpp:2164:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. else sprintf(temp,"%02X ",value); data/dosbox-0.74-3/src/debug/debug.cpp:2174:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen("MEMDUMP.BIN","wb"); data/dosbox-0.74-3/src/debug/debug.cpp:2191:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(filename, "wt"); data/dosbox-0.74-3/src/debug/debug.cpp:2211:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[DEBUG_VAR_BUF_LEN]; data/dosbox-0.74-3/src/debug/debug.cpp:2271:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dline[31]; data/dosbox-0.74-3/src/debug/debug.cpp:2272:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char res[23]; data/dosbox-0.74-3/src/debug/debug.cpp:2279:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char empty[23] = { 32,32,32,32,32,32,32,32,32,32,32,32,32,32,32,32,32,32,32,32,32,32,0 }; data/dosbox-0.74-3/src/debug/debug.cpp:2282:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dline[200]; data/dosbox-0.74-3/src/debug/debug_disasm.cpp:179:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char const* (*opmap1)[256]; data/dosbox-0.74-3/src/debug/debug_disasm.cpp:181:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char const * op386map1[256] = { data/dosbox-0.74-3/src/debug/debug_disasm.cpp:435:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buffer[11]; data/dosbox-0.74-3/src/debug/debug_disasm.cpp:439:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer, "%04X", (unsigned)fp_offset(addr) ); data/dosbox-0.74-3/src/debug/debug_disasm.cpp:441:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer, "%04X:%04X", (unsigned)fp_segment(addr), (unsigned)fp_offset(addr) ); data/dosbox-0.74-3/src/debug/debug_disasm.cpp:447:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer, "%04X", (unsigned)fp_offset(addr) ); data/dosbox-0.74-3/src/debug/debug_disasm.cpp:451:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer, "%08X", addr ); data/dosbox-0.74-3/src/debug/debug_disasm.cpp:527:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buff[6]; data/dosbox-0.74-3/src/debug/debug_gui.cpp:57:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[512]; data/dosbox-0.74-3/src/debug/debug_gui.cpp:105:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[512]; data/dosbox-0.74-3/src/debug/debug_gui.cpp:203:35: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if(blah && blah[0] &&(debuglog = fopen(blah,"wt+"))){ data/dosbox-0.74-3/src/debug/debug_gui.cpp:208:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/dosbox-0.74-3/src/debug/debug_gui.cpp:253:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/dosbox-0.74-3/src/debug/debug_inc.h:50:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dasm[80]; data/dosbox-0.74-3/src/debug/disasm_tables.h:19:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char * RegTable_16[8]= {"ax","cx","dx","bx","sp","bp","si","di"}; data/dosbox-0.74-3/src/debug/disasm_tables.h:20:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char * RegTable_8[8]= {"al","cl","dl","bl","ah","ch","dh","bh"}; data/dosbox-0.74-3/src/debug/disasm_tables.h:21:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char * SegTable[8]= {"es","cs","ss","ds","fs","gs","iseg","iseg"}; data/dosbox-0.74-3/src/debug/disasm_tables.h:58:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char * G1_Table[8]={"add ","or ","adc ","sbb ","and ","sub ","xor ","cmp "}; data/dosbox-0.74-3/src/debug/disasm_tables.h:59:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char * G2_Table[8]={"rol ","ror ","rcl ","rcr ","shl ","shr ","sal ","sar "}; data/dosbox-0.74-3/src/debug/disasm_tables.h:83:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char * G4_Table[8]={ data/dosbox-0.74-3/src/dos/cdrom.cpp:47:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[512]; data/dosbox-0.74-3/src/dos/cdrom.cpp:155:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[512]; data/dosbox-0.74-3/src/dos/cdrom.h:70:70: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. virtual bool GetUPC (unsigned char& attr, char* upc) { attr = 0; strcpy(upc,"UPC"); return true; }; data/dosbox-0.74-3/src/dos/cdrom.h:95:62: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. bool GetUPC (unsigned char& attr, char* upc) { attr = 0; strcpy(upc,"UPC"); return true; }; data/dosbox-0.74-3/src/dos/cdrom.h:299:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathname[32]; data/dosbox-0.74-3/src/dos/cdrom.h:359:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char device_name[512]; data/dosbox-0.74-3/src/dos/cdrom_aspi_win32.cpp:130:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char vendor[64]; data/dosbox-0.74-3/src/dos/cdrom_aspi_win32.cpp:153:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char subKey[256]; data/dosbox-0.74-3/src/dos/cdrom_aspi_win32.cpp:154:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[256]; data/dosbox-0.74-3/src/dos/cdrom_aspi_win32.cpp:170:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hardwareID[256]; data/dosbox-0.74-3/src/dos/cdrom_aspi_win32.cpp:227:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (szBuffer, "error" ); data/dosbox-0.74-3/src/dos/cdrom_aspi_win32.cpp:242:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char subKey[256]; data/dosbox-0.74-3/src/dos/cdrom_aspi_win32.cpp:297:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char key[2048]; data/dosbox-0.74-3/src/dos/cdrom_aspi_win32.cpp:300:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(key,"ENUM\\SCSI"); data/dosbox-0.74-3/src/dos/cdrom_aspi_win32.cpp:340:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szFName[16]; data/dosbox-0.74-3/src/dos/cdrom_aspi_win32.cpp:373:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char szBuf[1024]; data/dosbox-0.74-3/src/dos/cdrom_image.cpp:102:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buffer, sample->buffer, bytes); data/dosbox-0.74-3/src/dos/cdrom_image.cpp:105:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buffer, sample->buffer, count); data/dosbox-0.74-3/src/dos/cdrom_image.cpp:173:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MAX_LINE_LENGTH]; data/dosbox-0.74-3/src/dos/cdrom_image.cpp:415:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[MAX_FILENAME_LENGTH]; data/dosbox-0.74-3/src/dos/cdrom_image.cpp:432:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[MAX_FILENAME_LENGTH]; // dirname can change its argument data/dosbox-0.74-3/src/dos/cdrom_image.cpp:436:5: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). in.open(cuefile, ios::in); data/dosbox-0.74-3/src/dos/cdrom_image.cpp:441:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MAX_LINE_LENGTH]; data/dosbox-0.74-3/src/dos/cdrom_image.cpp:631:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fullname[CROSS_LEN]; data/dosbox-0.74-3/src/dos/cdrom_image.cpp:632:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[CROSS_LEN]; data/dosbox-0.74-3/src/dos/cdrom_image.cpp:677:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[MAX_FILENAME_LENGTH]; data/dosbox-0.74-3/src/dos/cdrom_ioctl_linux.cpp:39:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int cdrom_fd = open(device_name, O_RDONLY | O_NONBLOCK); data/dosbox-0.74-3/src/dos/cdrom_ioctl_linux.cpp:57:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int cdrom_fd = open(device_name, O_RDONLY | O_NONBLOCK); data/dosbox-0.74-3/src/dos/cdrom_ioctl_os2.cpp:48:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char data[50]; data/dosbox-0.74-3/src/dos/cdrom_ioctl_os2.cpp:138:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[3] = {0, 0, 0}; data/dosbox-0.74-3/src/dos/cdrom_ioctl_win32.cpp:48:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char error[256]; data/dosbox-0.74-3/src/dos/cdrom_ioctl_win32.cpp:59:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char device[3]; data/dosbox-0.74-3/src/dos/cdrom_ioctl_win32.cpp:567:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char letter [3] = { 0, ':', 0 }; data/dosbox-0.74-3/src/dos/cdrom_ioctl_win32.cpp:569:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(pathname,"\\\\.\\"); data/dosbox-0.74-3/src/dos/dos.cpp:87:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name1[DOSNAMEBUF+2+DOS_NAMELENGTH_ASCII]; data/dosbox-0.74-3/src/dos/dos.cpp:88:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name2[DOSNAMEBUF+2+DOS_NAMELENGTH_ASCII]; data/dosbox-0.74-3/src/dos/dos.cpp:344:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[1024]; data/dosbox-0.74-3/src/dos/dos_classes.cpp:363:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[11]; data/dosbox-0.74-3/src/dos/dos_classes.cpp:365:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pattern,temp,8); data/dosbox-0.74-3/src/dos/dos_classes.cpp:367:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&pattern[9],&temp[8],3); data/dosbox-0.74-3/src/dos/dos_devices.cpp:100:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). open=orig.open; data/dosbox-0.74-3/src/dos/dos_devices.cpp:114:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). open=orig.open; data/dosbox-0.74-3/src/dos/dos_devices.cpp:127:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fullname[DOS_PATHLENGTH];Bit8u drive; data/dosbox-0.74-3/src/dos/dos_devices.cpp:141:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char com[5] = { 'C','O','M','1',0 }; data/dosbox-0.74-3/src/dos/dos_devices.cpp:142:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char lpt[5] = { 'L','P','T','1',0 }; data/dosbox-0.74-3/src/dos/dos_execute.cpp:95:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char name[9]; data/dosbox-0.74-3/src/dos/dos_execute.cpp:98:21: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. if (!strlen(name)) strcpy(name,"DOSBOX"); data/dosbox-0.74-3/src/dos/dos_execute.cpp:200:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char namebuf[DOS_PATHLENGTH]; data/dosbox-0.74-3/src/dos/dos_execute.cpp:485:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char stripname[8]= { 0 };Bitu index=0; data/dosbox-0.74-3/src/dos/dos_files.cpp:67:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tempdir[DOS_PATHLENGTH]; data/dosbox-0.74-3/src/dos/dos_files.cpp:68:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char upname[DOS_PATHLENGTH]; data/dosbox-0.74-3/src/dos/dos_files.cpp:205:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. Bit8u drive;char fulldir[DOS_PATHLENGTH]; data/dosbox-0.74-3/src/dos/dos_files.cpp:218:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. Bit8u drive;char fulldir[DOS_PATHLENGTH]; data/dosbox-0.74-3/src/dos/dos_files.cpp:240:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. Bit8u drive;char fulldir[DOS_PATHLENGTH]; data/dosbox-0.74-3/src/dos/dos_files.cpp:248:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char currdir[DOS_PATHLENGTH]= { 0 }; data/dosbox-0.74-3/src/dos/dos_files.cpp:264:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. Bit8u driveold;char fullold[DOS_PATHLENGTH]; data/dosbox-0.74-3/src/dos/dos_files.cpp:265:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. Bit8u drivenew;char fullnew[DOS_PATHLENGTH]; data/dosbox-0.74-3/src/dos/dos_files.cpp:300:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. Bit8u drive;char fullsearch[DOS_PATHLENGTH]; data/dosbox-0.74-3/src/dos/dos_files.cpp:301:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dir[DOS_PATHLENGTH];char pattern[DOS_PATHLENGTH]; data/dosbox-0.74-3/src/dos/dos_files.cpp:301:27: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dir[DOS_PATHLENGTH];char pattern[DOS_PATHLENGTH]; data/dosbox-0.74-3/src/dos/dos_files.cpp:450:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[CROSS_LEN]; data/dosbox-0.74-3/src/dos/dos_files.cpp:455:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. Bit8u drive;char fulldir[DOS_PATHLENGTH]; data/dosbox-0.74-3/src/dos/dos_files.cpp:469:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fullname[DOS_PATHLENGTH];Bit8u drive; data/dosbox-0.74-3/src/dos/dos_files.cpp:525:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fullname[DOS_PATHLENGTH];Bit8u drive;Bit8u i; data/dosbox-0.74-3/src/dos/dos_files.cpp:622:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fullname[DOS_PATHLENGTH];Bit8u drive; data/dosbox-0.74-3/src/dos/dos_files.cpp:633:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fullname[DOS_PATHLENGTH];Bit8u drive; data/dosbox-0.74-3/src/dos/dos_files.cpp:649:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fullname[DOS_PATHLENGTH];Bit8u drive; data/dosbox-0.74-3/src/dos/dos_files.cpp:661:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fullname[DOS_PATHLENGTH]; data/dosbox-0.74-3/src/dos/dos_files.cpp:793:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char drive[2]; data/dosbox-0.74-3/src/dos/dos_files.cpp:794:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[9]; data/dosbox-0.74-3/src/dos/dos_files.cpp:795:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ext[4]; data/dosbox-0.74-3/src/dos/dos_files.cpp:797:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char full[DOS_FCBNAME]; data/dosbox-0.74-3/src/dos/dos_files.cpp:808:24: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sep[] = FCB_SEP;char a[2]; data/dosbox-0.74-3/src/dos/dos_files.cpp:829:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(fcb_name.part.name,". "); data/dosbox-0.74-3/src/dos/dos_files.cpp:836:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(fcb_name.part.name,".. "); data/dosbox-0.74-3/src/dos/dos_files.cpp:874:47: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. if (!hasname & !(parser & PARSE_BLNK_FNAME)) strcpy(fcb_name.part.name," "); data/dosbox-0.74-3/src/dos/dos_files.cpp:875:45: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. if (!hasext & !(parser & PARSE_BLNK_FEXT)) strcpy(fcb_name.part.ext," "); data/dosbox-0.74-3/src/dos/dos_files.cpp:897:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[DOS_NAMELENGTH_ASCII];Bit32u size;Bit16u date;Bit16u time;Bit8u attr;Bit8u drive; data/dosbox-0.74-3/src/dos/dos_files.cpp:898:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file_name[9];char ext[4]; data/dosbox-0.74-3/src/dos/dos_files.cpp:898:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file_name[9];char ext[4]; data/dosbox-0.74-3/src/dos/dos_files.cpp:912:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char shortname[DOS_FCBNAME];Bit16u handle; data/dosbox-0.74-3/src/dos/dos_files.cpp:921:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char shortname[DOS_FCBNAME];Bit16u handle; data/dosbox-0.74-3/src/dos/dos_files.cpp:926:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fullname[DOS_PATHLENGTH]; data/dosbox-0.74-3/src/dos/dos_files.cpp:961:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[DOS_FCBNAME];fcb.GetName(name); data/dosbox-0.74-3/src/dos/dos_files.cpp:1123:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char shortname[DOS_PATHLENGTH];Bit16u entry;Bit8u handle;Bit16u rec_size; data/dosbox-0.74-3/src/dos/dos_files.cpp:1149:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char shortname[DOS_FCBNAME] = { 0 }; data/dosbox-0.74-3/src/dos/dos_files.cpp:1162:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char oldname[DOS_FCBNAME]; data/dosbox-0.74-3/src/dos/dos_files.cpp:1163:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char newname[DOS_FCBNAME]; data/dosbox-0.74-3/src/dos/dos_files.cpp:1177:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fullname[DOS_PATHLENGTH];Bit8u drive; data/dosbox-0.74-3/src/dos/dos_ioctl.cpp:176:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[11] ={' '}; data/dosbox-0.74-3/src/dos/dos_ioctl.cpp:182:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buffer,bufin,size); data/dosbox-0.74-3/src/dos/dos_ioctl.cpp:184:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buffer+size,find_ext,(strlen(find_ext)>3) ? 