Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/dx-4.4.4/include/dx/._arch.h
Examining data/dx-4.4.4/include/dx/arch.h
Examining data/dx-4.4.4/include/dx/._array.h
Examining data/dx-4.4.4/include/dx/array.h
Examining data/dx-4.4.4/include/dx/arrayhandles.h
Examining data/dx-4.4.4/include/dx/basic.h
Examining data/dx-4.4.4/include/dx/cache.h
Examining data/dx-4.4.4/include/dx/camera.h
Examining data/dx-4.4.4/include/dx/clipped.h
Examining data/dx-4.4.4/include/dx/component.h
Examining data/dx-4.4.4/include/dx/dx.h
Examining data/dx-4.4.4/include/dx/error.h
Examining data/dx-4.4.4/include/dx/extract.h
Examining data/dx-4.4.4/include/dx/field.h
Examining data/dx-4.4.4/include/dx/geometry.h
Examining data/dx-4.4.4/include/dx/group.h
Examining data/dx-4.4.4/include/dx/grow.h
Examining data/dx-4.4.4/include/dx/hash.h
Examining data/dx-4.4.4/include/dx/helper.h
Examining data/dx-4.4.4/include/dx/image.h
Examining data/dx-4.4.4/include/dx/import.h
Examining data/dx-4.4.4/include/dx/invalid.h
Examining data/dx-4.4.4/include/dx/lexical.h
Examining data/dx-4.4.4/include/dx/light.h
Examining data/dx-4.4.4/include/dx/memory.h
Examining data/dx-4.4.4/include/dx/modflags.h
Examining data/dx-4.4.4/include/dx/object.h
Examining data/dx-4.4.4/include/dx/partition.h
Examining data/dx-4.4.4/include/dx/pending.h
Examining data/dx-4.4.4/include/dx/pick.h
Examining data/dx-4.4.4/include/dx/private.h
Examining data/dx-4.4.4/include/dx/rel_1_bc.h
Examining data/dx-4.4.4/include/dx/render.h
Examining data/dx-4.4.4/include/dx/resampling.h
Examining data/dx-4.4.4/include/dx/screen.h
Examining data/dx-4.4.4/include/dx/seglist.h
Examining data/dx-4.4.4/include/dx/string.h
Examining data/dx-4.4.4/include/dx/task.h
Examining data/dx-4.4.4/include/dx/timing.h
Examining data/dx-4.4.4/include/dx/UserInteractors.h
Examining data/dx-4.4.4/include/dx/version.h
Examining data/dx-4.4.4/include/dx/xform.h
Examining data/dx-4.4.4/include/dx/advanced.h
Examining data/dx-4.4.4/include/dxl.h
Examining data/dx-4.4.4/include/dxstereo.h
Examining data/dx-4.4.4/lib/outboard.c
Examining data/dx-4.4.4/src/exec/dpexec/_eval.h
Examining data/dx-4.4.4/src/exec/dpexec/_macro.h
Examining data/dx-4.4.4/src/exec/dpexec/_variable.h
Examining data/dx-4.4.4/src/exec/dpexec/attribute.h
Examining data/dx-4.4.4/src/exec/dpexec/background.c
Examining data/dx-4.4.4/src/exec/dpexec/background.h
Examining data/dx-4.4.4/src/exec/dpexec/cache.c
Examining data/dx-4.4.4/src/exec/dpexec/cache.h
Examining data/dx-4.4.4/src/exec/dpexec/cachegraph.c
Examining data/dx-4.4.4/src/exec/dpexec/cachegraph.h
Examining data/dx-4.4.4/src/exec/dpexec/._ccm.c
Examining data/dx-4.4.4/src/exec/dpexec/ccm.c
Examining data/dx-4.4.4/src/exec/dpexec/ccm.h
Examining data/dx-4.4.4/src/exec/dpexec/command.h
Examining data/dx-4.4.4/src/exec/dpexec/compile.h
Examining data/dx-4.4.4/src/exec/dpexec/context.c
Examining data/dx-4.4.4/src/exec/dpexec/context.h
Examining data/dx-4.4.4/src/exec/dpexec/crc.c
Examining data/dx-4.4.4/src/exec/dpexec/crc.h
Examining data/dx-4.4.4/src/exec/dpexec/d.c
Examining data/dx-4.4.4/src/exec/dpexec/d.h
Examining data/dx-4.4.4/src/exec/dpexec/ddx.c
Examining data/dx-4.4.4/src/exec/dpexec/distconnect.c
Examining data/dx-4.4.4/src/exec/dpexec/distp.h
Examining data/dx-4.4.4/src/exec/dpexec/._distpacket.c
Examining data/dx-4.4.4/src/exec/dpexec/distpacket.c
Examining data/dx-4.4.4/src/exec/dpexec/distqueue.c
Examining data/dx-4.4.4/src/exec/dpexec/dpattribute.c
Examining data/dx-4.4.4/src/exec/dpexec/dpparse.c
Examining data/dx-4.4.4/src/exec/dpexec/dxmain.h
Examining data/dx-4.4.4/src/exec/dpexec/dxpfsmgr.c
Examining data/dx-4.4.4/src/exec/dpexec/dxpfsmgr.h
Examining data/dx-4.4.4/src/exec/dpexec/dxThreadMain.h
Examining data/dx-4.4.4/src/exec/dpexec/evalgraph.c
Examining data/dx-4.4.4/src/exec/dpexec/evalgraph.h
Examining data/dx-4.4.4/src/exec/dpexec/exobject.c
Examining data/dx-4.4.4/src/exec/dpexec/exobject.h
Examining data/dx-4.4.4/src/exec/dpexec/function.c
Examining data/dx-4.4.4/src/exec/dpexec/function.h
Examining data/dx-4.4.4/src/exec/dpexec/graph.h
Examining data/dx-4.4.4/src/exec/dpexec/graph2.c
Examining data/dx-4.4.4/src/exec/dpexec/graphIntr.h
Examining data/dx-4.4.4/src/exec/dpexec/graphqueue.c
Examining data/dx-4.4.4/src/exec/dpexec/graphqueue.h
Examining data/dx-4.4.4/src/exec/dpexec/help.c
Examining data/dx-4.4.4/src/exec/dpexec/help.h
Examining data/dx-4.4.4/src/exec/dpexec/instrument.c
Examining data/dx-4.4.4/src/exec/dpexec/instrument.h
Examining data/dx-4.4.4/src/exec/dpexec/lex.h
Examining data/dx-4.4.4/src/exec/dpexec/license.h
Examining data/dx-4.4.4/src/exec/dpexec/loader.c
Examining data/dx-4.4.4/src/exec/dpexec/loader.h
Examining data/dx-4.4.4/src/exec/dpexec/._log.c
Examining data/dx-4.4.4/src/exec/dpexec/log.c
Examining data/dx-4.4.4/src/exec/dpexec/log.h
Examining data/dx-4.4.4/src/exec/dpexec/macro.c
Examining data/dx-4.4.4/src/exec/dpexec/nodeb.h
Examining data/dx-4.4.4/src/exec/dpexec/nodereadb.c
Examining data/dx-4.4.4/src/exec/dpexec/nodewriteb.c
Examining data/dx-4.4.4/src/exec/dpexec/obmodule.h
Examining data/dx-4.4.4/src/exec/dpexec/optarg.c
Examining data/dx-4.4.4/src/exec/dpexec/._packet.c
Examining data/dx-4.4.4/src/exec/dpexec/packet.c
Examining data/dx-4.4.4/src/exec/dpexec/packet.h
Examining data/dx-4.4.4/src/exec/dpexec/parse.h
Examining data/dx-4.4.4/src/exec/dpexec/parsemdf.c
Examining data/dx-4.4.4/src/exec/dpexec/parsemdf.h
Examining data/dx-4.4.4/src/exec/dpexec/path.c
Examining data/dx-4.4.4/src/exec/dpexec/path.h
Examining data/dx-4.4.4/src/exec/dpexec/._pendingcmds.c
Examining data/dx-4.4.4/src/exec/dpexec/pendingcmds.c
Examining data/dx-4.4.4/src/exec/dpexec/pendingcmds.h
Examining data/dx-4.4.4/src/exec/dpexec/pmodflags.h
Examining data/dx-4.4.4/src/exec/dpexec/queue.c
Examining data/dx-4.4.4/src/exec/dpexec/queue.h
Examining data/dx-4.4.4/src/exec/dpexec/._remote.c
Examining data/dx-4.4.4/src/exec/dpexec/remote.c
Examining data/dx-4.4.4/src/exec/dpexec/remote.h
Examining data/dx-4.4.4/src/exec/dpexec/rih.c
Examining data/dx-4.4.4/src/exec/dpexec/rih.h
Examining data/dx-4.4.4/src/exec/dpexec/rq.c
Examining data/dx-4.4.4/src/exec/dpexec/rq.h
Examining data/dx-4.4.4/src/exec/dpexec/._sfile.c
Examining data/dx-4.4.4/src/exec/dpexec/sfile.c
Examining data/dx-4.4.4/src/exec/dpexec/sfile.h
Examining data/dx-4.4.4/src/exec/dpexec/socket.c
Examining data/dx-4.4.4/src/exec/dpexec/socket.h
Examining data/dx-4.4.4/src/exec/dpexec/status.c
Examining data/dx-4.4.4/src/exec/dpexec/status.h
Examining data/dx-4.4.4/src/exec/dpexec/swap.c
Examining data/dx-4.4.4/src/exec/dpexec/swap.h
Examining data/dx-4.4.4/src/exec/dpexec/sysvars.h
Examining data/dx-4.4.4/src/exec/dpexec/task.c
Examining data/dx-4.4.4/src/exec/dpexec/task.h
Examining data/dx-4.4.4/src/exec/dpexec/tmainUtil.cpp
Examining data/dx-4.4.4/src/exec/dpexec/tmainUtil.h
Examining data/dx-4.4.4/src/exec/dpexec/userinter.c
Examining data/dx-4.4.4/src/exec/dpexec/userinter.h
Examining data/dx-4.4.4/src/exec/dpexec/utils.c
Examining data/dx-4.4.4/src/exec/dpexec/utils.h
Examining data/dx-4.4.4/src/exec/dpexec/variable.c
Examining data/dx-4.4.4/src/exec/dpexec/vcr.c
Examining data/dx-4.4.4/src/exec/dpexec/vcr.h
Examining data/dx-4.4.4/src/exec/dpexec/version.h
Examining data/dx-4.4.4/src/exec/dpexec/yuiif.c
Examining data/dx-4.4.4/src/exec/dpexec/yuiif.h
Examining data/dx-4.4.4/src/exec/dpexec/config.h
Examining data/dx-4.4.4/src/exec/dpexec/license.c
Examining data/dx-4.4.4/src/exec/dpexec/lex.c
Examining data/dx-4.4.4/src/exec/dpexec/graph.c
Examining data/dx-4.4.4/src/exec/dpexec/dxThreadMain.cpp
Examining data/dx-4.4.4/src/exec/dpexec/dxmain.c
Examining data/dx-4.4.4/src/exec/dpexec/command.c
Examining data/dx-4.4.4/src/exec/dxexec/._main.c
Examining data/dx-4.4.4/src/exec/dxexec/main.c
Examining data/dx-4.4.4/src/exec/dxexec/tmain.cpp
Examining data/dx-4.4.4/src/exec/dxmods/_autocolor.c
Examining data/dx-4.4.4/src/exec/dxmods/_autocolor.h
Examining data/dx-4.4.4/src/exec/dxmods/_autogray.c
Examining data/dx-4.4.4/src/exec/dxmods/_autogray.h
Examining data/dx-4.4.4/src/exec/dxmods/.__cat_util.c
Examining data/dx-4.4.4/src/exec/dxmods/_cat_util.c
Examining data/dx-4.4.4/src/exec/dxmods/_colormap.c
Examining data/dx-4.4.4/src/exec/dxmods/_colormap.h
Examining data/dx-4.4.4/src/exec/dxmods/_compcmplx.c
Examining data/dx-4.4.4/src/exec/dxmods/_compexec.c
Examining data/dx-4.4.4/src/exec/dxmods/_compinput.c
Examining data/dx-4.4.4/src/exec/dxmods/_complex.c
Examining data/dx-4.4.4/src/exec/dxmods/.__compoper.c
Examining data/dx-4.4.4/src/exec/dxmods/_compoper.h
Examining data/dx-4.4.4/src/exec/dxmods/_compoper1.c
Examining data/dx-4.4.4/src/exec/dxmods/.__compoper2.c
Examining data/dx-4.4.4/src/exec/dxmods/_compoper2.c
Examining data/dx-4.4.4/src/exec/dxmods/_compparse.c
Examining data/dx-4.4.4/src/exec/dxmods/_compparse.h
Examining data/dx-4.4.4/src/exec/dxmods/_compputils.c
Examining data/dx-4.4.4/src/exec/dxmods/_compputils.h
Examining data/dx-4.4.4/src/exec/dxmods/_compute.h
Examining data/dx-4.4.4/src/exec/dxmods/_connectgrids.c
Examining data/dx-4.4.4/src/exec/dxmods/_connectgrids.h
Examining data/dx-4.4.4/src/exec/dxmods/_connectvor.c
Examining data/dx-4.4.4/src/exec/dxmods/_connectvor.h
Examining data/dx-4.4.4/src/exec/dxmods/_construct.c
Examining data/dx-4.4.4/src/exec/dxmods/_construct.h
Examining data/dx-4.4.4/src/exec/dxmods/_divcurl.c
Examining data/dx-4.4.4/src/exec/dxmods/_divcurl.h
Examining data/dx-4.4.4/src/exec/dxmods/.__getfield.c
Examining data/dx-4.4.4/src/exec/dxmods/_getfield.c
Examining data/dx-4.4.4/src/exec/dxmods/_getfield.h
Examining data/dx-4.4.4/src/exec/dxmods/_gif.c
Examining data/dx-4.4.4/src/exec/dxmods/_glyph.c
Examining data/dx-4.4.4/src/exec/dxmods/_glyph.h
Examining data/dx-4.4.4/src/exec/dxmods/_gradient.c
Examining data/dx-4.4.4/src/exec/dxmods/_gradient.h
Examining data/dx-4.4.4/src/exec/dxmods/_grid.c
Examining data/dx-4.4.4/src/exec/dxmods/_grid.h
Examining data/dx-4.4.4/src/exec/dxmods/_helper_jea.c
Examining data/dx-4.4.4/src/exec/dxmods/_helper_jea.h
Examining data/dx-4.4.4/src/exec/dxmods/_irregstream.c
Examining data/dx-4.4.4/src/exec/dxmods/.__isosurface.c
Examining data/dx-4.4.4/src/exec/dxmods/_isosurface.c
Examining data/dx-4.4.4/src/exec/dxmods/_isosurface.h
Examining data/dx-4.4.4/src/exec/dxmods/_maptoplane.c
Examining data/dx-4.4.4/src/exec/dxmods/_maptoplane.h
Examining data/dx-4.4.4/src/exec/dxmods/_newtri.c
Examining data/dx-4.4.4/src/exec/dxmods/_newtri.h
Examining data/dx-4.4.4/src/exec/dxmods/_normals.c
Examining data/dx-4.4.4/src/exec/dxmods/_normals.h
Examining data/dx-4.4.4/src/exec/dxmods/_partnbrs.c
Examining data/dx-4.4.4/src/exec/dxmods/_partnbrs.h
Examining data/dx-4.4.4/src/exec/dxmods/.__plot.c
Examining data/dx-4.4.4/src/exec/dxmods/_plot.c
Examining data/dx-4.4.4/src/exec/dxmods/_plot.h
Examining data/dx-4.4.4/src/exec/dxmods/_post.c
Examining data/dx-4.4.4/src/exec/dxmods/_post.h
Examining data/dx-4.4.4/src/exec/dxmods/_postscript.c
Examining data/dx-4.4.4/src/exec/dxmods/_refine.c
Examining data/dx-4.4.4/src/exec/dxmods/_refine.h
Examining data/dx-4.4.4/src/exec/dxmods/_refineirr.c
Examining data/dx-4.4.4/src/exec/dxmods/_refinereg.c
Examining data/dx-4.4.4/src/exec/dxmods/_refinetopo.c
Examining data/dx-4.4.4/src/exec/dxmods/.__regstream.c
Examining data/dx-4.4.4/src/exec/dxmods/_regstream.c
Examining data/dx-4.4.4/src/exec/dxmods/_rgb_image.c
Examining data/dx-4.4.4/src/exec/dxmods/_rubbersheet.h
Examining data/dx-4.4.4/src/exec/dxmods/_rw_image.c
Examining data/dx-4.4.4/src/exec/dxmods/_rw_image.h
Examining data/dx-4.4.4/src/exec/dxmods/_sample.c
Examining data/dx-4.4.4/src/exec/dxmods/_sample.h
Examining data/dx-4.4.4/src/exec/dxmods/.__simplesurf.c
Examining data/dx-4.4.4/src/exec/dxmods/_simplesurf.c
Examining data/dx-4.4.4/src/exec/dxmods/_tiff.c
Examining data/dx-4.4.4/src/exec/dxmods/_tube.c
Examining data/dx-4.4.4/src/exec/dxmods/_unpart.c
Examining data/dx-4.4.4/src/exec/dxmods/ambientlight.c
Examining data/dx-4.4.4/src/exec/dxmods/append.c
Examining data/dx-4.4.4/src/exec/dxmods/arrange.c
Examining data/dx-4.4.4/src/exec/dxmods/attribute.c
Examining data/dx-4.4.4/src/exec/dxmods/._autoaxes.c
Examining data/dx-4.4.4/src/exec/dxmods/autoaxes.c
Examining data/dx-4.4.4/src/exec/dxmods/autoaxes.h
Examining data/dx-4.4.4/src/exec/dxmods/autocolor.c
Examining data/dx-4.4.4/src/exec/dxmods/autoglyph.c
Examining data/dx-4.4.4/src/exec/dxmods/autogray.c
Examining data/dx-4.4.4/src/exec/dxmods/._autoregrid.c
Examining data/dx-4.4.4/src/exec/dxmods/autoregrid.c
Examining data/dx-4.4.4/src/exec/dxmods/band.c
Examining data/dx-4.4.4/src/exec/dxmods/bounds.c
Examining data/dx-4.4.4/src/exec/dxmods/bounds.h
Examining data/dx-4.4.4/src/exec/dxmods/bspline.c
Examining data/dx-4.4.4/src/exec/dxmods/cachescene.c
Examining data/dx-4.4.4/src/exec/dxmods/camera.c
Examining data/dx-4.4.4/src/exec/dxmods/caption.c
Examining data/dx-4.4.4/src/exec/dxmods/cases.h
Examining data/dx-4.4.4/src/exec/dxmods/._cat.h
Examining data/dx-4.4.4/src/exec/dxmods/cat.h
Examining data/dx-4.4.4/src/exec/dxmods/._categorize.c
Examining data/dx-4.4.4/src/exec/dxmods/categorize.c
Examining data/dx-4.4.4/src/exec/dxmods/._catstats.c
Examining data/dx-4.4.4/src/exec/dxmods/catstats.c
Examining data/dx-4.4.4/src/exec/dxmods/._changemember.c
Examining data/dx-4.4.4/src/exec/dxmods/changemember.c
Examining data/dx-4.4.4/src/exec/dxmods/changemember.h
Examining data/dx-4.4.4/src/exec/dxmods/._changetype.c
Examining data/dx-4.4.4/src/exec/dxmods/changetype.c
Examining data/dx-4.4.4/src/exec/dxmods/clipbox.c
Examining data/dx-4.4.4/src/exec/dxmods/clipplane.c
Examining data/dx-4.4.4/src/exec/dxmods/collect.c
Examining data/dx-4.4.4/src/exec/dxmods/collectmulti.c
Examining data/dx-4.4.4/src/exec/dxmods/collectnamed.c
Examining data/dx-4.4.4/src/exec/dxmods/collectser.c
Examining data/dx-4.4.4/src/exec/dxmods/color.c
Examining data/dx-4.4.4/src/exec/dxmods/color.h
Examining data/dx-4.4.4/src/exec/dxmods/._colorbar.c
Examining data/dx-4.4.4/src/exec/dxmods/colorbar.c
Examining data/dx-4.4.4/src/exec/dxmods/compute.c
Examining data/dx-4.4.4/src/exec/dxmods/compute2.c
Examining data/dx-4.4.4/src/exec/dxmods/connect.c
Examining data/dx-4.4.4/src/exec/dxmods/construct.c
Examining data/dx-4.4.4/src/exec/dxmods/convert.c
Examining data/dx-4.4.4/src/exec/dxmods/copy.c
Examining data/dx-4.4.4/src/exec/dxmods/definter.c
Examining data/dx-4.4.4/src/exec/dxmods/._describe.c
Examining data/dx-4.4.4/src/exec/dxmods/describe.c
Examining data/dx-4.4.4/src/exec/dxmods/direction.c
Examining data/dx-4.4.4/src/exec/dxmods/display.c
Examining data/dx-4.4.4/src/exec/dxmods/divcurl.c
Examining data/dx-4.4.4/src/exec/dxmods/dxlinnamed.c
Examining data/dx-4.4.4/src/exec/dxmods/._dxlmessage.c
Examining data/dx-4.4.4/src/exec/dxmods/dxlmessage.c
Examining data/dx-4.4.4/src/exec/dxmods/._dxloutvalue.c
Examining data/dx-4.4.4/src/exec/dxmods/dxloutvalue.c
Examining data/dx-4.4.4/src/exec/dxmods/echo.c
Examining data/dx-4.4.4/src/exec/dxmods/echo.h
Examining data/dx-4.4.4/src/exec/dxmods/eigen.c
Examining data/dx-4.4.4/src/exec/dxmods/eigen.h
Examining data/dx-4.4.4/src/exec/dxmods/enumerate.c
Examining data/dx-4.4.4/src/exec/dxmods/executive.c
Examining data/dx-4.4.4/src/exec/dxmods/exp_gai.h
Examining data/dx-4.4.4/src/exec/dxmods/export.c
Examining data/dx-4.4.4/src/exec/dxmods/extract.c
Examining data/dx-4.4.4/src/exec/dxmods/facenormals.c
Examining data/dx-4.4.4/src/exec/dxmods/filter.c
Examining data/dx-4.4.4/src/exec/dxmods/format.c
Examining data/dx-4.4.4/src/exec/dxmods/fourier.c
Examining data/dx-4.4.4/src/exec/dxmods/genimp.c
Examining data/dx-4.4.4/src/exec/dxmods/genimp.h
Examining data/dx-4.4.4/src/exec/dxmods/genimp_io.c
Examining data/dx-4.4.4/src/exec/dxmods/._getscene.c
Examining data/dx-4.4.4/src/exec/dxmods/getscene.c
Examining data/dx-4.4.4/src/exec/dxmods/getset.c
Examining data/dx-4.4.4/src/exec/dxmods/glyph.c
Examining data/dx-4.4.4/src/exec/dxmods/._glyph_ARRW.h
Examining data/dx-4.4.4/src/exec/dxmods/glyph_ARRW.h
Examining data/dx-4.4.4/src/exec/dxmods/._glyph_ARRW2D.h
Examining data/dx-4.4.4/src/exec/dxmods/glyph_ARRW2D.h
Examining data/dx-4.4.4/src/exec/dxmods/._glyph_BOX.h
Examining data/dx-4.4.4/src/exec/dxmods/glyph_BOX.h
Examining data/dx-4.4.4/src/exec/dxmods/._glyph_CIRCLE10.h
Examining data/dx-4.4.4/src/exec/dxmods/glyph_CIRCLE10.h
Examining data/dx-4.4.4/src/exec/dxmods/._glyph_CIRCLE20.h
Examining data/dx-4.4.4/src/exec/dxmods/glyph_CIRCLE20.h
Examining data/dx-4.4.4/src/exec/dxmods/._glyph_CIRCLE4.h
Examining data/dx-4.4.4/src/exec/dxmods/glyph_CIRCLE4.h
Examining data/dx-4.4.4/src/exec/dxmods/._glyph_CIRCLE40.h
Examining data/dx-4.4.4/src/exec/dxmods/glyph_CIRCLE40.h
Examining data/dx-4.4.4/src/exec/dxmods/._glyph_CIRCLE6.h
Examining data/dx-4.4.4/src/exec/dxmods/glyph_CIRCLE6.h
Examining data/dx-4.4.4/src/exec/dxmods/._glyph_CIRCLE8.h
Examining data/dx-4.4.4/src/exec/dxmods/glyph_CIRCLE8.h
Examining data/dx-4.4.4/src/exec/dxmods/._glyph_DMND.h
Examining data/dx-4.4.4/src/exec/dxmods/glyph_DMND.h
Examining data/dx-4.4.4/src/exec/dxmods/._glyph_NDDL.h
Examining data/dx-4.4.4/src/exec/dxmods/glyph_NDDL.h
Examining data/dx-4.4.4/src/exec/dxmods/._glyph_NDDL2D.h
Examining data/dx-4.4.4/src/exec/dxmods/glyph_NDDL2D.h
Examining data/dx-4.4.4/src/exec/dxmods/._glyph_PNT.h
Examining data/dx-4.4.4/src/exec/dxmods/glyph_PNT.h
Examining data/dx-4.4.4/src/exec/dxmods/._glyph_RCKT12.h
Examining data/dx-4.4.4/src/exec/dxmods/glyph_RCKT12.h
Examining data/dx-4.4.4/src/exec/dxmods/._glyph_RCKT20.h
Examining data/dx-4.4.4/src/exec/dxmods/glyph_RCKT20.h
Examining data/dx-4.4.4/src/exec/dxmods/._glyph_RCKT2D.h
Examining data/dx-4.4.4/src/exec/dxmods/glyph_RCKT2D.h
Examining data/dx-4.4.4/src/exec/dxmods/._glyph_RCKT3.h
Examining data/dx-4.4.4/src/exec/dxmods/glyph_RCKT3.h
Examining data/dx-4.4.4/src/exec/dxmods/._glyph_RCKT4.h
Examining data/dx-4.4.4/src/exec/dxmods/glyph_RCKT4.h
Examining data/dx-4.4.4/src/exec/dxmods/._glyph_RCKT6.h
Examining data/dx-4.4.4/src/exec/dxmods/glyph_RCKT6.h
Examining data/dx-4.4.4/src/exec/dxmods/._glyph_RCKT8.h
Examining data/dx-4.4.4/src/exec/dxmods/glyph_RCKT8.h
Examining data/dx-4.4.4/src/exec/dxmods/._glyph_SPHR114.h
Examining data/dx-4.4.4/src/exec/dxmods/glyph_SPHR114.h
Examining data/dx-4.4.4/src/exec/dxmods/._glyph_SPHR12.h
Examining data/dx-4.4.4/src/exec/dxmods/glyph_SPHR12.h
Examining data/dx-4.4.4/src/exec/dxmods/._glyph_SPHR14.h
Examining data/dx-4.4.4/src/exec/dxmods/glyph_SPHR14.h
Examining data/dx-4.4.4/src/exec/dxmods/._glyph_SPHR146.h
Examining data/dx-4.4.4/src/exec/dxmods/glyph_SPHR146.h
Examining data/dx-4.4.4/src/exec/dxmods/._glyph_SPHR26.h
Examining data/dx-4.4.4/src/exec/dxmods/glyph_SPHR26.h
Examining data/dx-4.4.4/src/exec/dxmods/._glyph_SPHR266.h
Examining data/dx-4.4.4/src/exec/dxmods/glyph_SPHR266.h
Examining data/dx-4.4.4/src/exec/dxmods/._glyph_SPHR42.h
Examining data/dx-4.4.4/src/exec/dxmods/glyph_SPHR42.h
Examining data/dx-4.4.4/src/exec/dxmods/._glyph_SPHR62.h
Examining data/dx-4.4.4/src/exec/dxmods/glyph_SPHR62.h
Examining data/dx-4.4.4/src/exec/dxmods/._glyph_SQUARE.h
Examining data/dx-4.4.4/src/exec/dxmods/glyph_SQUARE.h
Examining data/dx-4.4.4/src/exec/dxmods/gradient.c
Examining data/dx-4.4.4/src/exec/dxmods/._grid.c
Examining data/dx-4.4.4/src/exec/dxmods/grid.c
Examining data/dx-4.4.4/src/exec/dxmods/._histogram.c
Examining data/dx-4.4.4/src/exec/dxmods/histogram.h
Examining data/dx-4.4.4/src/exec/dxmods/imagemessage.c
Examining data/dx-4.4.4/src/exec/dxmods/impCDF.h
Examining data/dx-4.4.4/src/exec/dxmods/import.c
Examining data/dx-4.4.4/src/exec/dxmods/import.h
Examining data/dx-4.4.4/src/exec/dxmods/import_cdf.c
Examining data/dx-4.4.4/src/exec/dxmods/._import_cm.c
Examining data/dx-4.4.4/src/exec/dxmods/import_cm.c
Examining data/dx-4.4.4/src/exec/dxmods/import_hdf.c
Examining data/dx-4.4.4/src/exec/dxmods/importtable.c
Examining data/dx-4.4.4/src/exec/dxmods/._include.c
Examining data/dx-4.4.4/src/exec/dxmods/include.c
Examining data/dx-4.4.4/src/exec/dxmods/._inquire.c
Examining data/dx-4.4.4/src/exec/dxmods/._integer.c
Examining data/dx-4.4.4/src/exec/dxmods/integer.c
Examining data/dx-4.4.4/src/exec/dxmods/integer.h
Examining data/dx-4.4.4/src/exec/dxmods/integerlist.c
Examining data/dx-4.4.4/src/exec/dxmods/interact.h
Examining data/dx-4.4.4/src/exec/dxmods/._isolate.c
Examining data/dx-4.4.4/src/exec/dxmods/isolate.c
Examining data/dx-4.4.4/src/exec/dxmods/isosurface.c
Examining data/dx-4.4.4/src/exec/dxmods/keyin.c
Examining data/dx-4.4.4/src/exec/dxmods/light.c
Examining data/dx-4.4.4/src/exec/dxmods/list.c
Examining data/dx-4.4.4/src/exec/dxmods/list.h
Examining data/dx-4.4.4/src/exec/dxmods/._lookup.c
Examining data/dx-4.4.4/src/exec/dxmods/lookup.c
Examining data/dx-4.4.4/src/exec/dxmods/loop.c
Examining data/dx-4.4.4/src/exec/dxmods/macroutil.c
Examining data/dx-4.4.4/src/exec/dxmods/macroutil.h
Examining data/dx-4.4.4/src/exec/dxmods/map.c
Examining data/dx-4.4.4/src/exec/dxmods/maptoplane.c
Examining data/dx-4.4.4/src/exec/dxmods/._mark.c
Examining data/dx-4.4.4/src/exec/dxmods/mark.c
Examining data/dx-4.4.4/src/exec/dxmods/mark.h
Examining data/dx-4.4.4/src/exec/dxmods/._measure.c
Examining data/dx-4.4.4/src/exec/dxmods/measure.c
Examining data/dx-4.4.4/src/exec/dxmods/measure.h
Examining data/dx-4.4.4/src/exec/dxmods/message.c
Examining data/dx-4.4.4/src/exec/dxmods/normals.c
Examining data/dx-4.4.4/src/exec/dxmods/options.c
Examining data/dx-4.4.4/src/exec/dxmods/overlay.c
Examining data/dx-4.4.4/src/exec/dxmods/._parse.c
Examining data/dx-4.4.4/src/exec/dxmods/parse.c
Examining data/dx-4.4.4/src/exec/dxmods/._partition.c
Examining data/dx-4.4.4/src/exec/dxmods/partition.c
Examining data/dx-4.4.4/src/exec/dxmods/._pick.c
Examining data/dx-4.4.4/src/exec/dxmods/pick.c
Examining data/dx-4.4.4/src/exec/dxmods/pickinv.c
Examining data/dx-4.4.4/src/exec/dxmods/._pie.c
Examining data/dx-4.4.4/src/exec/dxmods/pie.c
Examining data/dx-4.4.4/src/exec/dxmods/plot.c
Examining data/dx-4.4.4/src/exec/dxmods/plot.h
Examining data/dx-4.4.4/src/exec/dxmods/post.c
Examining data/dx-4.4.4/src/exec/dxmods/print.c
Examining data/dx-4.4.4/src/exec/dxmods/private.c
Examining data/dx-4.4.4/src/exec/dxmods/._programctl.c
Examining data/dx-4.4.4/src/exec/dxmods/programctl.c
Examining data/dx-4.4.4/src/exec/dxmods/quant.h
Examining data/dx-4.4.4/src/exec/dxmods/quantize.c
Examining data/dx-4.4.4/src/exec/dxmods/rdimagewin.c
Examining data/dx-4.4.4/src/exec/dxmods/readimage.c
Examining data/dx-4.4.4/src/exec/dxmods/reduce.c
Examining data/dx-4.4.4/src/exec/dxmods/refine.c
Examining data/dx-4.4.4/src/exec/dxmods/._regrid.c
Examining data/dx-4.4.4/src/exec/dxmods/regrid.c
Examining data/dx-4.4.4/src/exec/dxmods/remove.c
Examining data/dx-4.4.4/src/exec/dxmods/._rename.c
Examining data/dx-4.4.4/src/exec/dxmods/rename.c