3 : strlen(find_ext)); data/dosbox-0.74-3/src/dos/dos_ioctl.cpp:186:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buffer,bufin,(strlen(bufin) > 8) ? 8 : strlen(bufin)); data/dosbox-0.74-3/src/dos/dos_ioctl.cpp:189:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf2[8]={ 'F','A','T','1','6',' ',' ',' '}; data/dosbox-0.74-3/src/dos/dos_keyboard_layout.cpp:43:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fullname[DOS_PATHLENGTH]; data/dosbox-0.74-3/src/dos/dos_keyboard_layout.cpp:53:9: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). if (tmpfile != NULL) return tmpfile; data/dosbox-0.74-3/src/dos/dos_keyboard_layout.cpp:53:33: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). if (tmpfile != NULL) return tmpfile; data/dosbox-0.74-3/src/dos/dos_keyboard_layout.cpp:58:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *tmpfile=fopen(name, "rb"); data/dosbox-0.74-3/src/dos/dos_keyboard_layout.cpp:59:9: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). return tmpfile; data/dosbox-0.74-3/src/dos/dos_keyboard_layout.cpp:69:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(current_keyboard_file_name, "none"); data/dosbox-0.74-3/src/dos/dos_keyboard_layout.cpp:104:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char current_keyboard_file_name[256]; data/dosbox-0.74-3/src/dos/dos_keyboard_layout.cpp:175:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lng_codes[258]; data/dosbox-0.74-3/src/dos/dos_keyboard_layout.cpp:197:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(&lng_codes[lcpos],"%d",lcnum); data/dosbox-0.74-3/src/dos/dos_keyboard_layout.cpp:226:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lng_codes[258]; data/dosbox-0.74-3/src/dos/dos_keyboard_layout.cpp:247:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(&lng_codes[lcpos],"%d",lcnum); data/dosbox-0.74-3/src/dos/dos_keyboard_layout.cpp:270:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nbuf[512]; data/dosbox-0.74-3/src/dos/dos_keyboard_layout.cpp:616:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nbuf[512]; data/dosbox-0.74-3/src/dos/dos_keyboard_layout.cpp:695:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cp_filename[512]; data/dosbox-0.74-3/src/dos/dos_keyboard_layout.cpp:705:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(cp_filename, "EGA.CPI"); break; data/dosbox-0.74-3/src/dos/dos_keyboard_layout.cpp:707:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(cp_filename, "EGA2.CPI"); break; data/dosbox-0.74-3/src/dos/dos_keyboard_layout.cpp:709:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(cp_filename, "EGA3.CPI"); break; data/dosbox-0.74-3/src/dos/dos_keyboard_layout.cpp:711:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(cp_filename, "EGA4.CPI"); break; data/dosbox-0.74-3/src/dos/dos_keyboard_layout.cpp:713:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(cp_filename, "EGA5.CPI"); break; data/dosbox-0.74-3/src/dos/dos_keyboard_layout.cpp:715:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(cp_filename, "EGA6.CPI"); break; data/dosbox-0.74-3/src/dos/dos_keyboard_layout.cpp:717:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(cp_filename, "EGA7.CPI"); break; data/dosbox-0.74-3/src/dos/dos_keyboard_layout.cpp:719:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(cp_filename, "EGA8.CPI"); break; data/dosbox-0.74-3/src/dos/dos_keyboard_layout.cpp:721:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(cp_filename, "EGA9.CPI"); break; data/dosbox-0.74-3/src/dos/dos_keyboard_layout.cpp:723:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(cp_filename, "EGA10.CPI"); break; data/dosbox-0.74-3/src/dos/dos_keyboard_layout.cpp:733:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nbuf[512]; data/dosbox-0.74-3/src/dos/dos_keyboard_layout.cpp:957:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tbuf[256]; data/dosbox-0.74-3/src/dos/dos_keyboard_layout.cpp:1099:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char layoutID_string[KL_NAMELENGTH]; data/dosbox-0.74-3/src/dos/dos_memory.cpp:110:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char psp_name[9]; data/dosbox-0.74-3/src/dos/dos_mscdex.cpp:571:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char id[5]; data/dosbox-0.74-3/src/dos/dos_mscdex.cpp:665:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char volumeID[6] = {0}; data/dosbox-0.74-3/src/dos/dos_mscdex.cpp:666:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char searchName[256]; data/dosbox-0.74-3/src/dos/dos_mscdex.cpp:667:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char entryName[256]; data/dosbox-0.74-3/src/dos/dos_mscdex.cpp:743:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( &writeBuf[1], &readBuf[0x2], 4); // 01h DWORD Logical Block Number of file start data/dosbox-0.74-3/src/dos/dos_mscdex.cpp:745:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( &writeBuf[7], &readBuf[0xa], 4); // 07h DWORD file length in bytes data/dosbox-0.74-3/src/dos/dos_mscdex.cpp:746:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( &writeBuf[0xb], &readBuf[0x12], 7); // 0bh DWORD date and time data/dosbox-0.74-3/src/dos/dos_mscdex.cpp:750:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( &writeBuf[0x15], &readBuf[0x1c], 2); // 15h WORD volume set sequence number data/dosbox-0.74-3/src/dos/dos_mscdex.cpp:752:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( &writeBuf[0x18], &readBuf[21], readBuf[0x20] <= 38 ? readBuf[0x20] : 38 ); data/dosbox-0.74-3/src/dos/dos_mscdex.cpp:949:18: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. Bit8u attr; char upc[8]; data/dosbox-0.74-3/src/dos/dos_programs.cpp:94:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[DOS_NAMELENGTH_ASCII];Bit32u size;Bit16u date;Bit16u time;Bit8u attr; data/dosbox-0.74-3/src/dos/dos_programs.cpp:107:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char root[7] = {static_cast<char>('A'+d),':','\\','*','.','*',0}; data/dosbox-0.74-3/src/dos/dos_programs.cpp:167:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ppp[2] = {newz[0],0}; data/dosbox-0.74-3/src/dos/dos_programs.cpp:227:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char teststr[1024]; data/dosbox-0.74-3/src/dos/dos_programs.cpp:228:41: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). Bit16u sizemb = static_cast<Bit16u>(atoi(mb_size.c_str())); data/dosbox-0.74-3/src/dos/dos_programs.cpp:230:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(teststr,"512,1,2880,%d",sizemb*1024/(512*1)); data/dosbox-0.74-3/src/dos/dos_programs.cpp:232:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(teststr,"512,127,16513,%d",sizemb*1024*1024/(512*127)); data/dosbox-0.74-3/src/dos/dos_programs.cpp:238:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char number[21] = { 0 };const char * scan = str_size.c_str(); data/dosbox-0.74-3/src/dos/dos_programs.cpp:244:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sizes[count++] = atoi(number); data/dosbox-0.74-3/src/dos/dos_programs.cpp:251:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sizes[count] = atoi(number); data/dosbox-0.74-3/src/dos/dos_programs.cpp:481:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char emm[9] = { 'E','M','M','X','X','X','X','0',0 }; data/dosbox-0.74-3/src/dos/dos_programs.cpp:507:9: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). FILE *tmpfile; data/dosbox-0.74-3/src/dos/dos_programs.cpp:508:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fullname[DOS_PATHLENGTH]; data/dosbox-0.74-3/src/dos/dos_programs.cpp:524:10: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). fseek(tmpfile,0L, SEEK_END); data/dosbox-0.74-3/src/dos/dos_programs.cpp:525:20: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). *ksize = (ftell(tmpfile) / 1024); data/dosbox-0.74-3/src/dos/dos_programs.cpp:526:19: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). *bsize = ftell(tmpfile); data/dosbox-0.74-3/src/dos/dos_programs.cpp:527:11: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). fclose(tmpfile); data/dosbox-0.74-3/src/dos/dos_programs.cpp:541:11: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). return tmpfile; data/dosbox-0.74-3/src/dos/dos_programs.cpp:551:6: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). if(tmpfile) return tmpfile; data/dosbox-0.74-3/src/dos/dos_programs.cpp:551:22: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). if(tmpfile) return tmpfile; data/dosbox-0.74-3/src/dos/dos_programs.cpp:556:7: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). if(!tmpfile) { data/dosbox-0.74-3/src/dos/dos_programs.cpp:562:11: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). fseek(tmpfile,0L, SEEK_END); data/dosbox-0.74-3/src/dos/dos_programs.cpp:563:21: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). *ksize = (ftell(tmpfile) / 1024); data/dosbox-0.74-3/src/dos/dos_programs.cpp:564:20: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). *bsize = ftell(tmpfile); data/dosbox-0.74-3/src/dos/dos_programs.cpp:565:12: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). return tmpfile; data/dosbox-0.74-3/src/dos/dos_programs.cpp:572:9: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). fseek(tmpfile,0L, SEEK_END); data/dosbox-0.74-3/src/dos/dos_programs.cpp:573:19: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). *ksize = (ftell(tmpfile) / 1024); data/dosbox-0.74-3/src/dos/dos_programs.cpp:574:18: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). *bsize = ftell(tmpfile); data/dosbox-0.74-3/src/dos/dos_programs.cpp:575:10: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). return tmpfile; data/dosbox-0.74-3/src/dos/dos_programs.cpp:585:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char test[20]; data/dosbox-0.74-3/src/dos/dos_programs.cpp:586:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(test,"umb=false"); data/dosbox-0.74-3/src/dos/dos_programs.cpp:588:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(test,"xms=false"); data/dosbox-0.74-3/src/dos/dos_programs.cpp:590:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(test,"ems=false"); data/dosbox-0.74-3/src/dos/dos_programs.cpp:700:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmdlist[1024]; data/dosbox-0.74-3/src/dos/dos_programs.cpp:704:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[257]; data/dosbox-0.74-3/src/dos/dos_programs.cpp:881:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fullname[DOS_PATHLENGTH]; data/dosbox-0.74-3/src/dos/dos_programs.cpp:895:10: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). fseek(tmpfile, 0L, SEEK_END); data/dosbox-0.74-3/src/dos/dos_programs.cpp:896:14: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). if (ftell(tmpfile)>0x10000) { data/dosbox-0.74-3/src/dos/dos_programs.cpp:900:10: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). fseek(tmpfile, 0L, SEEK_SET); data/dosbox-0.74-3/src/dos/dos_programs.cpp:906:49: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). Bitu data_read=fread(vga_buffer, 1, 0x10000, tmpfile); data/dosbox-0.74-3/src/dos/dos_programs.cpp:910:11: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). fclose(tmpfile); data/dosbox-0.74-3/src/dos/dos_programs.cpp:951:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). kb = atoi(temp_line.c_str()+1); data/dosbox-0.74-3/src/dos/dos_programs.cpp:967:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[128]; data/dosbox-0.74-3/src/dos/dos_programs.cpp:971:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char args[256]; data/dosbox-0.74-3/src/dos/dos_programs.cpp:1111:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char number[21] = { 0 };const char * scan = str_size.c_str(); data/dosbox-0.74-3/src/dos/dos_programs.cpp:1117:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sizes[count++] = atoi(number); data/dosbox-0.74-3/src/dos/dos_programs.cpp:1124:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sizes[count] = atoi(number); data/dosbox-0.74-3/src/dos/dos_programs.cpp:1168:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fullname[CROSS_LEN]; data/dosbox-0.74-3/src/dos/dos_programs.cpp:1169:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[CROSS_LEN]; data/dosbox-0.74-3/src/dos/dos_programs.cpp:1371:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tried_cp=atoi(cp_string.c_str()); data/dosbox-0.74-3/src/dos/dos_programs.cpp:1372:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cp_file_name[256]; data/dosbox-0.74-3/src/dos/dos_programs.cpp:1378:6: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(cp_file_name, "auto"); data/dosbox-0.74-3/src/dos/drive_cache.cpp:135:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char labellocal[256]={ 0 }; data/dosbox-0.74-3/src/dos/drive_cache.cpp:136:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char drive[4] = "C:\\"; data/dosbox-0.74-3/src/dos/drive_cache.cpp:163:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char work [CROSS_LEN] = { 0 }; data/dosbox-0.74-3/src/dos/drive_cache.cpp:164:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dir [CROSS_LEN]; data/dosbox-0.74-3/src/dos/drive_cache.cpp:196:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file [CROSS_LEN]; data/dosbox-0.74-3/src/dos/drive_cache.cpp:197:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char expand [CROSS_LEN]; data/dosbox-0.74-3/src/dos/drive_cache.cpp:233:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char expand [CROSS_LEN]; data/dosbox-0.74-3/src/dos/drive_cache.cpp:243:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char expand[CROSS_LEN] = { 0 }; data/dosbox-0.74-3/src/dos/drive_cache.cpp:247:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[CROSS_LEN] = { 0 }; data/dosbox-0.74-3/src/dos/drive_cache.cpp:280:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char expand[CROSS_LEN] = {0}; data/dosbox-0.74-3/src/dos/drive_cache.cpp:451:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buff[CROSS_LEN]; data/dosbox-0.74-3/src/dos/drive_cache.cpp:481:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmpNameBuffer[CROSS_LEN]; data/dosbox-0.74-3/src/dos/drive_cache.cpp:508:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[CROSS_LEN]; data/dosbox-0.74-3/src/dos/drive_cache.cpp:515:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[8]; data/dosbox-0.74-3/src/dos/drive_cache.cpp:517:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer,"%d",info->shortNr); data/dosbox-0.74-3/src/dos/drive_cache.cpp:567:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char split[2] = { CROSS_FILESPLIT,0 }; data/dosbox-0.74-3/src/dos/drive_cache.cpp:569:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dir [CROSS_LEN]; data/dosbox-0.74-3/src/dos/drive_cache.cpp:570:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char work [CROSS_LEN]; data/dosbox-0.74-3/src/dos/drive_cache.cpp:591:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[CROSS_LEN]; data/dosbox-0.74-3/src/dos/drive_cache.cpp:621:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[CROSS_LEN]; data/dosbox-0.74-3/src/dos/drive_cache.cpp:645:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char