Examining data/dx-4.4.4/src/exec/dxmods/render.c
Examining data/dx-4.4.4/src/exec/dxmods/._reorient.c
Examining data/dx-4.4.4/src/exec/dxmods/reorient.c
Examining data/dx-4.4.4/src/exec/dxmods/._replace.c
Examining data/dx-4.4.4/src/exec/dxmods/replace.c
Examining data/dx-4.4.4/src/exec/dxmods/ribbon.c
Examining data/dx-4.4.4/src/exec/dxmods/rotate.c
Examining data/dx-4.4.4/src/exec/dxmods/route.c
Examining data/dx-4.4.4/src/exec/dxmods/rubbersheet.c
Examining data/dx-4.4.4/src/exec/dxmods/sample.c
Examining data/dx-4.4.4/src/exec/dxmods/._scalar.c
Examining data/dx-4.4.4/src/exec/dxmods/scalar.c
Examining data/dx-4.4.4/src/exec/dxmods/scalar.h
Examining data/dx-4.4.4/src/exec/dxmods/scalarlist.c
Examining data/dx-4.4.4/src/exec/dxmods/scale.c
Examining data/dx-4.4.4/src/exec/dxmods/scalescreen.c
Examining data/dx-4.4.4/src/exec/dxmods/screen.c
Examining data/dx-4.4.4/src/exec/dxmods/._select.c
Examining data/dx-4.4.4/src/exec/dxmods/select.c
Examining data/dx-4.4.4/src/exec/dxmods/._selector.c
Examining data/dx-4.4.4/src/exec/dxmods/selector.c
Examining data/dx-4.4.4/src/exec/dxmods/._separate.c
Examining data/dx-4.4.4/src/exec/dxmods/separate.c
Examining data/dx-4.4.4/src/exec/dxmods/separate.h
Examining data/dx-4.4.4/src/exec/dxmods/sequencer.c
Examining data/dx-4.4.4/src/exec/dxmods/shade.c
Examining data/dx-4.4.4/src/exec/dxmods/showboundary.h
Examining data/dx-4.4.4/src/exec/dxmods/showbox.c
Examining data/dx-4.4.4/src/exec/dxmods/showconnect.c
Examining data/dx-4.4.4/src/exec/dxmods/showposition.c
Examining data/dx-4.4.4/src/exec/dxmods/._simplesurf.c
Examining data/dx-4.4.4/src/exec/dxmods/simplesurf.c
Examining data/dx-4.4.4/src/exec/dxmods/simplesurf.h
Examining data/dx-4.4.4/src/exec/dxmods/slab.c
Examining data/dx-4.4.4/src/exec/dxmods/._slice.c
Examining data/dx-4.4.4/src/exec/dxmods/slice.c
Examining data/dx-4.4.4/src/exec/dxmods/._socketconnect.c
Examining data/dx-4.4.4/src/exec/dxmods/socketconnect.c
Examining data/dx-4.4.4/src/exec/dxmods/._sort.c
Examining data/dx-4.4.4/src/exec/dxmods/sort.c
Examining data/dx-4.4.4/src/exec/dxmods/._stack.c
Examining data/dx-4.4.4/src/exec/dxmods/stack.c
Examining data/dx-4.4.4/src/exec/dxmods/statistics.c
Examining data/dx-4.4.4/src/exec/dxmods/streakline.c
Examining data/dx-4.4.4/src/exec/dxmods/stream.h
Examining data/dx-4.4.4/src/exec/dxmods/streamline.c
Examining data/dx-4.4.4/src/exec/dxmods/._stringlegend.c
Examining data/dx-4.4.4/src/exec/dxmods/stringlegend.c
Examining data/dx-4.4.4/src/exec/dxmods/superstate.c
Examining data/dx-4.4.4/src/exec/dxmods/superwin.c
Examining data/dx-4.4.4/src/exec/dxmods/superwin.h
Examining data/dx-4.4.4/src/exec/dxmods/._superwinW.c
Examining data/dx-4.4.4/src/exec/dxmods/superwinW.c
Examining data/dx-4.4.4/src/exec/dxmods/superwinX.c
Examining data/dx-4.4.4/src/exec/dxmods/switch.c
Examining data/dx-4.4.4/src/exec/dxmods/system.c
Examining data/dx-4.4.4/src/exec/dxmods/text.c
Examining data/dx-4.4.4/src/exec/dxmods/._toggle.c
Examining data/dx-4.4.4/src/exec/dxmods/toggle.c
Examining data/dx-4.4.4/src/exec/dxmods/._trace.c
Examining data/dx-4.4.4/src/exec/dxmods/trace.c
Examining data/dx-4.4.4/src/exec/dxmods/trace.h
Examining data/dx-4.4.4/src/exec/dxmods/tracevisual.c
Examining data/dx-4.4.4/src/exec/dxmods/transform.c
Examining data/dx-4.4.4/src/exec/dxmods/translate.c
Examining data/dx-4.4.4/src/exec/dxmods/transpose.c
Examining data/dx-4.4.4/src/exec/dxmods/tube.c
Examining data/dx-4.4.4/src/exec/dxmods/._unmark.c
Examining data/dx-4.4.4/src/exec/dxmods/unmark.c
Examining data/dx-4.4.4/src/exec/dxmods/unpart.h
Examining data/dx-4.4.4/src/exec/dxmods/._usage.c
Examining data/dx-4.4.4/src/exec/dxmods/usage.c
Examining data/dx-4.4.4/src/exec/dxmods/user.c
Examining data/dx-4.4.4/src/exec/dxmods/usercm.c
Examining data/dx-4.4.4/src/exec/dxmods/userInteractors.h
Examining data/dx-4.4.4/src/exec/dxmods/._vector.c
Examining data/dx-4.4.4/src/exec/dxmods/vector.c
Examining data/dx-4.4.4/src/exec/dxmods/vectorlist.c
Examining data/dx-4.4.4/src/exec/dxmods/vectors.c
Examining data/dx-4.4.4/src/exec/dxmods/vectors.h
Examining data/dx-4.4.4/src/exec/dxmods/verify.c
Examining data/dx-4.4.4/src/exec/dxmods/verify.h
Examining data/dx-4.4.4/src/exec/dxmods/._visualobject.c
Examining data/dx-4.4.4/src/exec/dxmods/visualobject.c
Examining data/dx-4.4.4/src/exec/dxmods/vrml.c
Examining data/dx-4.4.4/src/exec/dxmods/vrml.h
Examining data/dx-4.4.4/src/exec/dxmods/vsincos.c
Examining data/dx-4.4.4/src/exec/dxmods/vsincos.h
Examining data/dx-4.4.4/src/exec/dxmods/writeimage.c
Examining data/dx-4.4.4/src/exec/dxmods/_im_image.c
Examining data/dx-4.4.4/src/exec/dxmods/showboundary.c
Examining data/dx-4.4.4/src/exec/dxmods/colormap.c
Examining data/dx-4.4.4/src/exec/dxmods/import_ss.c
Examining data/dx-4.4.4/src/exec/dxmods/inquire.c
Examining data/dx-4.4.4/src/exec/dxmods/_color.c
Examining data/dx-4.4.4/src/exec/dxmods/genimp_parse.c
Examining data/dx-4.4.4/src/exec/dxmods/_rubbersheet.c
Examining data/dx-4.4.4/src/exec/dxmods/equalize.c
Examining data/dx-4.4.4/src/exec/dxmods/histogram.c
Examining data/dx-4.4.4/src/exec/dxmods/_compoper.c
Examining data/dx-4.4.4/src/exec/dxmods/exp_gai.c
Examining data/dx-4.4.4/src/exec/dxmods/import_ncdf.c
Examining data/dx-4.4.4/src/exec/hwrender/gl/hwBackStore.c
Examining data/dx-4.4.4/src/exec/hwrender/gl/hwInteractorEchoGL.c
Examining data/dx-4.4.4/src/exec/hwrender/gl/hwLoad.c
Examining data/dx-4.4.4/src/exec/hwrender/gl/hwPortGL.h
Examining data/dx-4.4.4/src/exec/hwrender/gl/hwPortUtil.c
Examining data/dx-4.4.4/src/exec/hwrender/._hwClientMessage.c
Examining data/dx-4.4.4/src/exec/hwrender/hwClientMessage.c
Examining data/dx-4.4.4/src/exec/hwrender/hwClientMessage.h
Examining data/dx-4.4.4/src/exec/hwrender/hwClipped.c
Examining data/dx-4.4.4/src/exec/hwrender/hwClipped.h
Examining data/dx-4.4.4/src/exec/hwrender/._hwCursorInteractor.c
Examining data/dx-4.4.4/src/exec/hwrender/hwCursorInteractor.c
Examining data/dx-4.4.4/src/exec/hwrender/hwCursorInteractor.h
Examining data/dx-4.4.4/src/exec/hwrender/._hwDebug.h
Examining data/dx-4.4.4/src/exec/hwrender/hwDebug.h
Examining data/dx-4.4.4/src/exec/hwrender/hwDeclarations.h
Examining data/dx-4.4.4/src/exec/hwrender/hwDraw.c
Examining data/dx-4.4.4/src/exec/hwrender/hwFlags.h
Examining data/dx-4.4.4/src/exec/hwrender/._hwGather.c
Examining data/dx-4.4.4/src/exec/hwrender/hwGather.c
Examining data/dx-4.4.4/src/exec/hwrender/hwGather.h
Examining data/dx-4.4.4/src/exec/hwrender/._hwGlobeEchoDef.h
Examining data/dx-4.4.4/src/exec/hwrender/hwGlobeEchoDef.h
Examining data/dx-4.4.4/src/exec/hwrender/hwGroupInteractor.c
Examining data/dx-4.4.4/src/exec/hwrender/hwInitScreen.c
Examining data/dx-4.4.4/src/exec/hwrender/hwInteractor.c
Examining data/dx-4.4.4/src/exec/hwrender/hwInteractor.h
Examining data/dx-4.4.4/src/exec/hwrender/hwInteractorEcho.h
Examining data/dx-4.4.4/src/exec/hwrender/hwList.c
Examining data/dx-4.4.4/src/exec/hwrender/hwList.h
Examining data/dx-4.4.4/src/exec/hwrender/hwMaterials.c
Examining data/dx-4.4.4/src/exec/hwrender/hwMaterials.h
Examining data/dx-4.4.4/src/exec/hwrender/._hwMatrix.c
Examining data/dx-4.4.4/src/exec/hwrender/hwMatrix.c
Examining data/dx-4.4.4/src/exec/hwrender/hwMatrix.h
Examining data/dx-4.4.4/src/exec/hwrender/hwMemory.c
Examining data/dx-4.4.4/src/exec/hwrender/hwMemory.h
Examining data/dx-4.4.4/src/exec/hwrender/._hwNavigateInteractor.c
Examining data/dx-4.4.4/src/exec/hwrender/hwNavigateInteractor.c
Examining data/dx-4.4.4/src/exec/hwrender/hwObject.c
Examining data/dx-4.4.4/src/exec/hwrender/hwObject.h
Examining data/dx-4.4.4/src/exec/hwrender/hwObjectHash.c
Examining data/dx-4.4.4/src/exec/hwrender/hwObjectHash.h
Examining data/dx-4.4.4/src/exec/hwrender/._hwPaint.c
Examining data/dx-4.4.4/src/exec/hwrender/hwPaint.c
Examining data/dx-4.4.4/src/exec/hwrender/._hwPolyline.c
Examining data/dx-4.4.4/src/exec/hwrender/hwPolyline.c
Examining data/dx-4.4.4/src/exec/hwrender/hwPortHandle.c
Examining data/dx-4.4.4/src/exec/hwrender/._hwPortLayer.h
Examining data/dx-4.4.4/src/exec/hwrender/hwPortLayer.h
Examining data/dx-4.4.4/src/exec/hwrender/._hwQmesh.c
Examining data/dx-4.4.4/src/exec/hwrender/hwQmesh.c
Examining data/dx-4.4.4/src/exec/hwrender/hwQmesh.h
Examining data/dx-4.4.4/src/exec/hwrender/hwRender.c
Examining data/dx-4.4.4/src/exec/hwrender/._hwRotateInteractor.c
Examining data/dx-4.4.4/src/exec/hwrender/hwRotateInteractor.c
Examining data/dx-4.4.4/src/exec/hwrender/hwRotateInteractor.h
Examining data/dx-4.4.4/src/exec/hwrender/hwScreen.c
Examining data/dx-4.4.4/src/exec/hwrender/hwScreen.h
Examining data/dx-4.4.4/src/exec/hwrender/hwSort.c
Examining data/dx-4.4.4/src/exec/hwrender/hwSort.h
Examining data/dx-4.4.4/src/exec/hwrender/._hwStereo.c
Examining data/dx-4.4.4/src/exec/hwrender/hwStereo.c
Examining data/dx-4.4.4/src/exec/hwrender/hwStereo.h
Examining data/dx-4.4.4/src/exec/hwrender/hwStereoCams.c
Examining data/dx-4.4.4/src/exec/hwrender/._hwStereoSys.c
Examining data/dx-4.4.4/src/exec/hwrender/hwStereoSys.c
Examining data/dx-4.4.4/src/exec/hwrender/hwTexture.c
Examining data/dx-4.4.4/src/exec/hwrender/hwTmesh.h
Examining data/dx-4.4.4/src/exec/hwrender/._hwUpdateview.c
Examining data/dx-4.4.4/src/exec/hwrender/hwUpdateview.c
Examining data/dx-4.4.4/src/exec/hwrender/._hwUserInteractor.c
Examining data/dx-4.4.4/src/exec/hwrender/hwUserInteractor.c
Examining data/dx-4.4.4/src/exec/hwrender/hwUserInteractor.h
Examining data/dx-4.4.4/src/exec/hwrender/._hwView.c
Examining data/dx-4.4.4/src/exec/hwrender/hwView.c
Examining data/dx-4.4.4/src/exec/hwrender/hwView.h
Examining data/dx-4.4.4/src/exec/hwrender/hwWindow.c
Examining data/dx-4.4.4/src/exec/hwrender/hwWindow.h
Examining data/dx-4.4.4/src/exec/hwrender/hwXfield.c
Examining data/dx-4.4.4/src/exec/hwrender/hwXfield.h
Examining data/dx-4.4.4/src/exec/hwrender/hwZoomInteractor.c
Examining data/dx-4.4.4/src/exec/hwrender/hwZoomInteractor.h
Examining data/dx-4.4.4/src/exec/hwrender/opengl/hwDisplayListsOGL.c
Examining data/dx-4.4.4/src/exec/hwrender/opengl/._hwInteractorEchoOGL.c
Examining data/dx-4.4.4/src/exec/hwrender/opengl/hwInteractorEchoOGL.c
Examining data/dx-4.4.4/src/exec/hwrender/opengl/hwLoadOGL.c
Examining data/dx-4.4.4/src/exec/hwrender/opengl/hwPortOGL.c
Examining data/dx-4.4.4/src/exec/hwrender/opengl/hwPortOGL.h
Examining data/dx-4.4.4/src/exec/hwrender/opengl/hwPortUtilOGL.c
Examining data/dx-4.4.4/src/exec/hwrender/starbase/hwBoundingBoxDrawSB.c
Examining data/dx-4.4.4/src/exec/hwrender/starbase/hwCacheUtilSB.c
Examining data/dx-4.4.4/src/exec/hwrender/starbase/hwCacheUtilSB.h
Examining data/dx-4.4.4/src/exec/hwrender/starbase/hwCubeDrawSB.c
Examining data/dx-4.4.4/src/exec/hwrender/starbase/hwInteractorEchoSB.c
Examining data/dx-4.4.4/src/exec/hwrender/starbase/hwLineDrawSB.c
Examining data/dx-4.4.4/src/exec/hwrender/starbase/hwLoad.c
Examining data/dx-4.4.4/src/exec/hwrender/starbase/hwMeshDrawSB.c.h
Examining data/dx-4.4.4/src/exec/hwrender/starbase/hwPlineDrawSB.c
Examining data/dx-4.4.4/src/exec/hwrender/starbase/hwPolygonDrawSB.c.h
Examining data/dx-4.4.4/src/exec/hwrender/starbase/hwPolyhedraDrawSB.c.h
Examining data/dx-4.4.4/src/exec/hwrender/starbase/hwPolylineDrawSB.c
Examining data/dx-4.4.4/src/exec/hwrender/starbase/._hwPortSB.c
Examining data/dx-4.4.4/src/exec/hwrender/starbase/hwPortSB.c
Examining data/dx-4.4.4/src/exec/hwrender/starbase/hwPortSB.h
Examining data/dx-4.4.4/src/exec/hwrender/starbase/hwQmeshDrawSB.c
Examining data/dx-4.4.4/src/exec/hwrender/starbase/hwQuadDrawSB.c
Examining data/dx-4.4.4/src/exec/hwrender/starbase/hwStub.c
Examining data/dx-4.4.4/src/exec/hwrender/starbase/hwTetraDrawSB.c
Examining data/dx-4.4.4/src/exec/hwrender/starbase/hwTmeshDrawSB.c
Examining data/dx-4.4.4/src/exec/hwrender/starbase/hwTriDrawSB.c
Examining data/dx-4.4.4/src/exec/hwrender/starbase/hwUnconPointDrawSB.c
Examining data/dx-4.4.4/src/exec/hwrender/starbase/hwWinSB.c
Examining data/dx-4.4.4/src/exec/hwrender/starbase/sbutils.c.h
Examining data/dx-4.4.4/src/exec/hwrender/starbase/wsutils.c
Examining data/dx-4.4.4/src/exec/hwrender/starbase/wsutils.h
Examining data/dx-4.4.4/src/exec/hwrender/xgl/hwBoundingBoxDraw.c
Examining data/dx-4.4.4/src/exec/hwrender/xgl/hwCacheUtilXGL.c
Examining data/dx-4.4.4/src/exec/hwrender/xgl/hwCacheUtilXGL.h
Examining data/dx-4.4.4/src/exec/hwrender/xgl/hwCubeDraw.c
Examining data/dx-4.4.4/src/exec/hwrender/xgl/hwInteractorEchoXGL.c
Examining data/dx-4.4.4/src/exec/hwrender/xgl/hwLineDraw.c
Examining data/dx-4.4.4/src/exec/hwrender/xgl/hwLoad.c
Examining data/dx-4.4.4/src/exec/hwrender/xgl/hwMeshDraw.c.h
Examining data/dx-4.4.4/src/exec/hwrender/xgl/hwPlineDraw.c
Examining data/dx-4.4.4/src/exec/hwrender/xgl/hwPolygonDraw.c
Examining data/dx-4.4.4/src/exec/hwrender/xgl/hwPolyhedraDrawXGL.c.h
Examining data/dx-4.4.4/src/exec/hwrender/xgl/hwPolylineDraw.c
Examining data/dx-4.4.4/src/exec/hwrender/xgl/hwPortXGL.c
Examining data/dx-4.4.4/src/exec/hwrender/xgl/hwPortXGL.h
Examining data/dx-4.4.4/src/exec/hwrender/xgl/hwQmeshDraw.c
Examining data/dx-4.4.4/src/exec/hwrender/xgl/hwStub.c
Examining data/dx-4.4.4/src/exec/hwrender/xgl/hwTetraDraw.c
Examining data/dx-4.4.4/src/exec/hwrender/xgl/hwTmeshDraw.c
Examining data/dx-4.4.4/src/exec/hwrender/xgl/hwUnconPointDraw.c
Examining data/dx-4.4.4/src/exec/hwrender/hwTmesh.c
Examining data/dx-4.4.4/src/exec/libdx/array.c
Examining data/dx-4.4.4/src/exec/libdx/arrayClass.c
Examining data/dx-4.4.4/src/exec/libdx/axes.c
Examining data/dx-4.4.4/src/exec/libdx/basic.c
Examining data/dx-4.4.4/src/exec/libdx/binSort.c
Examining data/dx-4.4.4/src/exec/libdx/binSort.h
Examining data/dx-4.4.4/src/exec/libdx/box.c
Examining data/dx-4.4.4/src/exec/libdx/buffer.c
Examining data/dx-4.4.4/src/exec/libdx/._callm_init.c
Examining data/dx-4.4.4/src/exec/libdx/callm_init.c
Examining data/dx-4.4.4/src/exec/libdx/callm_winit.c
Examining data/dx-4.4.4/src/exec/libdx/callm_xinit.c
Examining data/dx-4.4.4/src/exec/libdx/cameraClass.c
Examining data/dx-4.4.4/src/exec/libdx/._client.c
Examining data/dx-4.4.4/src/exec/libdx/client.c
Examining data/dx-4.4.4/src/exec/libdx/clipped.c
Examining data/dx-4.4.4/src/exec/libdx/clippedClass.c
Examining data/dx-4.4.4/src/exec/libdx/component.c
Examining data/dx-4.4.4/src/exec/libdx/composite.c
Examining data/dx-4.4.4/src/exec/libdx/cstarray.c
Examining data/dx-4.4.4/src/exec/libdx/cubesII.c
Examining data/dx-4.4.4/src/exec/libdx/cubesIIClass.c
Examining data/dx-4.4.4/src/exec/libdx/cubesRR.c
Examining data/dx-4.4.4/src/exec/libdx/cubesRRClass.c
Examining data/dx-4.4.4/src/exec/libdx/diskio.h
Examining data/dx-4.4.4/src/exec/libdx/displayfb.c
Examining data/dx-4.4.4/src/exec/libdx/displayutil.c
Examining data/dx-4.4.4/src/exec/libdx/._displayutil.h
Examining data/dx-4.4.4/src/exec/libdx/displayutil.h
Examining data/dx-4.4.4/src/exec/libdx/displayw.c
Examining data/dx-4.4.4/src/exec/libdx/displayw.h
Examining data/dx-4.4.4/src/exec/libdx/displayx.c
Examining data/dx-4.4.4/src/exec/libdx/displayx.h
Examining data/dx-4.4.4/src/exec/libdx/._edf.h
Examining data/dx-4.4.4/src/exec/libdx/edf.h
Examining data/dx-4.4.4/src/exec/libdx/edfdata.c
Examining data/dx-4.4.4/src/exec/libdx/edfdict.c
Examining data/dx-4.4.4/src/exec/libdx/._edfio.c
Examining data/dx-4.4.4/src/exec/libdx/edfio.c
Examining data/dx-4.4.4/src/exec/libdx/edflex.c
Examining data/dx-4.4.4/src/exec/libdx/edfobj.c
Examining data/dx-4.4.4/src/exec/libdx/edfparse.c
Examining data/dx-4.4.4/src/exec/libdx/._edfprint.c
Examining data/dx-4.4.4/src/exec/libdx/edfprint.c
Examining data/dx-4.4.4/src/exec/libdx/field.c
Examining data/dx-4.4.4/src/exec/libdx/fieldClass.c
Examining data/dx-4.4.4/src/exec/libdx/fieldinterp.c
Examining data/dx-4.4.4/src/exec/libdx/fieldinterpClass.c
Examining data/dx-4.4.4/src/exec/libdx/fle2D.c
Examining data/dx-4.4.4/src/exec/libdx/fle2DClass.c
Examining data/dx-4.4.4/src/exec/libdx/gather.c
Examining data/dx-4.4.4/src/exec/libdx/group.c
Examining data/dx-4.4.4/src/exec/libdx/groupClass.c
Examining data/dx-4.4.4/src/exec/libdx/groupinterp.c
Examining data/dx-4.4.4/src/exec/libdx/groupinterpClass.c
Examining data/dx-4.4.4/src/exec/libdx/grow.c
Examining data/dx-4.4.4/src/exec/libdx/._hash.c
Examining data/dx-4.4.4/src/exec/libdx/hash.c
Examining data/dx-4.4.4/src/exec/libdx/helper.c
Examining data/dx-4.4.4/src/exec/libdx/image.c
Examining data/dx-4.4.4/src/exec/libdx/init.c
Examining data/dx-4.4.4/src/exec/libdx/internals.h
Examining data/dx-4.4.4/src/exec/libdx/interp.c
Examining data/dx-4.4.4/src/exec/libdx/interpClass.c
Examining data/dx-4.4.4/src/exec/libdx/invalid.c
Examining data/dx-4.4.4/src/exec/libdx/irreggrow.c
Examining data/dx-4.4.4/src/exec/libdx/lbcache.c
Examining data/dx-4.4.4/src/exec/libdx/._lbcamera.c
Examining data/dx-4.4.4/src/exec/libdx/lbcamera.c
Examining data/dx-4.4.4/src/exec/libdx/lbextract.c
Examining data/dx-4.4.4/src/exec/libdx/lbgrid.c
Examining data/dx-4.4.4/src/exec/libdx/lblight.c
Examining data/dx-4.4.4/src/exec/libdx/lbmap.c
Examining data/dx-4.4.4/src/exec/libdx/lbmsgs.c
Examining data/dx-4.4.4/src/exec/libdx/lbmsgs.h
Examining data/dx-4.4.4/src/exec/libdx/lbpartition.c
Examining data/dx-4.4.4/src/exec/libdx/lbpick.c
Examining data/dx-4.4.4/src/exec/libdx/._lbprint.c
Examining data/dx-4.4.4/src/exec/libdx/lbprint.c
Examining data/dx-4.4.4/src/exec/libdx/lbprivate.c
Examining data/dx-4.4.4/src/exec/libdx/lbscreen.c
Examining data/dx-4.4.4/src/exec/libdx/lbshade.c
Examining data/dx-4.4.4/src/exec/libdx/lbtask.c
Examining data/dx-4.4.4/src/exec/libdx/lbtransform.c
Examining data/dx-4.4.4/src/exec/libdx/lbvector.c
Examining data/dx-4.4.4/src/exec/libdx/lightClass.c
Examining data/dx-4.4.4/src/exec/libdx/line.c
Examining data/dx-4.4.4/src/exec/libdx/linesII1D.c
Examining data/dx-4.4.4/src/exec/libdx/linesII1DClass.c
Examining data/dx-4.4.4/src/exec/libdx/linesRI1D.c
Examining data/dx-4.4.4/src/exec/libdx/linesRI1DClass.c
Examining data/dx-4.4.4/src/exec/libdx/linesRR1D.c
Examining data/dx-4.4.4/src/exec/libdx/linesRR1DClass.c
Examining data/dx-4.4.4/src/exec/libdx/matrix.c
Examining data/dx-4.4.4/src/exec/libdx/mem.c
Examining data/dx-4.4.4/src/exec/libdx/memorystubs.c
Examining data/dx-4.4.4/src/exec/libdx/mesharray.c
Examining data/dx-4.4.4/src/exec/libdx/multigrid.c
Examining data/dx-4.4.4/src/exec/libdx/._neighbors.c
Examining data/dx-4.4.4/src/exec/libdx/neighbors.c
Examining data/dx-4.4.4/src/exec/libdx/._notify.c
Examining data/dx-4.4.4/src/exec/libdx/notify.c
Examining data/dx-4.4.4/src/exec/libdx/object.c
Examining data/dx-4.4.4/src/exec/libdx/objectClass.c
Examining data/dx-4.4.4/src/exec/libdx/outglue.c
Examining data/dx-4.4.4/src/exec/libdx/paint.c
Examining data/dx-4.4.4/src/exec/libdx/partreg.c
Examining data/dx-4.4.4/src/exec/libdx/parts.c
Examining data/dx-4.4.4/src/exec/libdx/patharray.c
Examining data/dx-4.4.4/src/exec/libdx/permute.c
Examining data/dx-4.4.4/src/exec/libdx/plane.c
Examining data/dx-4.4.4/src/exec/libdx/plock.h
Examining data/dx-4.4.4/src/exec/libdx/point.c
Examining data/dx-4.4.4/src/exec/libdx/privateClass.c
Examining data/dx-4.4.4/src/exec/libdx/productarray.c
Examining data/dx-4.4.4/src/exec/libdx/qmessage.c
Examining data/dx-4.4.4/src/exec/libdx/qsort.c
Examining data/dx-4.4.4/src/exec/libdx/quad.c
Examining data/dx-4.4.4/src/exec/libdx/quadsII2D.c
Examining data/dx-4.4.4/src/exec/libdx/quadsII2DClass.c
Examining data/dx-4.4.4/src/exec/libdx/quadsRR2D.c
Examining data/dx-4.4.4/src/exec/libdx/quadsRR2DClass.c
Examining data/dx-4.4.4/src/exec/libdx/._reggrow.c
Examining data/dx-4.4.4/src/exec/libdx/reggrow.c
Examining data/dx-4.4.4/src/exec/libdx/regulararray.c
Examining data/dx-4.4.4/src/exec/libdx/._render.h
Examining data/dx-4.4.4/src/exec/libdx/render.h
Examining data/dx-4.4.4/src/exec/libdx/renderstubs.c
Examining data/dx-4.4.4/src/exec/libdx/rwobject.c
Examining data/dx-4.4.4/src/exec/libdx/screenClass.c
Examining data/dx-4.4.4/src/exec/libdx/seglist.c
Examining data/dx-4.4.4/src/exec/libdx/series.c
Examining data/dx-4.4.4/src/exec/libdx/sharedarray.c
Examining data/dx-4.4.4/src/exec/libdx/stats.c
Examining data/dx-4.4.4/src/exec/libdx/string.c
Examining data/dx-4.4.4/src/exec/libdx/stringClass.c
Examining data/dx-4.4.4/src/exec/libdx/stringtable.c
Examining data/dx-4.4.4/src/exec/libdx/tetras.c
Examining data/dx-4.4.4/src/exec/libdx/tetrasClass.c
Examining data/dx-4.4.4/src/exec/libdx/tile.c
Examining data/dx-4.4.4/src/exec/libdx/timing.c
Examining data/dx-4.4.4/src/exec/libdx/triangle.c
Examining data/dx-4.4.4/src/exec/libdx/._triangles.h
Examining data/dx-4.4.4/src/exec/libdx/triangles.h
Examining data/dx-4.4.4/src/exec/libdx/trisRI2D.c
Examining data/dx-4.4.4/src/exec/libdx/trisRI2DClass.c
Examining data/dx-4.4.4/src/exec/libdx/userinit.c
Examining data/dx-4.4.4/src/exec/libdx/v3.c
Examining data/dx-4.4.4/src/exec/libdx/version.c
Examining data/dx-4.4.4/src/exec/libdx/volume.c
Examining data/dx-4.4.4/src/exec/libdx/windows.c
Examining data/dx-4.4.4/src/exec/libdx/xfield.c
Examining data/dx-4.4.4/src/exec/libdx/xform.c
Examining data/dx-4.4.4/src/exec/libdx/xformClass.c
Examining data/dx-4.4.4/src/exec/libdx/xwindow.c
Examining data/dx-4.4.4/src/exec/libdx/zclip.h
Examining data/dx-4.4.4/src/exec/libdx/zclipQ.c
Examining data/dx-4.4.4/src/exec/libdx/zclipT.c
Examining data/dx-4.4.4/src/exec/libdx/memory.c
Examining data/dx-4.4.4/src/exec/libdx/fileio.c
Examining data/dx-4.4.4/src/exec/libdx/plock.c
Examining data/dx-4.4.4/src/exec/libdx/lbcolor.c
Examining data/dx-4.4.4/src/exec/libdx/lbmessage.c
Examining data/dx-4.4.4/src/exec/libdx/lbtext.c
Examining data/dx-4.4.4/src/exec/libdx/lock.c
Examining data/dx-4.4.4/src/misc/dx.h
Examining data/dx-4.4.4/src/misc/utils.c
Examining data/dx-4.4.4/src/misc/utils.h
Examining data/dx-4.4.4/src/misc/dx.c
Examining data/dx-4.4.4/src/uipp/base/ActiveItemDictionary.h
Examining data/dx-4.4.4/src/uipp/base/AllocatorDictionary.h
Examining data/dx-4.4.4/src/uipp/base/._Application.C
Examining data/dx-4.4.4/src/uipp/base/._Application.h
Examining data/dx-4.4.4/src/uipp/base/ApplyFileDialog.C
Examining data/dx-4.4.4/src/uipp/base/ApplyFileDialog.h
Examining data/dx-4.4.4/src/uipp/base/Base.h
Examining data/dx-4.4.4/src/uipp/base/ButtonInterface.C
Examining data/dx-4.4.4/src/uipp/base/ButtonInterface.h
Examining data/dx-4.4.4/src/uipp/base/CascadeMenu.C
Examining data/dx-4.4.4/src/uipp/base/CascadeMenu.h
Examining data/dx-4.4.4/src/uipp/base/Client.h
Examining data/dx-4.4.4/src/uipp/base/CloseWindowCommand.C
Examining data/dx-4.4.4/src/uipp/base/CloseWindowCommand.h
Examining data/dx-4.4.4/src/uipp/base/CmdEntry.C
Examining data/dx-4.4.4/src/uipp/base/CmdEntry.h
Examining data/dx-4.4.4/src/uipp/base/Command.C
Examining data/dx-4.4.4/src/uipp/base/Command.h
Examining data/dx-4.4.4/src/uipp/base/CommandInterface.C
Examining data/dx-4.4.4/src/uipp/base/CommandInterface.h