expand[CROSS_LEN] = {0}; data/dosbox-0.74-3/src/dos/drive_cache.cpp:657:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char expandcopy [CROSS_LEN]; data/dosbox-0.74-3/src/dos/drive_cache.cpp:660:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char end[2]={CROSS_FILESPLIT,0}; data/dosbox-0.74-3/src/dos/drive_cache.cpp:735:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dir_name[CROSS_LEN]; data/dosbox-0.74-3/src/dos/drive_cache.cpp:764:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char res[CROSS_LEN] = { 0 }; data/dosbox-0.74-3/src/dos/drive_fat.cpp:398:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dirtoken[DOS_PATHLENGTH]; data/dosbox-0.74-3/src/dos/drive_fat.cpp:420:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dirtoken[DOS_PATHLENGTH]; data/dosbox-0.74-3/src/dos/drive_fat.cpp:442:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char find_name[DOS_NAMELENGTH_ASCII];Bit16u find_date,find_time;Bit32u find_size;Bit8u find_attr; data/dosbox-0.74-3/src/dos/drive_fat.cpp:459:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(useEntry, &foundEntry, sizeof(direntry)); data/dosbox-0.74-3/src/dos/drive_fat.cpp:467:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dirtoken[DOS_PATHLENGTH]; data/dosbox-0.74-3/src/dos/drive_fat.cpp:483:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char find_name[DOS_NAMELENGTH_ASCII];Bit16u find_date,find_time;Bit32u find_size;Bit8u find_attr; data/dosbox-0.74-3/src/dos/drive_fat.cpp:776:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dirName[DOS_NAMELENGTH_ASCII]; data/dosbox-0.74-3/src/dos/drive_fat.cpp:777:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathName[11]; data/dosbox-0.74-3/src/dos/drive_fat.cpp:794:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&fileEntry.entryname, &pathName[0], 11); data/dosbox-0.74-3/src/dos/drive_fat.cpp:859:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. Bit8u attr;char pattern[DOS_NAMELENGTH_ASCII]; data/dosbox-0.74-3/src/dos/drive_fat.cpp:905:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char srch_pattern[DOS_NAMELENGTH_ASCII]; data/dosbox-0.74-3/src/dos/drive_fat.cpp:906:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char find_name[DOS_NAMELENGTH_ASCII]; data/dosbox-0.74-3/src/dos/drive_fat.cpp:907:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char extension[4]; data/dosbox-0.74-3/src/dos/drive_fat.cpp:941:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(find_name,§buf[entryoffset].entryname[0],8); data/dosbox-0.74-3/src/dos/drive_fat.cpp:942:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(extension,§buf[entryoffset].entryname[8],3); data/dosbox-0.74-3/src/dos/drive_fat.cpp:958:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(foundEntry, §buf[entryoffset], sizeof(direntry)); data/dosbox-0.74-3/src/dos/drive_fat.cpp:973:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dirName[DOS_NAMELENGTH_ASCII]; data/dosbox-0.74-3/src/dos/drive_fat.cpp:974:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathName[11]; data/dosbox-0.74-3/src/dos/drive_fat.cpp:1028:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(useEntry, §buf[entryoffset],sizeof(direntry)); data/dosbox-0.74-3/src/dos/drive_fat.cpp:1062:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(§buf[entryoffset], useEntry, sizeof(direntry)); data/dosbox-0.74-3/src/dos/drive_fat.cpp:1126:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dirName[DOS_NAMELENGTH_ASCII]; data/dosbox-0.74-3/src/dos/drive_fat.cpp:1127:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathName[11]; data/dosbox-0.74-3/src/dos/drive_fat.cpp:1149:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&tmpentry.entryname, &pathName[0], 11); data/dosbox-0.74-3/src/dos/drive_fat.cpp:1158:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&tmpentry.entryname, ". ", 11); data/dosbox-0.74-3/src/dos/drive_fat.cpp:1166:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&tmpentry.entryname, ".. ", 11); data/dosbox-0.74-3/src/dos/drive_fat.cpp:1178:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dirName[DOS_NAMELENGTH_ASCII]; data/dosbox-0.74-3/src/dos/drive_fat.cpp:1179:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathName[11]; data/dosbox-0.74-3/src/dos/drive_fat.cpp:1241:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dirName2[DOS_NAMELENGTH_ASCII]; data/dosbox-0.74-3/src/dos/drive_fat.cpp:1242:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathName2[11]; data/dosbox-0.74-3/src/dos/drive_fat.cpp:1249:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&fileEntry2, &fileEntry1, sizeof(direntry)); data/dosbox-0.74-3/src/dos/drive_fat.cpp:1250:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&fileEntry2.entryname, &pathName2[0], 11); data/dosbox-0.74-3/src/dos/drive_iso.cpp:79:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&data[nowSize], &buffer[sectorPos], remSector); data/dosbox-0.74-3/src/dos/drive_iso.cpp:89:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&data[nowSize], &buffer[sectorPos], remSize); data/dosbox-0.74-3/src/dos/drive_iso.cpp:159:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(info, "isoDrive "); data/dosbox-0.74-3/src/dos/drive_iso.cpp:163:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[32] = { 0 }; data/dosbox-0.74-3/src/dos/drive_iso.cpp:168:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(info, "isoDrive "); data/dosbox-0.74-3/src/dos/drive_iso.cpp:172:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[32] = { 0 }; data/dosbox-0.74-3/src/dos/drive_iso.cpp:173:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buffer, "Audio_CD"); data/dosbox-0.74-3/src/dos/drive_iso.cpp:186:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathCopy[CROSS_LEN]; data/dosbox-0.74-3/src/dos/drive_iso.cpp:264:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pattern[ISO_MAXPATHNAME]; data/dosbox-0.74-3/src/dos/drive_iso.cpp:288:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pattern[DOS_NAMELENGTH_ASCII]; data/dosbox-0.74-3/src/dos/drive_iso.cpp:305:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char findName[DOS_NAMELENGTH_ASCII]; data/dosbox-0.74-3/src/dos/drive_iso.cpp:479:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(de, data, data[0]);//Perharps care about a zero at the end. data/dosbox-0.74-3/src/dos/drive_iso.cpp:490:59: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. else if (de->fileIdentLength == 1 && de->ident[0] == 1) strcpy((char*)de->ident, ".."); data/dosbox-0.74-3/src/dos/drive_iso.cpp:533:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char isoPath[ISO_MAXPATHNAME]; data/dosbox-0.74-3/src/dos/drive_local.cpp:53:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char newname[CROSS_LEN]; data/dosbox-0.74-3/src/dos/drive_local.cpp:92:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char newname[CROSS_LEN]; data/dosbox-0.74-3/src/dos/drive_local.cpp:119:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char newname[CROSS_LEN]; data/dosbox-0.74-3/src/dos/drive_local.cpp:138:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char newname[CROSS_LEN]; data/dosbox-0.74-3/src/dos/drive_local.cpp:179:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tempDir[CROSS_LEN]; data/dosbox-0.74-3/src/dos/drive_local.cpp:188:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char end[2]={CROSS_FILESPLIT,0}; data/dosbox-0.74-3/src/dos/drive_local.cpp:235:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char full_name[CROSS_LEN]; data/dosbox-0.74-3/src/dos/drive_local.cpp:236:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dir_entcopy[CROSS_LEN]; data/dosbox-0.74-3/src/dos/drive_local.cpp:238:18: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. Bit8u srch_attr;char srch_pattern[DOS_NAMELENGTH_ASCII]; data/dosbox-0.74-3/src/dos/drive_local.cpp:267:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char find_name[DOS_NAMELENGTH_ASCII];Bit16u find_date,find_time;Bit32u find_size; data/dosbox-0.74-3/src/dos/drive_local.cpp:288:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char newname[CROSS_LEN]; data/dosbox-0.74-3/src/dos/drive_local.cpp:305:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char newdir[CROSS_LEN]; data/dosbox-0.74-3/src/dos/drive_local.cpp:320:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char newdir[CROSS_LEN]; data/dosbox-0.74-3/src/dos/drive_local.cpp:330:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char newdir[CROSS_LEN]; data/dosbox-0.74-3/src/dos/drive_local.cpp:348:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char newold[CROSS_LEN]; data/dosbox-0.74-3/src/dos/drive_local.cpp:354:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char newnew[CROSS_LEN]; data/dosbox-0.74-3/src/dos/drive_local.cpp:375:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char newname[CROSS_LEN]; data/dosbox-0.74-3/src/dos/drive_local.cpp:380:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* Temp=fopen(newname,"rb"); //No reading done, so no wrapping for 0.74-3 (later code uses different calls) data/dosbox-0.74-3/src/dos/drive_local.cpp:387:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char newname[CROSS_LEN]; data/dosbox-0.74-3/src/dos/drive_local.cpp:531:6: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if(!open) return false; data/dosbox-0.74-3/src/dos/drive_local.cpp:562:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(info, "CDRom "); data/dosbox-0.74-3/src/dos/drive_local.cpp:566:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[32]; data/dosbox-0.74-3/src/dos/drive_local.cpp:618:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[32]; data/dosbox-0.74-3/src/dos/drive_local.cpp:629:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[32]; data/dosbox-0.74-3/src/dos/drive_virtual.cpp:94:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data,&file_data[file_pos],left); data/dosbox-0.74-3/src/dos/drive_virtual.cpp:97:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data,&file_data[file_pos],*size); data/dosbox-0.74-3/src/dos/drive_virtual.cpp:138:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(info,"Internal Virtual Drive"); data/dosbox-0.74-3/src/dos/drive_virtual.cpp:205:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. Bit8u attr;char pattern[DOS_NAMELENGTH_ASCII]; data/dosbox-0.74-3/src/dos/drive_virtual.cpp:220:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. Bit8u attr;char pattern[DOS_NAMELENGTH_ASCII]; data/dosbox-0.74-3/src/dos/drives.cpp:29:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file_name[9]; data/dosbox-0.74-3/src/dos/drives.cpp:30:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file_ext[4]; data/dosbox-0.74-3/src/dos/drives.cpp:31:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char wild_name[9]; data/dosbox-0.74-3/src/dos/drives.cpp:32:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char wild_ext[4]; data/dosbox-0.74-3/src/dos/drives.cpp:36:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(file_name," "); data/dosbox-0.74-3/src/dos/drives.cpp:37:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(file_ext," "); data/dosbox-0.74-3/src/dos/drives.cpp:38:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(wild_name," "); data/dosbox-0.74-3/src/dos/drives.cpp:39:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(wild_ext," "); data/dosbox-0.74-3/src/dos/drives.cpp:45:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(file_name,file,size); data/dosbox-0.74-3/src/dos/drives.cpp:47:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(file_ext,find_ext,(strlen(find_ext)>3) ? 3 : strlen(find_ext)); data/dosbox-0.74-3/src/dos/drives.cpp:49:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(file_name,file,(strlen(file) > 8) ? 8 : strlen(file)); data/dosbox-0.74-3/src/dos/drives.cpp:56:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(wild_name,wild,size); data/dosbox-0.74-3/src/dos/drives.cpp:58:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(wild_ext,find_ext,(strlen(find_ext)>3) ? 3 : strlen(find_ext)); data/dosbox-0.74-3/src/dos/drives.cpp:60:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(wild_name,wild,(strlen(wild) > 8) ? 8 : strlen(wild)); data/dosbox-0.74-3/src/dos/drives.h:75:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char basedir[CROSS_LEN]; data/dosbox-0.74-3/src/dos/drives.h:78:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char srch_dir[CROSS_LEN]; data/dosbox-0.74-3/src/dos/drives.h:191:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char srch_dir[CROSS_LEN]; data/dosbox-0.74-3/src/dos/drives.h:365:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fileName[CROSS_LEN]; data/dosbox-0.74-3/src/dos/drives.h:368:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char discLabel[32]; data/dosbox-0.74-3/src/gui/dosbox_splash.h:9:14: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. do { memcpy (__ip, __rd, 4); __ip += 4; } while (--__l); __rd += 4; \ data/dosbox-0.74-3/src/gui/dosbox_splash.h:10:26: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. } else { __l *= 4; memcpy (__ip, __rd, __l); \ data/dosbox-0.74-3/src/gui/dosbox_splash.h:15:14: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. do { memcpy (__ip, __rd, 3); __ip += 3; } while (--__l); __rd += 3; \ data/dosbox-0.74-3/src/gui/dosbox_splash.h:16:26: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. } else { __l *= 3; memcpy (__ip, __rd, __l); \ data/dosbox-0.74-3/src/gui/dosbox_splash.h:23:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char rle_pixel_data[24875 + 1]; data/dosbox-0.74-3/src/gui/midi_alsa.h:129:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char var[10]; data/dosbox-0.74-3/src/gui/midi_coremidi.h:35:39: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(conf && conf[0]) destId = atoi(conf); data/dosbox-0.74-3/src/gui/midi_oss.h:31:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char devname[512]; data/dosbox-0.74-3/src/gui/midi_oss.h:33:8: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. else strcpy(devname,"/dev/sequencer"); data/dosbox-0.74-3/src/gui/midi_oss.h:37:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). device_num=atoi(devfind); data/dosbox-0.74-3/src/gui/midi_oss.h:40:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). device=open(devname, O_WRONLY, 0); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:123:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char entry[16]; data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:203:25: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. if (mods & BMOD_Mod1) strcat(buf," mod1"); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:204:25: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. if (mods & BMOD_Mod2) strcat(buf," mod2"); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:205:25: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. if (mods & BMOD_Mod3) strcat(buf," mod3"); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:206:26: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. if (flags & BFLG_Hold) strcat(buf," hold"); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:361:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. typedef char assert_right_size [MAX_SCANCODES == (sizeof(sdlkey_map)/sizeof(sdlkey_map[0])) ? 