Examining data/dx-4.4.4/src/uipp/base/CommandScope.h
Examining data/dx-4.4.4/src/uipp/base/ConfirmedCommand.C
Examining data/dx-4.4.4/src/uipp/base/ConfirmedCommand.h
Examining data/dx-4.4.4/src/uipp/base/DefaultingDictionary.h
Examining data/dx-4.4.4/src/uipp/base/DeferrableAction.C
Examining data/dx-4.4.4/src/uipp/base/DeferrableAction.h
Examining data/dx-4.4.4/src/uipp/base/defines.h
Examining data/dx-4.4.4/src/uipp/base/Definition.h
Examining data/dx-4.4.4/src/uipp/base/Dialog.C
Examining data/dx-4.4.4/src/uipp/base/Dialog.h
Examining data/dx-4.4.4/src/uipp/base/DialogData.h
Examining data/dx-4.4.4/src/uipp/base/DialogManager.C
Examining data/dx-4.4.4/src/uipp/base/DialogManager.h
Examining data/dx-4.4.4/src/uipp/base/Dictionary.C
Examining data/dx-4.4.4/src/uipp/base/Dictionary.h
Examining data/dx-4.4.4/src/uipp/base/DictionaryIterator.h
Examining data/dx-4.4.4/src/uipp/base/DragSource.C
Examining data/dx-4.4.4/src/uipp/base/DragSource.h
Examining data/dx-4.4.4/src/uipp/base/DropSite.C
Examining data/dx-4.4.4/src/uipp/base/DropSite.h
Examining data/dx-4.4.4/src/uipp/base/DXStrings.h
Examining data/dx-4.4.4/src/uipp/base/DXTensor.C
Examining data/dx-4.4.4/src/uipp/base/DXTensor.h
Examining data/dx-4.4.4/src/uipp/base/DXType.C
Examining data/dx-4.4.4/src/uipp/base/DXType.h
Examining data/dx-4.4.4/src/uipp/base/DXValue.C
Examining data/dx-4.4.4/src/uipp/base/DXValue.h
Examining data/dx-4.4.4/src/uipp/base/DynamicResource.C
Examining data/dx-4.4.4/src/uipp/base/DynamicResource.h
Examining data/dx-4.4.4/src/uipp/base/ErrorDialogManager.C
Examining data/dx-4.4.4/src/uipp/base/ErrorDialogManager.h
Examining data/dx-4.4.4/src/uipp/base/FileDialog.C
Examining data/dx-4.4.4/src/uipp/base/FileDialog.h
Examining data/dx-4.4.4/src/uipp/base/help.h
Examining data/dx-4.4.4/src/uipp/base/helpcallbacks.c
Examining data/dx-4.4.4/src/uipp/base/helplist.c
Examining data/dx-4.4.4/src/uipp/base/helplist.h
Examining data/dx-4.4.4/src/uipp/base/HelpMenuCommand.C
Examining data/dx-4.4.4/src/uipp/base/HelpMenuCommand.h
Examining data/dx-4.4.4/src/uipp/base/HelpOnContextCommand.C
Examining data/dx-4.4.4/src/uipp/base/HelpOnContextCommand.h
Examining data/dx-4.4.4/src/uipp/base/helpstack.c
Examining data/dx-4.4.4/src/uipp/base/helpstack.h
Examining data/dx-4.4.4/src/uipp/base/._HelpWin.C
Examining data/dx-4.4.4/src/uipp/base/HelpWin.C
Examining data/dx-4.4.4/src/uipp/base/HelpWin.h
Examining data/dx-4.4.4/src/uipp/base/history.c
Examining data/dx-4.4.4/src/uipp/base/history.h
Examining data/dx-4.4.4/src/uipp/base/IBMMainWindow.C
Examining data/dx-4.4.4/src/uipp/base/IBMMainWindow.h
Examining data/dx-4.4.4/src/uipp/base/IBMVersion.h
Examining data/dx-4.4.4/src/uipp/base/icon50.h
Examining data/dx-4.4.4/src/uipp/base/InfoDialogManager.C
Examining data/dx-4.4.4/src/uipp/base/InfoDialogManager.h
Examining data/dx-4.4.4/src/uipp/base/lex.C
Examining data/dx-4.4.4/src/uipp/base/lex.h
Examining data/dx-4.4.4/src/uipp/base/License.C
Examining data/dx-4.4.4/src/uipp/base/License.h
Examining data/dx-4.4.4/src/uipp/base/Link.C
Examining data/dx-4.4.4/src/uipp/base/Link.h
Examining data/dx-4.4.4/src/uipp/base/List.C
Examining data/dx-4.4.4/src/uipp/base/List.h
Examining data/dx-4.4.4/src/uipp/base/ListEditor.C
Examining data/dx-4.4.4/src/uipp/base/ListEditor.h
Examining data/dx-4.4.4/src/uipp/base/ListIterator.C
Examining data/dx-4.4.4/src/uipp/base/ListIterator.h
Examining data/dx-4.4.4/src/uipp/base/logo.h
Examining data/dx-4.4.4/src/uipp/base/MainWindow.C
Examining data/dx-4.4.4/src/uipp/base/._MainWindow.h
Examining data/dx-4.4.4/src/uipp/base/MainWindow.h
Examining data/dx-4.4.4/src/uipp/base/NoOpCommand.C
Examining data/dx-4.4.4/src/uipp/base/NoOpCommand.h
Examining data/dx-4.4.4/src/uipp/base/Notebook.C
Examining data/dx-4.4.4/src/uipp/base/Notebook.h
Examining data/dx-4.4.4/src/uipp/base/NotebookTab.C
Examining data/dx-4.4.4/src/uipp/base/NotebookTab.h
Examining data/dx-4.4.4/src/uipp/base/NoUndoCommand.C
Examining data/dx-4.4.4/src/uipp/base/NoUndoCommand.h
Examining data/dx-4.4.4/src/uipp/base/NoUndoHelpCmd.C
Examining data/dx-4.4.4/src/uipp/base/NoUndoHelpCmd.h
Examining data/dx-4.4.4/src/uipp/base/OptionalPreActionCommand.C
Examining data/dx-4.4.4/src/uipp/base/OptionalPreActionCommand.h
Examining data/dx-4.4.4/src/uipp/base/parse.c
Examining data/dx-4.4.4/src/uipp/base/PreActionCommand.C
Examining data/dx-4.4.4/src/uipp/base/PreActionCommand.h
Examining data/dx-4.4.4/src/uipp/base/QuestionDialogManager.C
Examining data/dx-4.4.4/src/uipp/base/QuestionDialogManager.h
Examining data/dx-4.4.4/src/uipp/base/QuitCommand.C
Examining data/dx-4.4.4/src/uipp/base/QuitCommand.h
Examining data/dx-4.4.4/src/uipp/base/RepeatingToggle.C
Examining data/dx-4.4.4/src/uipp/base/RepeatingToggle.h
Examining data/dx-4.4.4/src/uipp/base/SaveFileDialog.C
Examining data/dx-4.4.4/src/uipp/base/SaveFileDialog.h
Examining data/dx-4.4.4/src/uipp/base/._Server.C
Examining data/dx-4.4.4/src/uipp/base/Server.C
Examining data/dx-4.4.4/src/uipp/base/Server.h
Examining data/dx-4.4.4/src/uipp/base/SetNameDialog.C
Examining data/dx-4.4.4/src/uipp/base/SetNameDialog.h
Examining data/dx-4.4.4/src/uipp/base/Stack.C
Examining data/dx-4.4.4/src/uipp/base/Stack.h
Examining data/dx-4.4.4/src/uipp/base/._StartWebBrowser.C
Examining data/dx-4.4.4/src/uipp/base/StartWebBrowser.h
Examining data/dx-4.4.4/src/uipp/base/Strings.C
Examining data/dx-4.4.4/src/uipp/base/._StringTable.C
Examining data/dx-4.4.4/src/uipp/base/StringTable.C
Examining data/dx-4.4.4/src/uipp/base/._StringTable.h
Examining data/dx-4.4.4/src/uipp/base/StringTable.h
Examining data/dx-4.4.4/src/uipp/base/SymbolManager.C
Examining data/dx-4.4.4/src/uipp/base/._SymbolManager.h
Examining data/dx-4.4.4/src/uipp/base/SymbolManager.h
Examining data/dx-4.4.4/src/uipp/base/TemporaryLicense.C
Examining data/dx-4.4.4/src/uipp/base/TemporaryLicense.h
Examining data/dx-4.4.4/src/uipp/base/TextEditDialog.C
Examining data/dx-4.4.4/src/uipp/base/TextEditDialog.h
Examining data/dx-4.4.4/src/uipp/base/TextFile.C
Examining data/dx-4.4.4/src/uipp/base/TextFile.h
Examining data/dx-4.4.4/src/uipp/base/TextFileFileDialog.C
Examining data/dx-4.4.4/src/uipp/base/TextFileFileDialog.h
Examining data/dx-4.4.4/src/uipp/base/TextPopup.C
Examining data/dx-4.4.4/src/uipp/base/TextPopup.h
Examining data/dx-4.4.4/src/uipp/base/TextSelector.C
Examining data/dx-4.4.4/src/uipp/base/TextSelector.h
Examining data/dx-4.4.4/src/uipp/base/TimedDialog.C
Examining data/dx-4.4.4/src/uipp/base/TimedDialog.h
Examining data/dx-4.4.4/src/uipp/base/._TimedMessage.C
Examining data/dx-4.4.4/src/uipp/base/TimedMessage.C
Examining data/dx-4.4.4/src/uipp/base/TimedMessage.h
Examining data/dx-4.4.4/src/uipp/base/ToggleButtonInterface.C
Examining data/dx-4.4.4/src/uipp/base/ToggleButtonInterface.h
Examining data/dx-4.4.4/src/uipp/base/TransferStyle.C
Examining data/dx-4.4.4/src/uipp/base/TransferStyle.h
Examining data/dx-4.4.4/src/uipp/base/._TreeNode.h
Examining data/dx-4.4.4/src/uipp/base/TreeNode.h
Examining data/dx-4.4.4/src/uipp/base/TreeView.h
Examining data/dx-4.4.4/src/uipp/base/._UIComponent.C
Examining data/dx-4.4.4/src/uipp/base/UIComponent.C
Examining data/dx-4.4.4/src/uipp/base/._UIComponent.h
Examining data/dx-4.4.4/src/uipp/base/UIComponent.h
Examining data/dx-4.4.4/src/uipp/base/UIComponentHelpCommand.C
Examining data/dx-4.4.4/src/uipp/base/UIComponentHelpCommand.h
Examining data/dx-4.4.4/src/uipp/base/UIConfig.h
Examining data/dx-4.4.4/src/uipp/base/UndoCommand.C
Examining data/dx-4.4.4/src/uipp/base/UndoCommand.h
Examining data/dx-4.4.4/src/uipp/base/util.C
Examining data/dx-4.4.4/src/uipp/base/WarningDialogManager.C
Examining data/dx-4.4.4/src/uipp/base/WarningDialogManager.h
Examining data/dx-4.4.4/src/uipp/base/WizardDialog.C
Examining data/dx-4.4.4/src/uipp/base/WizardDialog.h
Examining data/dx-4.4.4/src/uipp/base/WorkSpace.C
Examining data/dx-4.4.4/src/uipp/base/WorkSpace.h
Examining data/dx-4.4.4/src/uipp/base/WorkSpaceGrid.C
Examining data/dx-4.4.4/src/uipp/base/WorkSpaceGrid.h
Examining data/dx-4.4.4/src/uipp/base/WorkSpaceInfo.C
Examining data/dx-4.4.4/src/uipp/base/WorkSpaceInfo.h
Examining data/dx-4.4.4/src/uipp/base/WorkSpacePage.h
Examining data/dx-4.4.4/src/uipp/base/WorkSpaceRoot.C
Examining data/dx-4.4.4/src/uipp/base/WorkSpaceRoot.h
Examining data/dx-4.4.4/src/uipp/base/XHandler.C
Examining data/dx-4.4.4/src/uipp/base/XHandler.h
Examining data/dx-4.4.4/src/uipp/base/XmUtility.C
Examining data/dx-4.4.4/src/uipp/base/XmUtility.h
Examining data/dx-4.4.4/src/uipp/base/Application.C
Examining data/dx-4.4.4/src/uipp/base/Application.h
Examining data/dx-4.4.4/src/uipp/base/IBMApplication.h
Examining data/dx-4.4.4/src/uipp/base/help.c
Examining data/dx-4.4.4/src/uipp/base/StartWebBrowser.C
Examining data/dx-4.4.4/src/uipp/base/IBMApplication.C
Examining data/dx-4.4.4/src/uipp/base/TreeView.C
Examining data/dx-4.4.4/src/uipp/dxl/close.c
Examining data/dx-4.4.4/src/uipp/dxl/connect.c
Examining data/dx-4.4.4/src/uipp/dxl/dict.c
Examining data/dx-4.4.4/src/uipp/dxl/dict.h
Examining data/dx-4.4.4/src/uipp/dxl/dxlP.h
Examining data/dx-4.4.4/src/uipp/dxl/execute.c
Examining data/dx-4.4.4/src/uipp/dxl/exit.c
Examining data/dx-4.4.4/src/uipp/dxl/handlers.c
Examining data/dx-4.4.4/src/uipp/dxl/load.c
Examining data/dx-4.4.4/src/uipp/dxl/object.c
Examining data/dx-4.4.4/src/uipp/dxl/._open.c
Examining data/dx-4.4.4/src/uipp/dxl/open.c
Examining data/dx-4.4.4/src/uipp/dxl/os2.c
Examining data/dx-4.4.4/src/uipp/dxl/query.c
Examining data/dx-4.4.4/src/uipp/dxl/save.c
Examining data/dx-4.4.4/src/uipp/dxl/._send.c
Examining data/dx-4.4.4/src/uipp/dxl/send.c
Examining data/dx-4.4.4/src/uipp/dxl/sequencer.c
Examining data/dx-4.4.4/src/uipp/dxl/socket.c
Examining data/dx-4.4.4/src/uipp/dxl/value.c
Examining data/dx-4.4.4/src/uipp/dxl/windows.c
Examining data/dx-4.4.4/src/uipp/dxl/x11.c
Examining data/dx-4.4.4/src/uipp/dxl/conn.c
Examining data/dx-4.4.4/src/uipp/dxui/AccessNetworkPanelsCommand.C
Examining data/dx-4.4.4/src/uipp/dxui/AccessNetworkPanelsCommand.h
Examining data/dx-4.4.4/src/uipp/dxui/ColormapDefinition.C
Examining data/dx-4.4.4/src/uipp/dxui/ColormapDefinition.h
Examining data/dx-4.4.4/src/uipp/dxui/ColormapEditCommand.C
Examining data/dx-4.4.4/src/uipp/dxui/ColormapEditCommand.h
Examining data/dx-4.4.4/src/uipp/dxui/ColormapFileCommand.C
Examining data/dx-4.4.4/src/uipp/dxui/ColormapFileCommand.h
Examining data/dx-4.4.4/src/uipp/dxui/ColormapNode.C
Examining data/dx-4.4.4/src/uipp/dxui/ColormapNode.h
Examining data/dx-4.4.4/src/uipp/dxui/ComputeDefinition.C
Examining data/dx-4.4.4/src/uipp/dxui/ComputeDefinition.h
Examining data/dx-4.4.4/src/uipp/dxui/ComputeNode.C
Examining data/dx-4.4.4/src/uipp/dxui/ComputeNode.h
Examining data/dx-4.4.4/src/uipp/dxui/ConfirmedExitCommand.C
Examining data/dx-4.4.4/src/uipp/dxui/ConfirmedExitCommand.h
Examining data/dx-4.4.4/src/uipp/dxui/ConfirmedQuitCommand.C
Examining data/dx-4.4.4/src/uipp/dxui/ConfirmedQuitCommand.h
Examining data/dx-4.4.4/src/uipp/dxui/DeleteNodeCommand.C
Examining data/dx-4.4.4/src/uipp/dxui/DeleteNodeCommand.h
Examining data/dx-4.4.4/src/uipp/dxui/._DialInteractor.C
Examining data/dx-4.4.4/src/uipp/dxui/DialInteractor.C
Examining data/dx-4.4.4/src/uipp/dxui/DialInteractor.h
Examining data/dx-4.4.4/src/uipp/dxui/DisconnectFromServerCommand.C
Examining data/dx-4.4.4/src/uipp/dxui/DisconnectFromServerCommand.h
Examining data/dx-4.4.4/src/uipp/dxui/DisplayDefinition.C
Examining data/dx-4.4.4/src/uipp/dxui/DisplayDefinition.h
Examining data/dx-4.4.4/src/uipp/dxui/DisplayNode.C
Examining data/dx-4.4.4/src/uipp/dxui/DisplayNode.h
Examining data/dx-4.4.4/src/uipp/dxui/DrivenDefinition.C
Examining data/dx-4.4.4/src/uipp/dxui/DrivenDefinition.h
Examining data/dx-4.4.4/src/uipp/dxui/DrivenNode.C
Examining data/dx-4.4.4/src/uipp/dxui/DrivenNode.h
Examining data/dx-4.4.4/src/uipp/dxui/DXLInputDefinition.C
Examining data/dx-4.4.4/src/uipp/dxui/DXLInputDefinition.h
Examining data/dx-4.4.4/src/uipp/dxui/DXLInputNode.C
Examining data/dx-4.4.4/src/uipp/dxui/DXLInputNode.h
Examining data/dx-4.4.4/src/uipp/dxui/DXLOutputDefinition.C
Examining data/dx-4.4.4/src/uipp/dxui/DXLOutputDefinition.h
Examining data/dx-4.4.4/src/uipp/dxui/DXLOutputNode.C
Examining data/dx-4.4.4/src/uipp/dxui/DXLOutputNode.h
Examining data/dx-4.4.4/src/uipp/dxui/EchoDefinition.C
Examining data/dx-4.4.4/src/uipp/dxui/EchoDefinition.h
Examining data/dx-4.4.4/src/uipp/dxui/EchoNode.C
Examining data/dx-4.4.4/src/uipp/dxui/EchoNode.h
Examining data/dx-4.4.4/src/uipp/dxui/ExecCommandDialog.C
Examining data/dx-4.4.4/src/uipp/dxui/ExecCommandDialog.h
Examining data/dx-4.4.4/src/uipp/dxui/FileSelectorDefinition.C
Examining data/dx-4.4.4/src/uipp/dxui/FileSelectorDefinition.h
Examining data/dx-4.4.4/src/uipp/dxui/FileSelectorInteractor.C
Examining data/dx-4.4.4/src/uipp/dxui/FileSelectorInteractor.h
Examining data/dx-4.4.4/src/uipp/dxui/FileSelectorNode.C
Examining data/dx-4.4.4/src/uipp/dxui/FileSelectorNode.h
Examining data/dx-4.4.4/src/uipp/dxui/GlobalLocalDefinition.C
Examining data/dx-4.4.4/src/uipp/dxui/GlobalLocalDefinition.h
Examining data/dx-4.4.4/src/uipp/dxui/GlobalLocalNode.C
Examining data/dx-4.4.4/src/uipp/dxui/GlobalLocalNode.h
Examining data/dx-4.4.4/src/uipp/dxui/ImageApproxCommand.C
Examining data/dx-4.4.4/src/uipp/dxui/ImageApproxCommand.h
Examining data/dx-4.4.4/src/uipp/dxui/ImageConstraintCommand.C
Examining data/dx-4.4.4/src/uipp/dxui/ImageConstraintCommand.h
Examining data/dx-4.4.4/src/uipp/dxui/ImageDefinition.C
Examining data/dx-4.4.4/src/uipp/dxui/ImageDefinition.h
Examining data/dx-4.4.4/src/uipp/dxui/ImageFormatCommand.C
Examining data/dx-4.4.4/src/uipp/dxui/ImageFormatCommand.h
Examining data/dx-4.4.4/src/uipp/dxui/ImageHardwareCommand.C
Examining data/dx-4.4.4/src/uipp/dxui/ImageHardwareCommand.h
Examining data/dx-4.4.4/src/uipp/dxui/ImageLookCommand.C
Examining data/dx-4.4.4/src/uipp/dxui/ImageLookCommand.h
Examining data/dx-4.4.4/src/uipp/dxui/ImageNode.C
Examining data/dx-4.4.4/src/uipp/dxui/ImageNode.h
Examining data/dx-4.4.4/src/uipp/dxui/ImagePerspectiveCommand.C
Examining data/dx-4.4.4/src/uipp/dxui/ImagePerspectiveCommand.h
Examining data/dx-4.4.4/src/uipp/dxui/ImageRedoCommand.C
Examining data/dx-4.4.4/src/uipp/dxui/ImageRedoCommand.h
Examining data/dx-4.4.4/src/uipp/dxui/ImageResetCommand.C
Examining data/dx-4.4.4/src/uipp/dxui/ImageResetCommand.h
Examining data/dx-4.4.4/src/uipp/dxui/ImageSetModeCommand.C
Examining data/dx-4.4.4/src/uipp/dxui/ImageSetModeCommand.h
Examining data/dx-4.4.4/src/uipp/dxui/ImageSetViewCommand.C
Examining data/dx-4.4.4/src/uipp/dxui/ImageSetViewCommand.h
Examining data/dx-4.4.4/src/uipp/dxui/ImageSoftwareCommand.C
Examining data/dx-4.4.4/src/uipp/dxui/ImageSoftwareCommand.h
Examining data/dx-4.4.4/src/uipp/dxui/ImageUndoCommand.C
Examining data/dx-4.4.4/src/uipp/dxui/ImageUndoCommand.h
Examining data/dx-4.4.4/src/uipp/dxui/Interactor.C
Examining data/dx-4.4.4/src/uipp/dxui/Interactor.h
Examining data/dx-4.4.4/src/uipp/dxui/InteractorDefinition.C
Examining data/dx-4.4.4/src/uipp/dxui/InteractorDefinition.h
Examining data/dx-4.4.4/src/uipp/dxui/InteractorNode.C
Examining data/dx-4.4.4/src/uipp/dxui/InteractorNode.h
Examining data/dx-4.4.4/src/uipp/dxui/MacroDefinition.C
Examining data/dx-4.4.4/src/uipp/dxui/MacroDefinition.h
Examining data/dx-4.4.4/src/uipp/dxui/MacroNode.C
Examining data/dx-4.4.4/src/uipp/dxui/MacroNode.h
Examining data/dx-4.4.4/src/uipp/dxui/MacroParameterDefinition.C
Examining data/dx-4.4.4/src/uipp/dxui/MacroParameterDefinition.h
Examining data/dx-4.4.4/src/uipp/dxui/MacroParameterNode.C
Examining data/dx-4.4.4/src/uipp/dxui/MacroParameterNode.h
Examining data/dx-4.4.4/src/uipp/dxui/ModuleMessagingNode.C
Examining data/dx-4.4.4/src/uipp/dxui/ModuleMessagingNode.h
Examining data/dx-4.4.4/src/uipp/dxui/NewCommand.C
Examining data/dx-4.4.4/src/uipp/dxui/NewCommand.h
Examining data/dx-4.4.4/src/uipp/dxui/Node.C
Examining data/dx-4.4.4/src/uipp/dxui/Node.h
Examining data/dx-4.4.4/src/uipp/dxui/NodeDefinition.C
Examining data/dx-4.4.4/src/uipp/dxui/NodeDefinition.h
Examining data/dx-4.4.4/src/uipp/dxui/NodeList.C
Examining data/dx-4.4.4/src/uipp/dxui/NodeList.h
Examining data/dx-4.4.4/src/uipp/dxui/NondrivenInteractorNode.C
Examining data/dx-4.4.4/src/uipp/dxui/NondrivenInteractorNode.h
Examining data/dx-4.4.4/src/uipp/dxui/NoUndoAnchorCommand.C
Examining data/dx-4.4.4/src/uipp/dxui/NoUndoAnchorCommand.h
Examining data/dx-4.4.4/src/uipp/dxui/NoUndoDXAppCommand.C
Examining data/dx-4.4.4/src/uipp/dxui/NoUndoDXAppCommand.h
Examining data/dx-4.4.4/src/uipp/dxui/NoUndoDXWindowCommand.C
Examining data/dx-4.4.4/src/uipp/dxui/NoUndoDXWindowCommand.h
Examining data/dx-4.4.4/src/uipp/dxui/NoUndoEditorCommand.C
Examining data/dx-4.4.4/src/uipp/dxui/NoUndoEditorCommand.h
Examining data/dx-4.4.4/src/uipp/dxui/NoUndoImageCommand.C
Examining data/dx-4.4.4/src/uipp/dxui/NoUndoImageCommand.h
Examining data/dx-4.4.4/src/uipp/dxui/NoUndoJavaNetCommand.C
Examining data/dx-4.4.4/src/uipp/dxui/NoUndoJavaNetCommand.h
Examining data/dx-4.4.4/src/uipp/dxui/NoUndoNetworkCommand.C
Examining data/dx-4.4.4/src/uipp/dxui/NoUndoNetworkCommand.h
Examining data/dx-4.4.4/src/uipp/dxui/NoUndoPanelCommand.C
Examining data/dx-4.4.4/src/uipp/dxui/NoUndoPanelCommand.h
Examining data/dx-4.4.4/src/uipp/dxui/OpenCommand.C
Examining data/dx-4.4.4/src/uipp/dxui/OpenCommand.h
Examining data/dx-4.4.4/src/uipp/dxui/OpenFileCommand.h
Examining data/dx-4.4.4/src/uipp/dxui/ParameterDefinition.C
Examining data/dx-4.4.4/src/uipp/dxui/ParameterDefinition.h
Examining data/dx-4.4.4/src/uipp/dxui/PickDefinition.C
Examining data/dx-4.4.4/src/uipp/dxui/PickDefinition.h
Examining data/dx-4.4.4/src/uipp/dxui/PickNode.C
Examining data/dx-4.4.4/src/uipp/dxui/PickNode.h
Examining data/dx-4.4.4/src/uipp/dxui/PrintDefinition.C
Examining data/dx-4.4.4/src/uipp/dxui/PrintDefinition.h
Examining data/dx-4.4.4/src/uipp/dxui/PrintNode.C
Examining data/dx-4.4.4/src/uipp/dxui/PrintNode.h
Examining data/dx-4.4.4/src/uipp/dxui/ProbeDefinition.C
Examining data/dx-4.4.4/src/uipp/dxui/ProbeDefinition.h
Examining data/dx-4.4.4/src/uipp/dxui/ProbeNode.C
Examining data/dx-4.4.4/src/uipp/dxui/ProbeNode.h
Examining data/dx-4.4.4/src/uipp/dxui/ReceiverDefinition.C
Examining data/dx-4.4.4/src/uipp/dxui/ReceiverDefinition.h
Examining data/dx-4.4.4/src/uipp/dxui/ReceiverNode.h
Examining data/dx-4.4.4/src/uipp/dxui/ResetDefinition.C
Examining data/dx-4.4.4/src/uipp/dxui/ResetDefinition.h
Examining data/dx-4.4.4/src/uipp/dxui/ResetNode.C
Examining data/dx-4.4.4/src/uipp/dxui/ResetNode.h
Examining data/dx-4.4.4/src/uipp/dxui/SaveMacroCommand.C
Examining data/dx-4.4.4/src/uipp/dxui/SaveMacroCommand.h
Examining data/dx-4.4.4/src/uipp/dxui/ScalarDefinition.C
Examining data/dx-4.4.4/src/uipp/dxui/ScalarDefinition.h
Examining data/dx-4.4.4/src/uipp/dxui/ScalarInteractor.C
Examining data/dx-4.4.4/src/uipp/dxui/ScalarInteractor.h
Examining data/dx-4.4.4/src/uipp/dxui/ScalarListDefinition.C
Examining data/dx-4.4.4/src/uipp/dxui/ScalarListDefinition.h
Examining data/dx-4.4.4/src/uipp/dxui/ScalarListInteractor.C
Examining data/dx-4.4.4/src/uipp/dxui/ScalarListInteractor.h
Examining data/dx-4.4.4/src/uipp/dxui/ScalarListNode.C
Examining data/dx-4.4.4/src/uipp/dxui/ScalarListNode.h
Examining data/dx-4.4.4/src/uipp/dxui/ScalarNode.C
Examining data/dx-4.4.4/src/uipp/dxui/ScalarNode.h
Examining data/dx-4.4.4/src/uipp/dxui/SelectionDefinition.h
Examining data/dx-4.4.4/src/uipp/dxui/SelectionNode.h
Examining data/dx-4.4.4/src/uipp/dxui/SelectorDefinition.C
Examining data/dx-4.4.4/src/uipp/dxui/SelectorDefinition.h
Examining data/dx-4.4.4/src/uipp/dxui/SelectorInteractor.C
Examining data/dx-4.4.4/src/uipp/dxui/SelectorInteractor.h
Examining data/dx-4.4.4/src/uipp/dxui/SelectorListDefinition.C
Examining data/dx-4.4.4/src/uipp/dxui/SelectorListDefinition.h
Examining data/dx-4.4.4/src/uipp/dxui/SelectorListInteractor.C
Examining data/dx-4.4.4/src/uipp/dxui/SelectorListInteractor.h
Examining data/dx-4.4.4/src/uipp/dxui/SelectorListNode.C
Examining data/dx-4.4.4/src/uipp/dxui/SelectorListNode.h
Examining data/dx-4.4.4/src/uipp/dxui/SelectorListToggleInteractor.C
Examining data/dx-4.4.4/src/uipp/dxui/SelectorListToggleInteractor.h
Examining data/dx-4.4.4/src/uipp/dxui/SelectorNode.C
Examining data/dx-4.4.4/src/uipp/dxui/SelectorNode.h
Examining data/dx-4.4.4/src/uipp/dxui/SelectorPulldownInteractor.h
Examining data/dx-4.4.4/src/uipp/dxui/SelectorRadioInteractor.C
Examining data/dx-4.4.4/src/uipp/dxui/SelectorRadioInteractor.h
Examining data/dx-4.4.4/src/uipp/dxui/SequencerDefinition.C
Examining data/dx-4.4.4/src/uipp/dxui/SequencerDefinition.h
Examining data/dx-4.4.4/src/uipp/dxui/SequencerNode.C
Examining data/dx-4.4.4/src/uipp/dxui/SequencerNode.h
Examining data/dx-4.4.4/src/uipp/dxui/ShadowedOutputDefinition.h
Examining data/dx-4.4.4/src/uipp/dxui/ShadowedOutputNode.C
Examining data/dx-4.4.4/src/uipp/dxui/ShadowedOutputNode.h
Examining data/dx-4.4.4/src/uipp/dxui/SliderInteractor.C
Examining data/dx-4.4.4/src/uipp/dxui/SliderInteractor.h
Examining data/dx-4.4.4/src/uipp/dxui/StepperInteractor.C
Examining data/dx-4.4.4/src/uipp/dxui/StepperInteractor.h
Examining data/dx-4.4.4/src/uipp/dxui/StreaklineDefinition.C
Examining data/dx-4.4.4/src/uipp/dxui/StreaklineDefinition.h
Examining data/dx-4.4.4/src/uipp/dxui/StreaklineNode.C
Examining data/dx-4.4.4/src/uipp/dxui/StreaklineNode.h
Examining data/dx-4.4.4/src/uipp/dxui/ToggleDefinition.C
Examining data/dx-4.4.4/src/uipp/dxui/ToggleDefinition.h
Examining data/dx-4.4.4/src/uipp/dxui/ToggleInteractor.C
Examining data/dx-4.4.4/src/uipp/dxui/ToggleInteractor.h
Examining data/dx-4.4.4/src/uipp/dxui/ToggleNode.C
Examining data/dx-4.4.4/src/uipp/dxui/ToggleNode.h
Examining data/dx-4.4.4/src/uipp/dxui/ToggleToggleInteractor.C
Examining data/dx-4.4.4/src/uipp/dxui/ToggleToggleInteractor.h
Examining data/dx-4.4.4/src/uipp/dxui/ToolPanelCommand.C
Examining data/dx-4.4.4/src/uipp/dxui/ToolPanelCommand.h
Examining data/dx-4.4.4/src/uipp/dxui/TransmitterDefinition.C
Examining data/dx-4.4.4/src/uipp/dxui/TransmitterDefinition.h
Examining data/dx-4.4.4/src/uipp/dxui/TransmitterNode.C
Examining data/dx-4.4.4/src/uipp/dxui/TransmitterNode.h
Examining data/dx-4.4.4/src/uipp/dxui/UniqueNameNode.C
Examining data/dx-4.4.4/src/uipp/dxui/UniqueNameNode.h
Examining data/dx-4.4.4/src/uipp/dxui/ValueDefinition.C
Examining data/dx-4.4.4/src/uipp/dxui/ValueDefinition.h
Examining data/dx-4.4.4/src/uipp/dxui/ValueInteractor.C
Examining data/dx-4.4.4/src/uipp/dxui/ValueInteractor.h
Examining data/dx-4.4.4/src/uipp/dxui/ValueListDefinition.C
Examining data/dx-4.4.4/src/uipp/dxui/ValueListDefinition.h
Examining data/dx-4.4.4/src/uipp/dxui/ValueListInteractor.C
Examining data/dx-4.4.4/src/uipp/dxui/ValueListInteractor.h
Examining data/dx-4.4.4/src/uipp/dxui/ValueListNode.C
Examining data/dx-4.4.4/src/uipp/dxui/ValueListNode.h