1 : -1]; data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:467:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"key %d",MapSDLCode((Bitu)key)); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:606:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(configname,"stick_%d",emustick); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:877:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char configname[10]; data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:1358:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char caption[128]; data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:1629:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256];_bind->BindName(buf); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:1678:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[64]; data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:1679:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(buf,"key_"); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:1687:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[64]; data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:1694:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[64]; data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:1700:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[64]; data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:1701:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"jbutton_%d_%d",stick,button); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:1706:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[64]; data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:1707:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"jbutton_%d_%d",stick,button); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:1712:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[64]; data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:1713:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"jhat_%d_%d_%d",_stick,_hat,_dir); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:1719:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[64]; data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:1720:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"mod_%d",_mod); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:2058:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[512]; data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:2065:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer,"mod_1 \"key %d\"",SDLK_RCTRL);CreateStringBind(buffer); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:2066:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer,"mod_1 \"key %d\"",SDLK_LCTRL);CreateStringBind(buffer); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:2067:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer,"mod_2 \"key %d\"",SDLK_RALT);CreateStringBind(buffer); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:2068:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer,"mod_2 \"key %d\"",SDLK_LALT);CreateStringBind(buffer); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:2075:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer,"jbutton_0_0 \"stick_0 button 0\" ");CreateStringBind(buffer); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:2076:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer,"jbutton_0_1 \"stick_0 button 1\" ");CreateStringBind(buffer); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:2077:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer,"jbutton_0_2 \"stick_0 button 2\" ");CreateStringBind(buffer); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:2078:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer,"jbutton_0_3 \"stick_0 button 3\" ");CreateStringBind(buffer); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:2079:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer,"jbutton_0_4 \"stick_0 button 4\" ");CreateStringBind(buffer); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:2080:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer,"jbutton_0_5 \"stick_0 button 5\" ");CreateStringBind(buffer); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:2082:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer,"jbutton_1_0 \"stick_1 button 0\" ");CreateStringBind(buffer); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:2083:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer,"jbutton_1_1 \"stick_1 button 1\" ");CreateStringBind(buffer); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:2086:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer,"jaxis_0_0- \"stick_0 axis 0 0\" ");CreateStringBind(buffer); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:2087:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer,"jaxis_0_0+ \"stick_0 axis 0 1\" ");CreateStringBind(buffer); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:2088:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer,"jaxis_0_1- \"stick_0 axis 1 0\" ");CreateStringBind(buffer); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:2089:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer,"jaxis_0_1+ \"stick_0 axis 1 1\" ");CreateStringBind(buffer); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:2090:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer,"jaxis_0_2- \"stick_0 axis 2 0\" ");CreateStringBind(buffer); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:2091:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer,"jaxis_0_2+ \"stick_0 axis 2 1\" ");CreateStringBind(buffer); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:2092:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer,"jaxis_0_3- \"stick_0 axis 3 0\" ");CreateStringBind(buffer); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:2093:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer,"jaxis_0_3+ \"stick_0 axis 3 1\" ");CreateStringBind(buffer); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:2095:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer,"jaxis_1_0- \"stick_1 axis 0 0\" ");CreateStringBind(buffer); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:2096:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer,"jaxis_1_0+ \"stick_1 axis 0 1\" ");CreateStringBind(buffer); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:2097:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer,"jaxis_1_1- \"stick_1 axis 1 0\" ");CreateStringBind(buffer); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:2098:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer,"jaxis_1_1+ \"stick_1 axis 1 1\" ");CreateStringBind(buffer); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:2101:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer,"jhat_0_0_0 \"stick_0 hat 0 1\" ");CreateStringBind(buffer); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:2102:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer,"jhat_0_0_1 \"stick_0 hat 0 2\" ");CreateStringBind(buffer); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:2103:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer,"jhat_0_0_2 \"stick_0 hat 0 4\" ");CreateStringBind(buffer); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:2104:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer,"jhat_0_0_3 \"stick_0 hat 0 8\" ");CreateStringBind(buffer); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:2112:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tempname[17]; data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:2113:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(tempname,"hand_"); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:2120:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE * savefile=fopen(mapper.filename.c_str(),"wt+"); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:2125:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[128]; data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:2142:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE * loadfile=fopen(mapper.filename.c_str(),"rt"); data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:2144:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char linein[512]; data/dosbox-0.74-3/src/gui/sdlmain.cpp:288:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char title[200]={0}; data/dosbox-0.74-3/src/gui/sdlmain.cpp:299:13: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. if(paused) strcat(title," PAUSED"); data/dosbox-0.74-3/src/gui/sdlmain.cpp:303:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char logo[32*32*4]= { data/dosbox-0.74-3/src/gui/sdlmain.cpp:1132:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char res[100]; data/dosbox-0.74-3/src/gui/sdlmain.cpp:1141:40: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sdl.desktop.full.height = (Bit16u)atoi(height+1); data/dosbox-0.74-3/src/gui/sdlmain.cpp:1142:40: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sdl.desktop.full.width = (Bit16u)atoi(res); data/dosbox-0.74-3/src/gui/sdlmain.cpp:1152:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char res[100]; data/dosbox-0.74-3/src/gui/sdlmain.cpp:1159:41: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sdl.desktop.window.height = (Bit16u)atoi(height+1); data/dosbox-0.74-3/src/gui/sdlmain.cpp:1160:41: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sdl.desktop.window.width = (Bit16u)atoi(res); data/dosbox-0.74-3/src/gui/sdlmain.cpp:1619:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[512]; data/dosbox-0.74-3/src/gui/sdlmain.cpp:1747:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(path.c_str(),"r"); data/dosbox-0.74-3/src/gui/sdlmain.cpp:1797:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(path.c_str(),"r"); data/dosbox-0.74-3/src/gui/sdlmain.cpp:1808:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen("dosbox.conf","r"); data/dosbox-0.74-3/src/gui/sdlmain.cpp:1817:6: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(path.c_str(),"r"); data/dosbox-0.74-3/src/gui/sdlmain.cpp:1825:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* g = fopen("dosbox.conf","r"); data/dosbox-0.74-3/src/gui/sdlmain.cpp:1835:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(path.c_str(),"r"); data/dosbox-0.74-3/src/gui/sdlmain.cpp:1947:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sdl_drv_name[128]; data/dosbox-0.74-3/src/hardware/adlib.cpp:246:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( header.id, "DBRAWOPL", 8 ); data/dosbox-0.74-3/src/hardware/adlib.cpp:571:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char b[16 * 1024]; data/dosbox-0.74-3/src/hardware/hardware.cpp:91:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file_start[16]; data/dosbox-0.74-3/src/hardware/hardware.cpp:109:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tempname[CROSS_LEN]; data/dosbox-0.74-3/src/hardware/hardware.cpp:117:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). Bitu num=atoi(&tempname[strlen(file_start)]); data/dosbox-0.74-3/src/hardware/hardware.cpp:121:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file_name[CROSS_LEN]; data/dosbox-0.74-3/src/hardware/hardware.cpp:124:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE * handle=fopen(file_name,"wb"); data/dosbox-0.74-3/src/hardware/hardware.cpp:175:22: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. #define AVIOUT4(_S_) memcpy(&avi_header[header_pos],_S_,4);header_pos+=4; data/dosbox-0.74-3/src/hardware/hardware.cpp:286:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(capture.video.index, "idx1", 4); data/dosbox-0.74-3/src/hardware/hardware.cpp:584:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( &capture.video.audiobuf[capture.video.audioused], data, left*4); data/dosbox-0.74-3/src/hardware/hardware.cpp:612:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( &capture.wave.buf[capture.wave.used], read, left*4); data/dosbox-0.74-3/src/hardware/iohandler.cpp:284:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&old_lflags,&lflags,sizeof(LazyFlags)); data/dosbox-0.74-3/src/hardware/iohandler.cpp:307:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&lflags,&old_lflags,sizeof(LazyFlags)); data/dosbox-0.74-3/src/hardware/iohandler.cpp:320:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&old_lflags,&lflags,sizeof(LazyFlags)); data/dosbox-0.74-3/src/hardware/iohandler.cpp:343:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&lflags,&old_lflags,sizeof(LazyFlags)); data/dosbox-0.74-3/src/hardware/iohandler.cpp:356:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&old_lflags,&lflags,sizeof(LazyFlags)); data/dosbox-0.74-3/src/hardware/iohandler.cpp:379:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&lflags,&old_lflags,sizeof(LazyFlags)); data/dosbox-0.74-3/src/hardware/iohandler.cpp:389:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&old_lflags,&lflags,sizeof(LazyFlags)); data/dosbox-0.74-3/src/hardware/iohandler.cpp:410:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&lflags,&old_lflags,sizeof(LazyFlags)); data/dosbox-0.74-3/src/hardware/iohandler.cpp:426:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&old_lflags,&lflags,sizeof(LazyFlags)); data/dosbox-0.74-3/src/hardware/iohandler.cpp:447:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&lflags,&old_lflags,sizeof(LazyFlags)); data/dosbox-0.74-3/src/hardware/iohandler.cpp:462:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&old_lflags,&lflags,sizeof(LazyFlags)); data/dosbox-0.74-3/src/hardware/iohandler.cpp:483:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&lflags,&old_lflags,sizeof(LazyFlags)); data/dosbox-0.74-3/src/hardware/ipx.cpp:131:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(databuffer,buffer,length); data/dosbox-0.74-3/src/hardware/ipx.cpp:316:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&opensockets[i], &opensockets[i+1], SOCKTABLESIZE - (i + 1)); data/dosbox-0.74-3/src/hardware/ipx.cpp:734:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[1024]; data/dosbox-0.74-3/src/hardware/ipx.cpp:745:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(outHeader, regHeader, sizeof(IPXHeader)); data/dosbox-0.74-3/src/hardware/ipx.cpp:974:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char strHost[1024]; data/dosbox-0.74-3/src/hardware/serialport/directserial.cpp:48:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errorbuffer[256]; data/dosbox-0.74-3/src/hardware/serialport/libserial.cpp:50:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char extended_portname[256] = "\\\\.\\"; data/dosbox-0.74-3/src/hardware/serialport/libserial.cpp:51:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(extended_portname+4,portname,len+1); data/dosbox-0.74-3/src/hardware/serialport/libserial.cpp:72:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&newdcb,&cp->orig_dcb,sizeof(DCB)); data/dosbox-0.74-3/src/hardware/serialport/libserial.cpp:148:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buffer,err5text,sysmsg_offset); data/dosbox-0.74-3/src/hardware/serialport/libserial.cpp:152:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buffer,err2text,sysmsg_offset); data/dosbox-0.74-3/src/hardware/serialport/libserial.cpp:156:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buffer + sysmsg_offset, sysmessagebuffer, data/dosbox-0.74-3/src/hardware/serialport/libserial.cpp:292:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char extended_portname[256] = "/dev/"; data/dosbox-0.74-3/src/hardware/serialport/libserial.cpp:293:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(extended_portname+5,portname,len); data/dosbox-0.74-3/src/hardware/serialport/libserial.cpp:295:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). cp->porthandle = open (extended_portname, O_RDWR | O_NOCTTY | O_NONBLOCK); data/dosbox-0.74-3/src/hardware/serialport/libserial.cpp:303:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&termInfo,&cp->backup,sizeof(termios)); data/dosbox-0.74-3/src/hardware/serialport/libserial.cpp:348:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buffer,err5text,sysmsg_offset); data/dosbox-0.74-3/src/hardware/serialport/libserial.cpp:352:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buffer,err2text,sysmsg_offset); data/dosbox-0.74-3/src/hardware/serialport/libserial.cpp:355:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer + sysmsg_offset, "System error %d.",error); data/dosbox-0.74-3/src/hardware/serialport/libserial.cpp:518:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&newdcb,&cp->orig_dcb,sizeof(DCBINFO)); data/dosbox-0.74-3/src/hardware/serialport/libserial.cpp:549:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buffer, "TODO: error handling is not fun"); data/dosbox-0.74-3/src/hardware/serialport/misc_util.cpp:182:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf((char*)buffer,"%u.%u.%u.%u",b1,b2,b3,b4); data/dosbox-0.74-3/src/hardware/serialport/nullmodem.cpp:158:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(hostnamebuffer,hostnamechar,hostlen); data/dosbox-0.74-3/src/hardware/serialport/serialport.cpp:204:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[512]; data/dosbox-0.74-3/src/hardware/serialport/serialport.cpp:206:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"%12.3f [% 7u] ",PIC_FullIndex(), SDL_GetTicks()); data/dosbox-0.74-3/src/hardware/serialport/serialport.cpp:213:24: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. if(buf[len-1]!='\n') strcat(buf,"\r\n"); data/dosbox-0.74-3/src/hardware/serialport/softmodem.cpp:184:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). port=(Bit16u)atoi(hasport); data/dosbox-0.74-3/src/hardware/serialport/softmodem.cpp:375:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[128]; data/dosbox-0.74-3/src/hardware/serialport/softmodem.h:200:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmdbuf[255]; data/dosbox-0.74-3/src/hardware/serialport/softmodem.h:247:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[256]; data/dosbox-0.74-3/src/hardware/vga_draw.cpp:159:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(vga.draw.linear_base+vga.draw.linear_mask+1, vga.draw.linear_base, vga.draw.line_length); data/dosbox-0.74-3/src/hardware/vga_draw.cpp:163:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( TempLine, ret, vga.draw.line_length ); data/dosbox-0.74-3/src/hardware/vga_draw.cpp:182:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(vga.draw.linear_base+vga.draw.linear_mask+1, vga.draw.linear_base, vga.draw.line_length); data/dosbox-0.74-3/src/hardware/vga_draw.cpp:186:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( TempLine, ret, vga.draw.line_length ); data/dosbox-0.74-3/src/hardware/vga_draw.cpp:237:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(TempLine, &vga.mem.linear[ vidstart ], vga.draw.width); data/dosbox-0.74-3/src/hardware/vga_draw.cpp:281:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(TempLine, &vga.mem.linear[ vidstart ], vga.draw.width*2); data/dosbox-0.74-3/src/hardware/vga_draw.cpp:323:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(TempLine, &vga.mem.linear[ vidstart ], vga.draw.width*4); data/dosbox-0.74-3/src/hardware/vga_draw.cpp:358:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&TempLine[sizeof(TempLine)/2], &vga.tandy.draw_base[vidstart], break_pos); data/dosbox-0.74-3/src/hardware/vga_draw.cpp:359:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&TempLine[sizeof(TempLine)/2 + break_pos],&vga.tandy.draw_base[0], line_end - break_pos); data/dosbox-0.74-3/src/hardware/vga_other.cpp:572:23: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. for (i=0;i<256;i++) memcpy(&vga.draw.font[i*32],&int10_font_08[i*8],8); data/dosbox-0.74-3/src/hardware/vga_other.cpp:577:23: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. for (i=0;i<256;i++) memcpy(&vga.draw.font[i*32],&int10_font_14[i*14],14); data/dosbox-0.74-3/src/ints/bios_disk.cpp:192:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(diskname, imgName, 511); data/dosbox-0.74-3/src/ints/ems.cpp:86:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[8]; data/dosbox-0.74-3/src/ints/ems.cpp:506:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[9]; data/dosbox-0.74-3/src/ints/ems.cpp:1384:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[32]= { 0 }; data/dosbox-0.74-3/src/libs/gui_tk/gui_tk.cpp:225:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buffer+src.cw*h,src.buffer+src.width*(h+src.ty)+src.tx,4*src.cw); data/dosbox-0.74-3/src/libs/gui_tk/gui_tk.cpp:1593:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char title[256]; data/dosbox-0.74-3/src/libs/gui_tk/gui_tk.cpp:1594:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(title,"Window %i",++n); data/dosbox-0.74-3/src/libs/zmbv/zmbv.cpp:311:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&palette,pal, palsize * 4); data/dosbox-0.74-3/src/libs/zmbv/zmbv.cpp:323:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(destStart, lineData[i], lineWidth ); data/dosbox-0.74-3/src/libs/zmbv/zmbv.cpp:336:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&work[workUsed], readFrame, width*pixelsize); data/dosbox-0.74-3/src/libs/zmbv/zmbv.cpp:448:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(writeframe,&work[workPos],width*pixelsize); data/dosbox-0.74-3/src/libs/zmbv/zmbv.h:80:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char palette[256*4]; data/dosbox-0.74-3/src/misc/cross.cpp:43:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char result[MAX_PATH] = { 0 }; data/dosbox-0.74-3/src/misc/cross.cpp:138:30: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. if (dirname[len-1] == '\\') strcat(dir.base_path,"*.*"); data/dosbox-0.74-3/src/misc/cross.cpp:139:30: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. else strcat(dir.base_path,"\\*.*"); data/dosbox-0.74-3/src/misc/cross.cpp:208:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buffer[2*CROSS_LEN] = { 0 }; data/dosbox-0.74-3/src/misc/cross.cpp:239:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buffer[2*CROSS_LEN] = { 0 }; data/dosbox-0.74-3/src/misc/cross.cpp:264:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char work[CROSS_LEN] = {0}; data/dosbox-0.74-3/src/misc/cross.cpp:309:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). return fopen(path,mode); data/dosbox-0.74-3/src/misc/messages.cpp:74:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE * mfile=fopen(fname,"rt"); data/dosbox-0.74-3/src/misc/messages.cpp:79:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char linein[LINE_IN_MAXLEN]; data/dosbox-0.74-3/src/misc/messages.cpp:80:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[LINE_IN_MAXLEN]; data/dosbox-0.74-3/src/misc/messages.cpp:81:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char string[LINE_IN_MAXLEN*10]; data/dosbox-0.74-3/src/misc/messages.cpp:128:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* out=fopen(location,"w+t"); data/dosbox-0.74-3/src/misc/programs.cpp:56:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(comdata,&exe_block,sizeof(exe_block)); data/dosbox-0.74-3/src/misc/programs.cpp:65:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&comdata[sizeof(exe_block)],&index,sizeof(index)); data/dosbox-0.74-3/src/misc/programs.cpp:104:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[256+1]; data/dosbox-0.74-3/src/misc/programs.cpp:132:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[2048]; data/dosbox-0.74-3/src/misc/programs.cpp:172:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char env_string[1024+1]; data/dosbox-0.74-3/src/misc/programs.cpp:194:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char env_string[1024+1]; data/dosbox-0.74-3/src/misc/programs.cpp:227:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char env_string[1024+1] = { 0 }; data/dosbox-0.74-3/src/misc/programs.cpp:272:5: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f=fopen(temp_line.c_str(),"wb+"); data/dosbox-0.74-3/src/misc/programs.cpp:289:5: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f=fopen(temp_line.c_str(),"wb+"); data/dosbox-0.74-3/src/misc/programs.cpp:353:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char copy[1024]; data/dosbox-0.74-3/src/misc/programs.cpp:378:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[1024];strcpy(buffer,copy);strcat(buffer,"=");strcat(buffer,temp); data/dosbox-0.74-3/src/misc/setup.cpp:613:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[50];char helpline[256]; data/dosbox-0.74-3/src/misc/setup.cpp:613:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[50];char helpline[256]; data/dosbox-0.74-3/src/misc/setup.cpp:614:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* outfile=fopen(configfilename,"w+t"); data/dosbox-0.74-3/src/misc/setup.cpp:635:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char prefix[80]; data/dosbox-0.74-3/src/misc/setup.cpp:663:4: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(temp,"_CONFIGFILE_HELP"); data/dosbox-0.74-3/src/misc/setup.cpp:829:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char copy[1024]; data/dosbox-0.74-3/src/misc/setup.cpp:876:8: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). value=atoi((*it_next).c_str()); data/dosbox-0.74-3/src/misc/support.cpp:173:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[1024]; //greater scope as else it doesn't always gets thrown right (linux/gcc2.95) data/dosbox-0.74-3/src/shell/shell.cpp:46:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char autoexec_data[AUTOEXEC_SIZE] = { 0 }; data/dosbox-0.74-3/src/shell/shell.cpp:271:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char input_line[CMD_MAXLINE] = {0}; data/dosbox-0.74-3/src/shell/shell.cpp:287:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char input_line[CMD_MAXLINE] = {0}; data/dosbox-0.74-3/src/shell/shell.cpp:381:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[CROSS_LEN]; data/dosbox-0.74-3/src/shell/shell.cpp:382:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char orig[CROSS_LEN]; data/dosbox-0.74-3/src/shell/shell.cpp:383:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cross_filesplit[2] = {CROSS_FILESPLIT , 0}; data/dosbox-0.74-3/src/shell/shell_batch.cpp:32:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char totalname[DOS_PATHLENGTH+4]; data/dosbox-0.74-3/src/shell/shell_batch.cpp:61:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[CMD_MAXLINE]; data/dosbox-0.74-3/src/shell/shell_batch.cpp:166:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmd_buffer[CMD_MAXLINE]; data/dosbox-0.74-3/src/shell/shell_cmds.cpp:111:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char newcom[1024]; newcom[0] = 0; strcpy(newcom,"z:\\config "); data/dosbox-0.74-3/src/shell/shell_cmds.cpp:111:36: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. char newcom[1024]; newcom[0] = 0; strcpy(newcom,"z:\\config "); data/dosbox-0.74-3/src/shell/shell_cmds.cpp:121:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmd_buffer[CMD_MAXLINE]; data/dosbox-0.74-3/src/shell/shell_cmds.cpp:187:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char full[DOS_PATHLENGTH]; data/dosbox-0.74-3/src/shell/shell_cmds.cpp:188:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[CROSS_LEN]; data/dosbox-0.74-3/src/shell/shell_cmds.cpp:201:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[DOS_NAMELENGTH_ASCII];Bit32u size;Bit16u time,date;Bit8u attr; data/dosbox-0.74-3/src/shell/shell_cmds.cpp:242:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dir_source[DOS_PATHLENGTH]={0}; data/dosbox-0.74-3/src/shell/shell_cmds.cpp:251:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dir_current[DOS_PATHLENGTH + 1]; data/dosbox-0.74-3/src/shell/shell_cmds.cpp:271:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[512]; data/dosbox-0.74-3/src/shell/shell_cmds.cpp:304:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dir[DOS_PATHLENGTH]; data/dosbox-0.74-3/src/shell/shell_cmds.cpp:379:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"%d,%03d,%03d,%03d",numg,numm,numk,numb); data/dosbox-0.74-3/src/shell/shell_cmds.cpp:383:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"%d,%03d,%03d",numm,numk,numb); data/dosbox-0.74-3/src/shell/shell_cmds.cpp:387:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"%d,%03d",numk,numb); data/dosbox-0.74-3/src/shell/shell_cmds.cpp:390:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"%d",numb); data/dosbox-0.74-3/src/shell/shell_cmds.cpp:395:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char numformat[16]; data/dosbox-0.74-3/src/shell/shell_cmds.cpp:396:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[DOS_PATHLENGTH]; data/dosbox-0.74-3/src/shell/shell_cmds.cpp:425:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[CROSS_LEN]; data/dosbox-0.74-3/src/shell/shell_cmds.cpp:429:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(args,"*.*"); //no arguments. data/dosbox-0.74-3/src/shell/shell_cmds.cpp:435:4: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(args,"*.*"); data/dosbox-0.74-3/src/shell/shell_cmds.cpp:446:4: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(args,"\\*.*"); // if no wildcard and a directory, get its files data/dosbox-0.74-3/src/shell/shell_cmds.cpp:450:3: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(args,".*"); // if no extension, get them all data/dosbox-0.74-3/src/shell/shell_cmds.cpp:473:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[DOS_NAMELENGTH_ASCII];Bit32u size;Bit16u date;Bit16u time;Bit8u attr; data/dosbox-0.74-3/src/shell/shell_cmds.cpp:566:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[DOS_NAMELENGTH_ASCII]; data/dosbox-0.74-3/src/shell/shell_cmds.cpp:585:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char source_x[DOS_PATHLENGTH+CROSS_LEN]; data/dosbox-0.74-3/src/shell/shell_cmds.cpp:600:7: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(source_x,"\\*.