Examining data/dx-4.4.4/src/uipp/dxui/ValueNode.C
Examining data/dx-4.4.4/src/uipp/dxui/ValueNode.h
Examining data/dx-4.4.4/src/uipp/dxui/VectorDefinition.C
Examining data/dx-4.4.4/src/uipp/dxui/VectorDefinition.h
Examining data/dx-4.4.4/src/uipp/dxui/VectorListDefinition.C
Examining data/dx-4.4.4/src/uipp/dxui/VectorListDefinition.h
Examining data/dx-4.4.4/src/uipp/dxui/ViewControlWhichCameraCommand.C
Examining data/dx-4.4.4/src/uipp/dxui/ViewControlWhichCameraCommand.h
Examining data/dx-4.4.4/src/uipp/dxui/Main.C
Examining data/dx-4.4.4/src/uipp/dxui/SelectionNode.C
Examining data/dx-4.4.4/src/uipp/dxui/ReceiverNode.C
Examining data/dx-4.4.4/src/uipp/dxuilib/AnnotationGroupManager.C
Examining data/dx-4.4.4/src/uipp/dxuilib/AnnotationGroupManager.h
Examining data/dx-4.4.4/src/uipp/dxuilib/ApplicIF.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ApplicIF.h
Examining data/dx-4.4.4/src/uipp/dxuilib/Ark.C
Examining data/dx-4.4.4/src/uipp/dxuilib/Ark.h
Examining data/dx-4.4.4/src/uipp/dxuilib/ArkStandIn.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ArkStandIn.h
Examining data/dx-4.4.4/src/uipp/dxuilib/AttributeParameter.C
Examining data/dx-4.4.4/src/uipp/dxuilib/AttributeParameter.h
Examining data/dx-4.4.4/src/uipp/dxuilib/._AutoAxesDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/AutoAxesDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/BinaryParameter.h
Examining data/dx-4.4.4/src/uipp/dxuilib/BuildIFDict.C
Examining data/dx-4.4.4/src/uipp/dxuilib/Cacheability.h
Examining data/dx-4.4.4/src/uipp/dxuilib/CDBAllocatorDictionary.C
Examining data/dx-4.4.4/src/uipp/dxuilib/CDBAllocatorDictionary.h
Examining data/dx-4.4.4/src/uipp/dxuilib/CDBInput.h
Examining data/dx-4.4.4/src/uipp/dxuilib/CDBOutput.h
Examining data/dx-4.4.4/src/uipp/dxuilib/CDBParameter.h
Examining data/dx-4.4.4/src/uipp/dxuilib/CMDefaultResources.h
Examining data/dx-4.4.4/src/uipp/dxuilib/._ColormapAddCtlDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ColormapAddCtlDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ColormapAddCtlDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/ColormapEditor.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ColormapEditor.h
Examining data/dx-4.4.4/src/uipp/dxuilib/ColormapNBinsDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ColormapNBinsDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/ColormapWaveDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ColormapWaveDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/CommentStyle.C
Examining data/dx-4.4.4/src/uipp/dxuilib/CommentStyle.h
Examining data/dx-4.4.4/src/uipp/dxuilib/CommentStyleUser.C
Examining data/dx-4.4.4/src/uipp/dxuilib/CommentStyleUser.h
Examining data/dx-4.4.4/src/uipp/dxuilib/ComponentAttributes.h
Examining data/dx-4.4.4/src/uipp/dxuilib/ComputeCDB.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ComputeCDB.h
Examining data/dx-4.4.4/src/uipp/dxuilib/ConfigurationDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ConfigurationDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/._ControlPanel.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ControlPanel.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ControlPanel.h
Examining data/dx-4.4.4/src/uipp/dxuilib/ControlPanelAccessDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ControlPanelAccessDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/ControlPanelGroupDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ControlPanelGroupDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/ControlPanelWorkSpace.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ControlPanelWorkSpace.h
Examining data/dx-4.4.4/src/uipp/dxuilib/CPDefaultResources.h
Examining data/dx-4.4.4/src/uipp/dxuilib/CreateMacroDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/CreateMacroDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/Decorator.C
Examining data/dx-4.4.4/src/uipp/dxuilib/Decorator.h
Examining data/dx-4.4.4/src/uipp/dxuilib/DecoratorInfo.h
Examining data/dx-4.4.4/src/uipp/dxuilib/DecoratorStyle.C
Examining data/dx-4.4.4/src/uipp/dxuilib/DecoratorStyle.h
Examining data/dx-4.4.4/src/uipp/dxuilib/delete.C
Examining data/dx-4.4.4/src/uipp/dxuilib/DescrDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/DescrDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/DXAnchorWindow.C
Examining data/dx-4.4.4/src/uipp/dxuilib/DXAnchorWindow.h
Examining data/dx-4.4.4/src/uipp/dxuilib/DXChild.C
Examining data/dx-4.4.4/src/uipp/dxuilib/DXChild.h
Examining data/dx-4.4.4/src/uipp/dxuilib/DXDragSource.C
Examining data/dx-4.4.4/src/uipp/dxuilib/DXDragSource.h
Examining data/dx-4.4.4/src/uipp/dxuilib/DXDropSite.C
Examining data/dx-4.4.4/src/uipp/dxuilib/DXDropSite.h
Examining data/dx-4.4.4/src/uipp/dxuilib/DXExecCtl.C
Examining data/dx-4.4.4/src/uipp/dxuilib/DXExecCtl.h
Examining data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.h
Examining data/dx-4.4.4/src/uipp/dxuilib/dxmac.h
Examining data/dx-4.4.4/src/uipp/dxuilib/DXPacketIF.C
Examining data/dx-4.4.4/src/uipp/dxuilib/DXPacketIF.h
Examining data/dx-4.4.4/src/uipp/dxuilib/DXVersion.h
Examining data/dx-4.4.4/src/uipp/dxuilib/DXWDefaultResources.h
Examining data/dx-4.4.4/src/uipp/dxuilib/._DXWindow.C
Examining data/dx-4.4.4/src/uipp/dxuilib/DXWindow.h
Examining data/dx-4.4.4/src/uipp/dxuilib/EditorToolSelector.C
Examining data/dx-4.4.4/src/uipp/dxuilib/EditorToolSelector.h
Examining data/dx-4.4.4/src/uipp/dxuilib/._EditorWindow.C
Examining data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.h
Examining data/dx-4.4.4/src/uipp/dxuilib/._EditorWorkSpace.C
Examining data/dx-4.4.4/src/uipp/dxuilib/EditorWorkSpace.C
Examining data/dx-4.4.4/src/uipp/dxuilib/EditorWorkSpace.h
Examining data/dx-4.4.4/src/uipp/dxuilib/enums.h
Examining data/dx-4.4.4/src/uipp/dxuilib/EWDefaultResources.h
Examining data/dx-4.4.4/src/uipp/dxuilib/FileSelectorDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/FileSelectorDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/._FileSelectorInstance.C
Examining data/dx-4.4.4/src/uipp/dxuilib/FileSelectorInstance.C
Examining data/dx-4.4.4/src/uipp/dxuilib/._FileSelectorInstance.h
Examining data/dx-4.4.4/src/uipp/dxuilib/FileSelectorInstance.h
Examining data/dx-4.4.4/src/uipp/dxuilib/FindStack.C
Examining data/dx-4.4.4/src/uipp/dxuilib/FindStack.h
Examining data/dx-4.4.4/src/uipp/dxuilib/FindToolDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/FindToolDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/GetSetConversionDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/GetSetConversionDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/gifmac.h
Examining data/dx-4.4.4/src/uipp/dxuilib/._GraphLayout.C
Examining data/dx-4.4.4/src/uipp/dxuilib/GraphLayout.C
Examining data/dx-4.4.4/src/uipp/dxuilib/GraphLayout.h
Examining data/dx-4.4.4/src/uipp/dxuilib/GridDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/GridDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/GroupedObject.C
Examining data/dx-4.4.4/src/uipp/dxuilib/GroupedObject.h
Examining data/dx-4.4.4/src/uipp/dxuilib/GroupManager.C
Examining data/dx-4.4.4/src/uipp/dxuilib/GroupManager.h
Examining data/dx-4.4.4/src/uipp/dxuilib/GroupStyle.C
Examining data/dx-4.4.4/src/uipp/dxuilib/GroupStyle.h
Examining data/dx-4.4.4/src/uipp/dxuilib/HelpOnNetworkDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/HelpOnNetworkDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/HelpOnPanelDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/HelpOnPanelDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/ImageCDB.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ImageCDB.h
Examining data/dx-4.4.4/src/uipp/dxuilib/ImageFileDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ImageFileDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/ImageFormat.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ImageFormat.h
Examining data/dx-4.4.4/src/uipp/dxuilib/._ImageFormatDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ImageFormatDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ImageFormatDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/ImageFormatGIF.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ImageFormatGIF.h
Examining data/dx-4.4.4/src/uipp/dxuilib/ImageFormatIM.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ImageFormatIM.h
Examining data/dx-4.4.4/src/uipp/dxuilib/ImageFormatMIF.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ImageFormatMIF.h
Examining data/dx-4.4.4/src/uipp/dxuilib/ImageFormatPSColor.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ImageFormatPSColor.h
Examining data/dx-4.4.4/src/uipp/dxuilib/ImageFormatPSColorEnc.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ImageFormatPSColorEnc.h
Examining data/dx-4.4.4/src/uipp/dxuilib/ImageFormatPSGrey.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ImageFormatPSGrey.h
Examining data/dx-4.4.4/src/uipp/dxuilib/ImageFormatPSGreyEnc.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ImageFormatPSGreyEnc.h
Examining data/dx-4.4.4/src/uipp/dxuilib/ImageFormatREX.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ImageFormatREX.h
Examining data/dx-4.4.4/src/uipp/dxuilib/ImageFormatRGB.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ImageFormatRGB.h
Examining data/dx-4.4.4/src/uipp/dxuilib/ImageFormatTIF.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ImageFormatTIF.h
Examining data/dx-4.4.4/src/uipp/dxuilib/ImageFormatYUV.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ImageFormatYUV.h
Examining data/dx-4.4.4/src/uipp/dxuilib/imagemac.h
Examining data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.h
Examining data/dx-4.4.4/src/uipp/dxuilib/InsertNetworkDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/InsertNetworkDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/._InteractorInstance.C
Examining data/dx-4.4.4/src/uipp/dxuilib/InteractorInstance.C
Examining data/dx-4.4.4/src/uipp/dxuilib/InteractorInstance.h
Examining data/dx-4.4.4/src/uipp/dxuilib/InteractorStandIn.C
Examining data/dx-4.4.4/src/uipp/dxuilib/InteractorStandIn.h
Examining data/dx-4.4.4/src/uipp/dxuilib/InteractorStyle.C
Examining data/dx-4.4.4/src/uipp/dxuilib/InteractorStyle.h
Examining data/dx-4.4.4/src/uipp/dxuilib/ItalicLabeledStandIn.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ItalicLabeledStandIn.h
Examining data/dx-4.4.4/src/uipp/dxuilib/IWDefaultResources.h
Examining data/dx-4.4.4/src/uipp/dxuilib/._JavaNet.C
Examining data/dx-4.4.4/src/uipp/dxuilib/JavaNet.h
Examining data/dx-4.4.4/src/uipp/dxuilib/._LabelDecorator.C
Examining data/dx-4.4.4/src/uipp/dxuilib/LabelDecorator.C
Examining data/dx-4.4.4/src/uipp/dxuilib/LabelDecorator.h
Examining data/dx-4.4.4/src/uipp/dxuilib/LabeledStandIn.C
Examining data/dx-4.4.4/src/uipp/dxuilib/LabeledStandIn.h
Examining data/dx-4.4.4/src/uipp/dxuilib/LinkHandler.C
Examining data/dx-4.4.4/src/uipp/dxuilib/LinkHandler.h
Examining data/dx-4.4.4/src/uipp/dxuilib/LoadMacroDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/LoadMacroDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/LoadMDFDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/LoadMDFDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/LocalAttributes.h
Examining data/dx-4.4.4/src/uipp/dxuilib/MoveNodesDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/MoveNodesDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/MsgWin.C