*"); data/dosbox-0.74-3/src/shell/shell_cmds.cpp:640:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathSource[DOS_PATHLENGTH]; data/dosbox-0.74-3/src/shell/shell_cmds.cpp:641:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathTarget[DOS_PATHLENGTH]; data/dosbox-0.74-3/src/shell/shell_cmds.cpp:678:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nameTarget[DOS_PATHLENGTH]; data/dosbox-0.74-3/src/shell/shell_cmds.cpp:679:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nameSource[DOS_PATHLENGTH]; data/dosbox-0.74-3/src/shell/shell_cmds.cpp:749:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char parsed[CMD_MAXLINE]; data/dosbox-0.74-3/src/shell/shell_cmds.cpp:941:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mountstring[DOS_PATHLENGTH+CROSS_LEN+20]; data/dosbox-0.74-3/src/shell/shell_cmds.cpp:942:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp_str[2] = { 0,0 }; data/dosbox-0.74-3/src/shell/shell_cmds.cpp:944:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(mountstring,"MOUNT "); data/dosbox-0.74-3/src/shell/shell_cmds.cpp:961:18: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. Bit8u drive;char fulldir[DOS_PATHLENGTH]; data/dosbox-0.74-3/src/shell/shell_cmds.cpp:965:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char newname[CROSS_LEN]; data/dosbox-0.74-3/src/shell/shell_cmds.cpp:1008:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char defchoice[3] = {'y','n',0}; data/dosbox-0.74-3/src/shell/shell_cmds.cpp:1067:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathstring[DOS_PATHLENGTH+CROSS_LEN+20]={ 0 }; data/dosbox-0.74-3/src/shell/shell_cmds.cpp:1068:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(pathstring,"set PATH="); data/dosbox-0.74-3/src/shell/shell_cmds.cpp:1090:31: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). dos.version.major = (Bit8u)(atoi(word)); data/dosbox-0.74-3/src/shell/shell_cmds.cpp:1091:31: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). dos.version.minor = (Bit8u)(atoi(args)); data/dosbox-0.74-3/src/shell/shell_misc.cpp:32:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dir[DOS_PATHLENGTH]; data/dosbox-0.74-3/src/shell/shell_misc.cpp:238:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mask[DOS_PATHLENGTH] = {0}; data/dosbox-0.74-3/src/shell/shell_misc.cpp:254:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(mask, "*.*"); data/dosbox-0.74-3/src/shell/shell_misc.cpp:267:6: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[DOS_NAMELENGTH_ASCII];Bit32u sz;Bit16u date;Bit16u time;Bit8u att; data/dosbox-0.74-3/src/shell/shell_misc.cpp:365:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fullname[DOS_PATHLENGTH+4]; //stores results from Which data/dosbox-0.74-3/src/shell/shell_misc.cpp:367:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[CMD_MAXLINE]; data/dosbox-0.74-3/src/shell/shell_misc.cpp:402:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp_name[DOS_PATHLENGTH+4],* temp_fullname; data/dosbox-0.74-3/src/shell/shell_misc.cpp:406:3: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(temp_name,".COM"); data/dosbox-0.74-3/src/shell/shell_misc.cpp:413:4: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(temp_name,".EXE"); data/dosbox-0.74-3/src/shell/shell_misc.cpp:420:5: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(temp_name,".BAT"); data/dosbox-0.74-3/src/shell/shell_misc.cpp:466:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cmdtail.buffer,line,strlen(line)); data/dosbox-0.74-3/src/shell/shell_misc.cpp:513:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char which_ret[DOS_PATHLENGTH+4]; data/dosbox-0.74-3/src/shell/shell_misc.cpp:536:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[DOS_PATHLENGTH];std::string temp; data/dosbox-0.74-3/include/dos_system.h:75:85: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). virtual void SetName(const char* _name) { if (name) delete[] name; name = new char[strlen(_name)+1]; strcpy(name,_name); } data/dosbox-0.74-3/include/paging.h:145:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). HostPt read; data/dosbox-0.74-3/include/paging.h:162:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). HostPt read[TLB_SIZE]; data/dosbox-0.74-3/include/paging.h:201:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). return paging.tlb.read[address>>12]; data/dosbox-0.74-3/include/paging.h:238:33: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). return get_tlb_entry(address)->read; data/dosbox-0.74-3/include/support.h:36:34: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). #define safe_strncpy(a,b,n) do { strncpy((a),(b),(n)-1); (a)[(n)-1] = 0; } while (0) data/dosbox-0.74-3/src/cpu/callback.cpp:134:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). CallBack_Description[nr] = new char[strlen(descr)+1]; data/dosbox-0.74-3/src/cpu/core_dyn_x86/decoder.h:510:34: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). cache_addd((Bit32u)(&paging.tlb.read[0])); data/dosbox-0.74-3/src/cpu/core_dyn_x86/decoder.h:548:34: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). cache_addd((Bit32u)(&paging.tlb.read[0])); data/dosbox-0.74-3/src/cpu/core_dyn_x86/decoder.h:603:35: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). cache_addd((Bit32u)(&paging.tlb.read[0])); data/dosbox-0.74-3/src/cpu/core_dyn_x86/decoder.h:649:35: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). cache_addd((Bit32u)(&paging.tlb.read[0])); data/dosbox-0.74-3/src/cpu/paging.cpp:650:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). paging.tlb.read[i]=0; data/dosbox-0.74-3/src/cpu/paging.cpp:662:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). paging.tlb.read[page]=0; data/dosbox-0.74-3/src/cpu/paging.cpp:672:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). paging.tlb.read[lin_page]=0; data/dosbox-0.74-3/src/cpu/paging.cpp:683:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). paging.tlb.read[lin_page]=0; data/dosbox-0.74-3/src/cpu/paging.cpp:704:50: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (handler->flags & PFLAG_READABLE) paging.tlb.read[lin_page]=handler->GetHostReadPt(phys_page)-lin_base; data/dosbox-0.74-3/src/cpu/paging.cpp:705:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). else paging.tlb.read[lin_page]=0; data/dosbox-0.74-3/src/cpu/paging.cpp:726:50: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (handler->flags & PFLAG_READABLE) paging.tlb.read[lin_page]=handler->GetHostReadPt(phys_page)-lin_base; data/dosbox-0.74-3/src/cpu/paging.cpp:727:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). else paging.tlb.read[lin_page]=0; data/dosbox-0.74-3/src/debug/debug.cpp:817:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t dline_len = strlen(dline); data/dosbox-0.74-3/src/debug/debug.cpp:821:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t res_len = strlen(res); data/dosbox-0.74-3/src/debug/debug.cpp:1409:44: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(inst," ("); strcat(inst,descr); strcat(inst,")"); data/dosbox-0.74-3/src/debug/debug.cpp:1635:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(codeViewData.inputStr)>0) codeViewData.inputStr[strlen(codeViewData.inputStr)-1] = 0; data/dosbox-0.74-3/src/debug/debug.cpp:1635:64: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(codeViewData.inputStr)>0) codeViewData.inputStr[strlen(codeViewData.inputStr)-1] = 0; data/dosbox-0.74-3/src/debug/debug.cpp:1637:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). default : if ((key>=32) && (key<=128) && (strlen(codeViewData.inputStr)<253)) { data/dosbox-0.74-3/src/debug/debug.cpp:1638:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). Bit32u len = strlen(codeViewData.inputStr); data/dosbox-0.74-3/src/debug/debug.cpp:1889:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). Bitu reslen = strlen(res); data/dosbox-0.74-3/src/debug/debug.cpp:1892:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). Bitu len = strlen(dline); data/dosbox-0.74-3/src/debug/debug.cpp:1909:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(ibytes); data/dosbox-0.74-3/src/debug/debug.cpp:1964:4: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(args,temp_line.c_str(),256); data/dosbox-0.74-3/src/debug/debug.cpp:1965:4: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is low because the source is a constant character. strncat(args," ",256); data/dosbox-0.74-3/src/debug/debug.cpp:2288:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). Bitu reslen = strlen(res); data/dosbox-0.74-3/src/debug/debug.cpp:2292:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). Bitu len = strlen(dline); data/dosbox-0.74-3/src/debug/debug_gui.cpp:64:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). Bitu len=strlen(buf); data/dosbox-0.74-3/src/debug/debug_gui.cpp:65:23: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. if(buf[len-1]!='\n') strcat(buf,"\n"); data/dosbox-0.74-3/src/debug/debug_gui.cpp:211:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). buf[strlen(buf)]=0; data/dosbox-0.74-3/src/dos/cdrom.h:113:16: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). virtual bool read(Bit8u *buffer, int seek, int count) = 0; data/dosbox-0.74-3/src/dos/cdrom.h:122:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). bool read(Bit8u *buffer, int seek, int count); data/dosbox-0.74-3/src/dos/cdrom.h:134:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). bool read(Bit8u *buffer, int seek, int count); data/dosbox-0.74-3/src/dos/cdrom_aspi_win32.cpp:231:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t len = strlen(szBuffer); data/dosbox-0.74-3/src/dos/cdrom_image.cpp:59:41: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). bool CDROM_Interface_Image::BinaryFile::read(Bit8u *buffer, int seek, int count) data/dosbox-0.74-3/src/dos/cdrom_image.cpp:62:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). file->read((char*)buffer, count); data/dosbox-0.74-3/src/dos/cdrom_image.cpp:89:40: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). bool CDROM_Interface_Image::AudioFile::read(Bit8u *buffer, int seek, int count) data/dosbox-0.74-3/src/dos/cdrom_image.cpp:175:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). Bit16u size = (Bit16u)strlen(buf); data/dosbox-0.74-3/src/dos/cdrom_image.cpp:312:29: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). return tracks[track].file->read(buffer, seek, length); data/dosbox-0.74-3/src/dos/cdrom_image.cpp:401:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). file->read(pvd, seek, COOKED_SECTOR_SIZE); data/dosbox-0.74-3/src/dos/cdrom_ioctl_linux.cpp:34:2: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(device_name, ""); data/dosbox-0.74-3/src/dos/cdrom_ioctl_linux.cpp:73:23: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (ret >= 0) ret = read(cdrom_fd, buf, buflen); data/dosbox-0.74-3/src/dos/cdrom_ioctl_os2.cpp:37:5: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(device_name, ""); data/dosbox-0.74-3/src/dos/cdrom_ioctl_os2.cpp:122:46: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). rc = DosRead(cdrom_fd, buf, buflen, &read); data/dosbox-0.74-3/src/dos/cdrom_ioctl_os2.cpp:123:31: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (rc != NO_ERROR || read != buflen) { data/dosbox-0.74-3/src/dos/cdrom_ioctl_os2.cpp:144:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(device_name, temp, 512); data/dosbox-0.74-3/src/dos/cdrom_ioctl_os2.cpp:146:13: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(device_name, ""); data/dosbox-0.74-3/src/dos/dos.cpp:198:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read) { //Something to backspace. data/dosbox-0.74-3/src/dos/dos.cpp:203:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). --read; data/dosbox-0.74-3/src/dos/dos.cpp:207:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read >= free) { // Keyboard buffer full data/dosbox-0.74-3/src/dos/dos.cpp:218:22: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). mem_writeb(data+1,read); data/dosbox-0.74-3/src/dos/dos.cpp:686:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). MEM_BlockWrite(SegPhys(ds)+reg_si,name1,(Bitu)(strlen(name1)+1)); data/dosbox-0.74-3/src/dos/dos.cpp:859:52: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). MEM_BlockWrite(SegPhys(ds)+reg_dx,name1,(Bitu)(strlen(name1)+1)); data/dosbox-0.74-3/src/dos/dos.cpp:908:52: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). MEM_BlockWrite(SegPhys(es)+reg_di,name2,(Bitu)(strlen(name2)+1)); data/dosbox-0.74-3/src/dos/dos_classes.cpp:334:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). MEM_BlockWrite(pt+offsetof(sDTA,sext),find_ext,(strlen(find_ext)>3) ? 3 : (Bitu)strlen(find_ext)); data/dosbox-0.74-3/src/dos/dos_classes.cpp:334:83: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). MEM_BlockWrite(pt+offsetof(sDTA,sext),find_ext,(strlen(find_ext)>3) ? 3 : (Bitu)strlen(find_ext)); data/dosbox-0.74-3/src/dos/dos_classes.cpp:336:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). MEM_BlockWrite(pt+offsetof(sDTA,sname),pattern,(strlen(pattern) > 8) ? 8 : (Bitu)strlen(pattern)); data/dosbox-0.74-3/src/dos/dos_classes.cpp:336:84: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). MEM_BlockWrite(pt+offsetof(sDTA,sname),pattern,(strlen(pattern) > 8) ? 8 : (Bitu)strlen(pattern)); data/dosbox-0.74-3/src/dos/dos_devices.cpp:104:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). name=new char [strlen(orig.name) + 1];strcpy(name,orig.name); data/dosbox-0.74-3/src/dos/dos_devices.cpp:120:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). name=new char [strlen(orig.name) + 1];strcpy(name,orig.name); data/dosbox-0.74-3/src/dos/dos_execute.cpp:98:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(name)) strcpy(name,"DOSBOX"); data/dosbox-0.74-3/src/dos/dos_execute.cpp:202:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). MEM_BlockWrite(envwrite,namebuf,(Bitu)(strlen(namebuf)+1)); data/dosbox-0.74-3/src/dos/dos_files.cpp:131:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). Bit32s templen=(Bit32s)strlen(tempdir); data/dosbox-0.74-3/src/dos/dos_files.cpp:139:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for(iDown=(Bit32s)strlen(fullname)-1;iDown>=0;iDown--) { data/dosbox-0.74-3/src/dos/dos_files.cpp:159:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). lastdir=(Bit32u)strlen(fullname); data/dosbox-0.74-3/src/dos/dos_files.cpp:161:20: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. if (lastdir!=0) strcat(fullname,"\\"); data/dosbox-0.74-3/src/dos/dos_files.cpp:176:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if((strlen(tempdir) - strlen(ext)) > 8) memmove(tempdir + 8, ext, 5); data/dosbox-0.74-3/src/dos/dos_files.cpp:176:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if((strlen(tempdir) - strlen(ext)) > 8) memmove(tempdir + 8, ext, 5); data/dosbox-0.74-3/src/dos/dos_files.cpp:179:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(fullname)+strlen(tempdir)>=DOS_PATHLENGTH) { data/dosbox-0.74-3/src/dos/dos_files.cpp:179:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(fullname)+strlen(tempdir)>=DOS_PATHLENGTH) { data/dosbox-0.74-3/src/dos/dos_files.cpp:219:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t len = strlen(dir); data/dosbox-0.74-3/src/dos/dos_files.cpp:302:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t len = strlen(search); data/dosbox-0.74-3/src/dos/dos_files.cpp:733:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t namelen=strlen(name); data/dosbox-0.74-3/src/dos/dos_files.cpp:889:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i=strlen(name);i<8;i++) filename[i]=' '; data/dosbox-0.74-3/src/dos/dos_files.cpp:891:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i=strlen(ext);i<3;i++) ext[i]=' '; data/dosbox-0.74-3/src/dos/dos_ioctl.cpp:184:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memcpy(buffer+size,find_ext,(strlen(find_ext)>3) ? 3 : strlen(find_ext)); data/dosbox-0.74-3/src/dos/dos_ioctl.cpp:184:62: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memcpy(buffer+size,find_ext,(strlen(find_ext)>3) ? 3 : strlen(find_ext)); data/dosbox-0.74-3/src/dos/dos_ioctl.cpp:186:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memcpy(buffer,bufin,(strlen(bufin) > 8) ? 8 : strlen(bufin)); data/dosbox-0.74-3/src/dos/dos_ioctl.cpp:186:53: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memcpy(buffer,bufin,(strlen(bufin) > 8) ? 8 : strlen(bufin)); data/dosbox-0.74-3/src/dos/dos_keyboard_layout.cpp:737:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t strsz=strlen(nbuf); data/dosbox-0.74-3/src/dos/dos_keyboard_layout.cpp:959:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t newlen=strlen(tbuf); data/dosbox-0.74-3/src/dos/dos_keyboard_layout.cpp:1101:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(layoutID_string) == 8) { data/dosbox-0.74-3/src/dos/dos_misc.cpp:115:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t nlen=strlen(filename); data/dosbox-0.74-3/src/dos/dos_misc.cpp:116:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t extlen=strlen(dotpos); data/dosbox-0.74-3/src/dos/dos_misc.cpp:136:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t nlen=strlen(filename); data/dosbox-0.74-3/src/dos/dos_mscdex.cpp:679:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t searchlen = strlen(searchName); data/dosbox-0.74-3/src/dos/dos_programs.cpp:707:8: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(buf,(char*)&rombuf[ct+1],clen); data/dosbox-0.74-3/src/dos/dos_programs.cpp:710:8: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(cmdlist," "); data/dosbox-0.74-3/src/dos/dos_programs.cpp:731:8: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(buf,(char*)&rombuf[ct+1],clen); data/dosbox-0.74-3/src/dos/dos_programs.cpp:734:8: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(cmdlist," "); data/dosbox-0.74-3/src/dos/dos_programs.cpp:975:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(sizeof(args)-strlen(args)-1 < temp_line.length()+1) data/dosbox-0.74-3/src/dos/dos_programs.cpp:978:5: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(args," "); data/dosbox-0.74-3/src/dos/drive_cache.cpp:182:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t len = strlen(work); data/dosbox-0.74-3/src/dos/drive_cache.cpp:363:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t len = strlen(shortname); data/dosbox-0.74-3/src/dos/drive_cache.cpp:387:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char* end = name + strlen(name); data/dosbox-0.74-3/src/dos/drive_cache.cpp:448:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(shortName) < 8 || shortName[4] != '~' || shortName[5] == '.' || shortName[6] == '.' || shortName[7] == '.') return -1; // not available data/dosbox-0.74-3/src/dos/drive_cache.cpp:494:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(pos)>4) { data/dosbox-0.74-3/src/dos/drive_cache.cpp:500:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else len = (Bits)strlen(tmpName); data/dosbox-0.74-3/src/dos/drive_cache.cpp:502:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = (Bits)strlen(tmpName); data/dosbox-0.74-3/src/dos/drive_cache.cpp:520:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t buflen = strlen(buffer); data/dosbox-0.74-3/src/dos/drive_cache.cpp:525:3: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(info->shortname,"~"); data/dosbox-0.74-3/src/dos/drive_cache.cpp:532:4: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(info->shortname,pos,4); data/dosbox-0.74-3/src/dos/drive_cache.cpp:584:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). start += strlen(basePath); data/dosbox-0.74-3/src/dos/drive_cache.cpp:661:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (expandcopy[strlen(expandcopy)-1]!=CROSS_FILESPLIT) strcat(expandcopy,end); data/dosbox-0.74-3/src/dos/drive_fat.cpp:76:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). flen = (Bit32u)strlen(filename); data/dosbox-0.74-3/src/dos/drive_fat.cpp:419:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t len = strlen(filename); data/dosbox-0.74-3/src/dos/drive_fat.cpp:466:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). Bit32u len = (Bit32u)strlen(dir); data/dosbox-0.74-3/src/dos/drive_fat.cpp:881:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char* end = str + strlen(str); data/dosbox-0.74-3/src/dos/drive_fat.cpp:888:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t len = strlen(str); data/dosbox-0.74-3/src/dos/drive_fat.cpp:946:3: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(find_name, "."); data/dosbox-0.74-3/src/dos/drive_iso.cpp:164:48: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. if (!MSCDEX_GetVolumeName(subUnit, buffer)) strcpy(buffer, ""); data/dosbox-0.74-3/src/dos/drive_iso.cpp:268:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(discLabel) != 0) { data/dosbox-0.74-3/src/dos/drive_iso.cpp:307:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen((char*)de.ident) < DOS_NAMELENGTH_ASCII) { data/dosbox-0.74-3/src/dos/drive_iso.cpp:489:54: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. if (de->fileIdentLength == 1 && de->ident[0] == 0) strcpy((char*)de->ident, "."); data/dosbox-0.74-3/src/dos/drive_iso.cpp:501:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t tmp = strlen((char*)de->ident); data/dosbox-0.74-3/src/dos/drive_iso.cpp:512:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen((char*)de->ident)>12) de->ident[12]=0; data/dosbox-0.74-3/src/dos/drive_iso.cpp:545:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t nameLength = strlen(name); data/dosbox-0.74-3/src/dos/drive_local.cpp:189:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (tempDir[strlen(tempDir)-1]!=CROSS_FILESPLIT) strcat(tempDir,end); data/dosbox-0.74-3/src/dos/drive_local.cpp:269:5: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(dir_entcopy)<DOS_NAMELENGTH_ASCII){ data/dosbox-0.74-3/src/dos/drive_local.cpp:336:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t len = strlen(newdir); data/dosbox-0.74-3/src/dos/drives.cpp:47:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memcpy(file_ext,find_ext,(strlen(find_ext)>3) ? 3 : strlen(find_ext)); data/dosbox-0.74-3/src/dos/drives.cpp:47:55: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memcpy(file_ext,find_ext,(strlen(find_ext)>3) ? 3 : strlen(find_ext)); data/dosbox-0.74-3/src/dos/drives.cpp:49:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memcpy(file_name,file,(strlen(file) > 8) ? 8 : strlen(file)); data/dosbox-0.74-3/src/dos/drives.cpp:49:50: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memcpy(file_name,file,(strlen(file) > 8) ? 8 : strlen(file)); data/dosbox-0.74-3/src/dos/drives.cpp:58:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memcpy(wild_ext,find_ext,(strlen(find_ext)>3) ? 3 : strlen(find_ext)); data/dosbox-0.74-3/src/dos/drives.cpp:58:55: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memcpy(wild_ext,find_ext,(strlen(find_ext)>3) ? 3 : strlen(find_ext)); data/dosbox-0.74-3/src/dos/drives.cpp:60:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memcpy(wild_name,wild,(strlen(wild) > 8) ? 8 : strlen(wild)); data/dosbox-0.74-3/src/dos/drives.cpp:60:50: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memcpy(wild_name,wild,(strlen(wild) > 8) ? 8 : strlen(wild)); data/dosbox-0.74-3/src/gui/midi_coreaudio.h:141:61: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen(soundfont), false data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:483:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strncasecmp(buf,configname,strlen(configname))) return 0; data/dosbox-0.74-3/src/gui/sdl_mapper.cpp:670:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strncasecmp(configname,buf,strlen(configname))) return 0; data/dosbox-0.74-3/src/gui/sdlmain.cpp:1623:9: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(buf,"\n"); data/dosbox-0.74-3/src/gui/sdlmain.cpp:2059:4: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). fgetc(stdin); data/dosbox-0.74-3/src/hardware/gus.cpp:719:3: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). read*=(chan->DMA16+1); data/dosbox-0.74-3/src/hardware/gus.cpp:725:30: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). for(i=dmaaddr;i<(dmaaddr+read);i++) GUSRam[i] ^= 0x80; data/dosbox-0.74-3/src/hardware/gus.cpp:728:32: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). for(i=dmaaddr+1;i<(dmaaddr+read);i+=2) GUSRam[i] ^= 0x80; data/dosbox-0.74-3/src/hardware/hardware.cpp:107:2: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(file_start,"_"); data/dosbox-0.74-3/src/hardware/hardware.cpp:113:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!test || strlen(test)!=strlen(ext)) data/dosbox-0.74-3/src/hardware/hardware.cpp:113:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!test || strlen(test)!=strlen(ext)) data/dosbox-0.74-3/src/hardware/hardware.cpp:116:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strncasecmp(tempname,file_start,strlen(file_start))!=0) continue; data/dosbox-0.74-3/src/hardware/hardware.cpp:117:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). Bitu num=atoi(&tempname[strlen(file_start)]); data/dosbox-0.74-3/src/hardware/hardware.cpp:612:50: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). memcpy( &capture.wave.buf[capture.wave.used], read, left*4); data/dosbox-0.74-3/src/hardware/mixer.cpp:600:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(name) > 31) E_Exit("Too long mixer channel name"); data/dosbox-0.74-3/src/hardware/sblaster.cpp:406:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read && sb.adpcm.haveref) { data/dosbox-0.74-3/src/hardware/sblaster.cpp:412:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). for (;i<read;i++) { data/dosbox-0.74-3/src/hardware/sblaster.cpp:422:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read && sb.adpcm.haveref) { data/dosbox-0.74-3/src/hardware/sblaster.cpp:428:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). for (;i<read;i++) { data/dosbox-0.74-3/src/hardware/sblaster.cpp:437:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read && sb.adpcm.haveref) { data/dosbox-0.74-3/src/hardware/sblaster.cpp:443:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). for (;i<read;i++) { data/dosbox-0.74-3/src/hardware/sblaster.cpp:461:45: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (!sb.dma.sign) sb.chan->AddSamples_m8(read,sb.dma.buf.b8); data/dosbox-0.74-3/src/hardware/sblaster.cpp:462:33: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). else sb.chan->AddSamples_m8s(read,(Bit8s *)sb.dma.buf.b8); data/dosbox-0.74-3/src/hardware/sblaster.cpp:489:55: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (sb.dma.sign) sb.chan->AddSamples_m16_nonnative(read,sb.dma.buf.b16); data/dosbox-0.74-3/src/hardware/sblaster.cpp:490:44: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). else sb.chan->AddSamples_m16u_nonnative(read,(Bit16u *)sb.dma.buf.b16); data/dosbox-0.74-3/src/hardware/sblaster.cpp:492:45: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (sb.dma.sign) sb.chan->AddSamples_m16(read,sb.dma.buf.b16); data/dosbox-0.74-3/src/hardware/sblaster.cpp:493:34: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). else sb.chan->AddSamples_m16u(read,(Bit16u *)sb.dma.buf.b16); data/dosbox-0.74-3/src/hardware/sblaster.cpp:497:45: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (sb.dma.mode==DSP_DMA_16_ALIASED) read=read<<1; data/dosbox-0.74-3/src/hardware/sblaster.cpp:504:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). sb.dma.left-=read; data/dosbox-0.74-3/src/hardware/sblaster.cpp:544:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). sb.dma.left-=read; data/dosbox-0.74-3/src/hardware/sblaster.cpp:967:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (size_t i=0;i<=strlen(copyright_string);i++) { data/dosbox-0.74-3/src/hardware/serialport/libserial.cpp:45:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t len = strlen(portname); data/dosbox-0.74-3/src/hardware/serialport/libserial.cpp:147:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sysmsg_offset = strlen(err5text); data/dosbox-0.74-3/src/hardware/serialport/libserial.cpp:151:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sysmsg_offset = strlen(err2text); data/dosbox-0.74-3/src/hardware/serialport/libserial.cpp:155:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if((length - sysmsg_offset - strlen((const char*)sysmessagebuffer)) >= 0) data/dosbox-0.74-3/src/hardware/serialport/libserial.cpp:157:3: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strlen((const char*)sysmessagebuffer)); data/dosbox-0.74-3/src/hardware/serialport/libserial.cpp:287:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t len = strlen(portname); data/dosbox-0.74-3/src/hardware/serialport/libserial.cpp:347:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sysmsg_offset = strlen(err5text); data/dosbox-0.74-3/src/hardware/serialport/libserial.cpp:351:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sysmsg_offset = strlen(err2text); data/dosbox-0.74-3/src/hardware/serialport/libserial.cpp:383:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). dwRead=read(port->porthandle,&chRead,1); data/dosbox-0.74-3/src/hardware/serialport/libserial.cpp:387:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). dwRead=read(port->porthandle,&chRead,1); data/dosbox-0.74-3/src/hardware/serialport/libserial.cpp:390:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). dwRead=read(port->porthandle,&chRead,1); data/dosbox-0.74-3/src/hardware/serialport/nullmodem.cpp:153:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t hostlen=strlen(hostnamechar)+1; data/dosbox-0.74-3/src/hardware/serialport/serialport.cpp:209:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). vsprintf(buf+strlen(buf),format,msg); data/dosbox-0.74-3/src/hardware/serialport/serialport.cpp:212:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). Bitu len=strlen(buf); data/dosbox-0.74-3/src/hardware/serialport/softmodem.cpp:127:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). rqueue->adds((Bit8u *)line,strlen(line)); data/dosbox-0.74-3/src/hardware/serialport/softmodem.cpp:352:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((!foundstr[0]) || (strlen(foundstr)>100)) { data/dosbox-0.74-3/src/hardware/serialport/softmodem.cpp:361:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). helper+=strlen(foundstr); data/dosbox-0.74-3/src/hardware/serialport/softmodem.cpp:366:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(foundstr) >= 12) { data/dosbox-0.74-3/src/hardware/serialport/softmodem.cpp:369:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (Bitu i=0; i<strlen(foundstr); i++) data/dosbox-0.74-3/src/hardware/serialport/softmodem.cpp:377:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (Bitu i=0; i<strlen(foundstr); i++) { data/dosbox-0.74-3/src/hardware/serialport/softmodem.cpp:384:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (i == 11 && strlen(foundstr)>12) data/dosbox-0.74-3/src/hardware/tandy_sound.cpp:237:33: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). tandy.dac.chan->AddSamples_m8(read,tandy.dac.dma.buf); data/dosbox-0.74-3/src/hardware/tandy_sound.cpp:238:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read < length) { data/dosbox-0.74-3/src/hardware/tandy_sound.cpp:239:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read>0) tandy.dac.dma.last_sample=tandy.dac.dma.buf[read-1]; data/dosbox-0.74-3/src/hardware/tandy_sound.cpp:240:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). for (Bitu ct=read; ct < length; ct++) { data/dosbox-0.74-3/src/ints/bios.cpp:812:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for(Bitu i = 0; i < strlen(text);i++) { data/dosbox-0.74-3/src/ints/bios.cpp:937:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for(Bitu i = 0; i < strlen(b_type); i++) phys_writeb(0xfe00e + i,b_type[i]); data/dosbox-0.74-3/src/ints/bios.cpp:942:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for(Bitu i = 0; i < strlen(b_vers); i++) phys_writeb(0xfe061+i,b_vers[i]); data/dosbox-0.74-3/src/ints/bios.cpp:946:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for(Bitu i = 0; i < strlen(b_date); i++) phys_writeb(0xffff5+i,b_date[i]); data/dosbox-0.74-3/src/ints/bios_disk.cpp:191:5: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen((const char *)imgName) > 511) { data/dosbox-0.74-3/src/ints/ems.cpp:1297:59: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). MEM_BlockWrite(PhysMake(ems_baseseg,0xa),emsname,(Bitu)(strlen(emsname)+1)); data/dosbox-0.74-3/src/ints/int10_vesa.cpp:487:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). Bitu len=(Bitu)(strlen(string_oem)+1); data/dosbox-0.74-3/src/libs/gui_tk/gui_tk.h:432:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). while (src[strlen]) strlen++; data/dosbox-0.74-3/src/libs/gui_tk/gui_tk.h:433:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dest.resize(strlen); data/dosbox-0.74-3/src/libs/gui_tk/gui_tk.h:434:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (strlen = 0; src[strlen]; strlen++) dest[strlen] = (sizeof(STR)==1?(unsigned char)src[strlen]:sizeof(STR)==2?(unsigned short)src[strlen]:src[strlen]); data/dosbox-0.74-3/src/libs/gui_tk/gui_tk.h:434:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (strlen = 0; src[strlen]; strlen++) dest[strlen] = (sizeof(STR)==1?(unsigned char)src[strlen]:sizeof(STR)==2?(unsigned short)src[strlen]:src[strlen]); data/dosbox-0.74-3/src/libs/gui_tk/gui_tk.h:434:92: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (strlen = 0; src[strlen]; strlen++) dest[strlen] = (sizeof(STR)==1?(unsigned char)src[strlen]:sizeof(STR)==2?(unsigned short)src[strlen]:src[strlen]); data/dosbox-0.74-3/src/libs/gui_tk/gui_tk.h:434:135: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (strlen = 0; src[strlen]; strlen++) dest[strlen] = (sizeof(STR)==1?(unsigned char)src[strlen]:sizeof(STR)==2?(unsigned short)src[strlen]:src[strlen]); data/dosbox-0.74-3/src/libs/gui_tk/gui_tk.h:434:147: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (strlen = 0; src[strlen]; strlen++) dest[strlen] = (sizeof(STR)==1?(unsigned char)src[strlen]:sizeof(STR)==2?(unsigned short)src[strlen]:src[strlen]); data/dosbox-0.74-3/src/libs/gui_tk/gui_tk.h:440:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dest[strlen] = 0; data/dosbox-0.74-3/src/libs/gui_tk/gui_tk.h:441:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (; strlen > 0; strlen--) dest[strlen-1] = src[strlen-1]; data/dosbox-0.74-3/src/libs/gui_tk/gui_tk.h:451:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dest.resize(strlen); data/dosbox-0.74-3/src/libs/gui_tk/gui_tk.h:452:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (Size i = 0; i< strlen; i++) dest[i] = (*src)[i]; data/dosbox-0.74-3/src/libs/gui_tk/gui_tk.h:457:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (Size i = 0; i < strlen; i++) dest->append(1,src[i]); data/dosbox-0.74-3/src/libs/gui_tk/gui_tk.h:470:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dest.resize(strlen); data/dosbox-0.74-3/src/libs/gui_tk/gui_tk.h:471:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (Size i = 0; i< strlen; i++) dest[i] = src[i]; data/dosbox-0.74-3/src/libs/gui_tk/gui_tk.h:476:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (Size i = 0; i < strlen; i++) dest->append(1,src[i]); data/dosbox-0.74-3/src/misc/cross.cpp:51:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t len = strlen(result); data/dosbox-0.74-3/src/misc/cross.cpp:52:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(len + strlen(appdata) < MAX_PATH) strcat(result,appdata); data/dosbox-0.74-3/src/misc/cross.cpp:131:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t len = strlen(dirname); data/dosbox-0.74-3/src/misc/cross.cpp:265:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(work,path,CROSS_LEN-1); data/dosbox-0.74-3/src/misc/cross.cpp:278:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ( ( strlen(check) == 5 && strcmp(check,"/proc") == 0) || strncmp(check,"/proc/",6) == 0) { data/dosbox-0.74-3/src/misc/messages.cpp:104:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t ll = strlen(string); data/dosbox-0.74-3/src/misc/messages.cpp:110:4: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(string,"\n"); data/dosbox-0.74-3/src/misc/programs.cpp:139:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). Bit16u size = (Bit16u)strlen(buf); data/dosbox-0.74-3/src/misc/programs.cpp:153:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). Bit16u size = (Bit16u)strlen(format); data/dosbox-0.74-3/src/misc/programs.cpp:178:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). env_read += (PhysPt)(strlen(env_string)+1); data/dosbox-0.74-3/src/misc/programs.cpp:180:8: [1] (buffer) equal: Function does not check the second iterator for over-read conditions (CWE-126). This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it. if (!equal) continue; data/dosbox-0.74-3/src/misc/programs.cpp:183:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(env_string) != strlen(entry)) continue; data/dosbox-0.74-3/src/misc/programs.cpp:183:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(env_string) != strlen(entry)) continue; data/dosbox-0.74-3/src/misc/programs.cpp:200:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). env_read += (PhysPt)(strlen(env_string)+1); data/dosbox-0.74-3/src/misc/programs.cpp:231:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). env_read += (PhysPt)(strlen(env_string)+1); data/dosbox-0.74-3/src/misc/programs.cpp:233:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((strncasecmp(entry,env_string,strlen(entry))==0) && data/dosbox-0.74-3/src/misc/programs.cpp:234:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). env_string[strlen(entry)]=='=') continue; data/dosbox-0.74-3/src/misc/programs.cpp:235:46: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). MEM_BlockWrite(env_write,env_string,(Bitu)(strlen(env_string)+1)); data/dosbox-0.74-3/src/misc/programs.cpp:236:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). env_write += (PhysPt)(strlen(env_string)+1); data/dosbox-0.74-3/src/misc/programs.cpp:242:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (envsize <= (env_write-env_write_start) + strlen(entry) + 1 + strlen(new_string) + 5) return false; data/dosbox-0.74-3/src/misc/programs.cpp:242:67: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (envsize <= (env_write-env_write_start) + strlen(entry) + 1 + strlen(new_string) + 5) return false; data/dosbox-0.74-3/src/misc/programs.cpp:248:46: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). MEM_BlockWrite(env_write,env_string,(Bitu)(strlen(env_string)+1)); data/dosbox-0.74-3/src/misc/programs.cpp:249:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). env_write += (PhysPt)(strlen(env_string)+1); data/dosbox-0.74-3/src/misc/programs.cpp:378:42: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. char buffer[1024];strcpy(buffer,copy);strcat(buffer,"=");strcat(buffer,temp); data/dosbox-0.74-3/src/misc/setup.cpp:631:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t w = strlen(p->propname.c_str()); data/dosbox-0.74-3/src/misc/setup.cpp:911:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t len = strlen(begin); data/dosbox-0.74-3/src/misc/support.cpp:96:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char * scan=cmd;size_t c_len=strlen(check); data/dosbox-0.74-3/src/misc/support.cpp:102:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memmove(scan-1,scan+c_len,strlen(scan+c_len)+1); data/dosbox-0.74-3/src/misc/support.cpp:182:2: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(buf,"\n"); data/dosbox-0.74-3/src/shell/shell.cpp:68:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if((strncasecmp(buf2,"set ",4) == 0) && (strlen(buf2) > 4)){ data/dosbox-0.74-3/src/shell/shell.cpp:96:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). auto_len = strlen(autoexec_data); data/dosbox-0.74-3/src/shell/shell.cpp:102:79: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(first_shell) VFILE_Register("AUTOEXEC.BAT",(Bit8u *)autoexec_data,(Bit32u)strlen(autoexec_data)); data/dosbox-0.74-3/src/shell/shell.cpp:116:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if((strncasecmp(buf2,"set ",4) == 0) && (strlen(buf2) > 4)){ data/dosbox-0.74-3/src/shell/shell.cpp:441:64: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). VFILE_Register("AUTOEXEC.BAT",(Bit8u *)autoexec_data,(Bit32u)strlen(autoexec_data)); data/dosbox-0.74-3/src/shell/shell.cpp:612:46: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). MEM_BlockWrite(env_write,path_string,(Bitu)(strlen(path_string)+1)); data/dosbox-0.74-3/src/shell/shell.cpp:613:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). env_write += (PhysPt)(strlen(path_string)+1); data/dosbox-0.74-3/src/shell/shell.cpp:614:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). MEM_BlockWrite(env_write,comspec_string,(Bitu)(strlen(comspec_string)+1)); data/dosbox-0.74-3/src/shell/shell.cpp:615:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). env_write += (PhysPt)(strlen(comspec_string)+1); data/dosbox-0.74-3/src/shell/shell.cpp:619:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). MEM_BlockWrite(env_write,full_name,(Bitu)(strlen(full_name)+1)); data/dosbox-0.74-3/src/shell/shell.cpp:643:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). tail.count=(Bit8u)strlen(init_line); data/dosbox-0.74-3/src/shell/shell_batch.cpp:87:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strlen(temp)) goto emptyline; data/dosbox-0.74-3/src/shell/shell_batch.cpp:105:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t name_len = strlen(file_name); data/dosbox-0.74-3/src/shell/shell_batch.cpp:120:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t name_len = strlen(word.c_str()); data/dosbox-0.74-3/src/shell/shell_batch.cpp:137:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t name_len = strlen(equals); data/dosbox-0.74-3/src/shell/shell_cmds.cpp:92:21: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. if (bufsize > 2) strncat(buffer,args,bufsize - 1 /*used buffer portion*/ - 1 /*trailing zero*/ ); data/dosbox-0.74-3/src/shell/shell_cmds.cpp:112:34: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(newcom,test->GetName()); strcat(newcom," "); data/dosbox-0.74-3/src/shell/shell_cmds.cpp:142:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(cmd_buffer)==0) return; data/dosbox-0.74-3/src/shell/shell_cmds.cpp:248:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if((strlen(dir_source) == 2) && (dir_source[1] == ':')) data/dosbox-0.74-3/src/shell/shell_cmds.cpp:249:4: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(dir_source,"\\"); //X: add slash data/dosbox-0.74-3/src/shell/shell_cmds.cpp:286:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t len = strlen(args); //TODO check input of else ook nodig is. data/dosbox-0.74-3/src/shell/shell_cmds.cpp:307:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). } else if(strlen(args) == 2 && args[1]==':') { data/dosbox-0.74-3/src/shell/shell_cmds.cpp:427:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t argLen = strlen(args); data/dosbox-0.74-3/src/shell/shell_cmds.cpp:501:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t namelen = strlen(name); data/dosbox-0.74-3/src/shell/shell_cmds.cpp:592:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t source_x_len = strlen(source_x); data/dosbox-0.74-3/src/shell/shell_cmds.cpp:661:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (pathTarget[strlen(pathTarget)-1]!='\\') { data/dosbox-0.74-3/src/shell/shell_cmds.cpp:665:6: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(pathTarget,"\\"); data/dosbox-0.74-3/src/shell/shell_cmds.cpp:691:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (nameTarget[strlen(nameTarget)-1]=='\\') strcat(nameTarget,name); data/dosbox-0.74-3/src/shell/shell_cmds.cpp:763:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p_parsed += strlen(p_parsed); data/dosbox-0.74-3/src/shell/shell_cmds.cpp:958:3: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(mountstring," "); data/dosbox-0.74-3/src/shell/shell_cmds.cpp:970:3: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(mountstring,"\""); data/dosbox-0.74-3/src/shell/shell_cmds.cpp:972:3: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(mountstring,"\""); data/dosbox-0.74-3/src/shell/shell_cmds.cpp:1032:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t argslen = strlen(args); data/dosbox-0.74-3/src/shell/shell_cmds.cpp:1043:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t len = strlen(rem); data/dosbox-0.74-3/src/shell/shell_cmds.cpp:1066:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(args && *args && strlen(args)){ data/dosbox-0.74-3/src/shell/shell_misc.cpp:227:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). completion_index = (Bit16u)(str_len - strlen(p_completion_start)); data/dosbox-0.74-3/src/shell/shell_misc.cpp:239:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(p_completion_start) + 3 >= DOS_PATHLENGTH) { data/dosbox-0.74-3/src/shell/shell_misc.cpp:368:5: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(args)!= 0){ data/dosbox-0.74-3/src/shell/shell_misc.cpp:371:4: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(line,args,CMD_MAXLINE-2); data/dosbox-0.74-3/src/shell/shell_misc.cpp:401:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(fullname) >( DOS_PATHLENGTH - 1) ) return false; data/dosbox-0.74-3/src/shell/shell_misc.cpp:455:55: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). MEM_BlockWrite(Real2Phys(file_name),fullname,(Bitu)(strlen(fullname)+1)); data/dosbox-0.74-3/src/shell/shell_misc.cpp:464:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(line)>126) line[126]=0; data/dosbox-0.74-3/src/shell/shell_misc.cpp:465:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cmdtail.count=(Bit8u)strlen(line); data/dosbox-0.74-3/src/shell/shell_misc.cpp:466:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). memcpy(cmdtail.buffer,line,strlen(line)); data/dosbox-0.74-3/src/shell/shell_misc.cpp:467:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cmdtail.buffer[strlen(line)]=0xd; data/dosbox-0.74-3/src/shell/shell_misc.cpp:516:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t name_len = strlen(name); data/dosbox-0.74-3/src/shell/shell_misc.cpp:563:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(size_t len = strlen(path)){ data/dosbox-0.74-3/src/shell/shell_misc.cpp:567:5: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(path,"\\"); ANALYSIS SUMMARY: Hits = 1228 Lines analyzed = 138451 in approximately 4.29 seconds (32243 lines/second) Physical Source Lines of Code (SLOC) = 112398 Hits@level = [0] 82 [1] 289 [2] 682 [3] 20 [4] 234 [5] 3 Hits@level+ = [0+] 1310 [1+] 1228 [2+] 939 [3+] 257 [4+] 237 [5+] 3 Hits/KSLOC@level+ = [0+] 11.655 [1+] 10.9255 [2+] 8.35424 [3+] 2.28652 [4+] 2.10858 [5+] 0.0266909 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.