Examining data/dx-4.4.4/src/uipp/dxuilib/MsgWin.h
Examining data/dx-4.4.4/src/uipp/dxuilib/MWClearCmd.C
Examining data/dx-4.4.4/src/uipp/dxuilib/MWClearCmd.h
Examining data/dx-4.4.4/src/uipp/dxuilib/MWDefaultResources.h
Examining data/dx-4.4.4/src/uipp/dxuilib/MWFileDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/MWFileDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/NDAllocatorDictionary.C
Examining data/dx-4.4.4/src/uipp/dxuilib/NDAllocatorDictionary.h
Examining data/dx-4.4.4/src/uipp/dxuilib/Network.C
Examining data/dx-4.4.4/src/uipp/dxuilib/Network.h
Examining data/dx-4.4.4/src/uipp/dxuilib/netyacc.c
Examining data/dx-4.4.4/src/uipp/dxuilib/new.C
Examining data/dx-4.4.4/src/uipp/dxuilib/NoUndoMWCmd.C
Examining data/dx-4.4.4/src/uipp/dxuilib/NoUndoMWCmd.h
Examining data/dx-4.4.4/src/uipp/dxuilib/oem.C
Examining data/dx-4.4.4/src/uipp/dxuilib/oem.h
Examining data/dx-4.4.4/src/uipp/dxuilib/OpenCFGDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/OpenCFGDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/OpenColormapDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/OpenColormapDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/OpenNetCommentDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/OpenNetCommentDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/OpenNetworkDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/OpenNetworkDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/PacketHandler.C
Examining data/dx-4.4.4/src/uipp/dxuilib/PacketHandler.h
Examining data/dx-4.4.4/src/uipp/dxuilib/._PacketIF.C
Examining data/dx-4.4.4/src/uipp/dxuilib/PacketIF.C
Examining data/dx-4.4.4/src/uipp/dxuilib/PacketIF.h
Examining data/dx-4.4.4/src/uipp/dxuilib/PageGroupManager.C
Examining data/dx-4.4.4/src/uipp/dxuilib/PageGroupManager.h
Examining data/dx-4.4.4/src/uipp/dxuilib/PageSelector.C
Examining data/dx-4.4.4/src/uipp/dxuilib/PageSelector.h
Examining data/dx-4.4.4/src/uipp/dxuilib/PageTab.h
Examining data/dx-4.4.4/src/uipp/dxuilib/PanelAccessManager.C
Examining data/dx-4.4.4/src/uipp/dxuilib/PanelAccessManager.h
Examining data/dx-4.4.4/src/uipp/dxuilib/PanelGroupManager.C
Examining data/dx-4.4.4/src/uipp/dxuilib/PanelGroupManager.h
Examining data/dx-4.4.4/src/uipp/dxuilib/Parameter.C
Examining data/dx-4.4.4/src/uipp/dxuilib/Parameter.h
Examining data/dx-4.4.4/src/uipp/dxuilib/ParameterCDB.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ParameterCDB.h
Examining data/dx-4.4.4/src/uipp/dxuilib/Parse.h
Examining data/dx-4.4.4/src/uipp/dxuilib/ParseMDF.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ParseMDF.h
Examining data/dx-4.4.4/src/uipp/dxuilib/PixelImageFormat.C
Examining data/dx-4.4.4/src/uipp/dxuilib/PixelImageFormat.h
Examining data/dx-4.4.4/src/uipp/dxuilib/._PostScriptImageFormat.C
Examining data/dx-4.4.4/src/uipp/dxuilib/PostScriptImageFormat.h
Examining data/dx-4.4.4/src/uipp/dxuilib/PrintImageDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/PrintImageDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/PrintProgramDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/PrintProgramDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/PrintProgramFileDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/PrintProgramFileDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/ProcessGroupAssignDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ProcessGroupAssignDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/ProcessGroupCreateDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ProcessGroupCreateDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/ProcessGroupManager.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ProcessGroupManager.h
Examining data/dx-4.4.4/src/uipp/dxuilib/ProcessGroupOptionsDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ProcessGroupOptionsDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/QueuedPackets.C
Examining data/dx-4.4.4/src/uipp/dxuilib/QueuedPackets.h
Examining data/dx-4.4.4/src/uipp/dxuilib/RenderingOptionsDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/RenderingOptionsDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/._ResourceManager.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ResourceManager.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ResourceManager.h
Examining data/dx-4.4.4/src/uipp/dxuilib/SaveAsCCodeDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/SaveAsCCodeDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/SaveAsDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/SaveAsDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/SaveCFGDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/SaveCFGDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/SaveImageDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/SaveImageDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/._ScalarInstance.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ScalarInstance.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ScalarInstance.h
Examining data/dx-4.4.4/src/uipp/dxuilib/ScalarListInstance.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ScalarListInstance.h
Examining data/dx-4.4.4/src/uipp/dxuilib/SelectionAttrDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/SelectionAttrDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/SelectionInstance.C
Examining data/dx-4.4.4/src/uipp/dxuilib/SelectionInstance.h
Examining data/dx-4.4.4/src/uipp/dxuilib/._SelectorInstance.C
Examining data/dx-4.4.4/src/uipp/dxuilib/SelectorInstance.C
Examining data/dx-4.4.4/src/uipp/dxuilib/SelectorInstance.h
Examining data/dx-4.4.4/src/uipp/dxuilib/._SelectorListInstance.C
Examining data/dx-4.4.4/src/uipp/dxuilib/SelectorListInstance.C
Examining data/dx-4.4.4/src/uipp/dxuilib/SelectorListInstance.h
Examining data/dx-4.4.4/src/uipp/dxuilib/._SeparatorDecorator.C
Examining data/dx-4.4.4/src/uipp/dxuilib/SeparatorDecorator.C
Examining data/dx-4.4.4/src/uipp/dxuilib/SeparatorDecorator.h
Examining data/dx-4.4.4/src/uipp/dxuilib/sequence.h
Examining data/dx-4.4.4/src/uipp/dxuilib/SequencerWindow.C
Examining data/dx-4.4.4/src/uipp/dxuilib/SequencerWindow.h
Examining data/dx-4.4.4/src/uipp/dxuilib/SetAnnotatorTextDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/SetAnnotatorTextDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/SetAttrDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/SetAttrDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/SetBGColorDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/SetBGColorDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/SetColormapNameDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/SetColormapNameDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/SetDecoratorTextDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/SetDecoratorTextDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/SetImageNameDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/SetImageNameDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/SetInteractorNameDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/SetInteractorNameDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/SetMacroNameDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/SetMacroNameDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/SetNetworkCommentDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/SetNetworkCommentDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/SetPageNameDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/SetPageNameDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/SetPanelCommentDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/SetPanelCommentDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/SetPanelNameDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/SetPanelNameDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/._SetScalarAttrDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/SetScalarAttrDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/SetScalarAttrDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/SetSeparatorAttrDlg.C
Examining data/dx-4.4.4/src/uipp/dxuilib/SetSeparatorAttrDlg.h
Examining data/dx-4.4.4/src/uipp/dxuilib/SetVectorAttrDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/SetVectorAttrDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/SIAllocatorDictionary.C
Examining data/dx-4.4.4/src/uipp/dxuilib/SIAllocatorDictionary.h
Examining data/dx-4.4.4/src/uipp/dxuilib/StandIn.C
Examining data/dx-4.4.4/src/uipp/dxuilib/StandIn.h
Examining data/dx-4.4.4/src/uipp/dxuilib/StartOptionsDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/StartOptionsDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/StartServerDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/StartServerDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/Tab.C
Examining data/dx-4.4.4/src/uipp/dxuilib/Tab.h
Examining data/dx-4.4.4/src/uipp/dxuilib/._ThrottleDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ThrottleDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ThrottleDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/._TickLabel.C
Examining data/dx-4.4.4/src/uipp/dxuilib/TickLabel.C
Examining data/dx-4.4.4/src/uipp/dxuilib/TickLabel.h
Examining data/dx-4.4.4/src/uipp/dxuilib/TickLabelList.C
Examining data/dx-4.4.4/src/uipp/dxuilib/TickLabelList.h
Examining data/dx-4.4.4/src/uipp/dxuilib/ToggleAttrDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ToggleAttrDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/._ToggleInstance.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ToggleInstance.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ToggleInstance.h
Examining data/dx-4.4.4/src/uipp/dxuilib/._ToolSelector.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ToolSelector.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ToolSelector.h
Examining data/dx-4.4.4/src/uipp/dxuilib/TransferAccelerator.c
Examining data/dx-4.4.4/src/uipp/dxuilib/TransferAccelerator.h
Examining data/dx-4.4.4/src/uipp/dxuilib/UndoableAction.h
Examining data/dx-4.4.4/src/uipp/dxuilib/UndoAddArk.C
Examining data/dx-4.4.4/src/uipp/dxuilib/UndoAddArk.h
Examining data/dx-4.4.4/src/uipp/dxuilib/UndoDeletion.C
Examining data/dx-4.4.4/src/uipp/dxuilib/UndoDeletion.h
Examining data/dx-4.4.4/src/uipp/dxuilib/UndoGrid.C
Examining data/dx-4.4.4/src/uipp/dxuilib/UndoGrid.h
Examining data/dx-4.4.4/src/uipp/dxuilib/UndoMove.C
Examining data/dx-4.4.4/src/uipp/dxuilib/UndoMove.h
Examining data/dx-4.4.4/src/uipp/dxuilib/UndoNode.C
Examining data/dx-4.4.4/src/uipp/dxuilib/UndoNode.h
Examining data/dx-4.4.4/src/uipp/dxuilib/UndoRepeatableTab.C
Examining data/dx-4.4.4/src/uipp/dxuilib/UndoRepeatableTab.h
Examining data/dx-4.4.4/src/uipp/dxuilib/ValueInstance.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ValueInstance.h
Examining data/dx-4.4.4/src/uipp/dxuilib/ValueListInstance.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ValueListInstance.h
Examining data/dx-4.4.4/src/uipp/dxuilib/VCDefaultResources.h
Examining data/dx-4.4.4/src/uipp/dxuilib/._ViewControlDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ViewControlDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/ViewControlDialog.h
Examining data/dx-4.4.4/src/uipp/dxuilib/VPEAnnotator.C
Examining data/dx-4.4.4/src/uipp/dxuilib/VPEAnnotator.h
Examining data/dx-4.4.4/src/uipp/dxuilib/VPEPage.C
Examining data/dx-4.4.4/src/uipp/dxuilib/VPEPage.h
Examining data/dx-4.4.4/src/uipp/dxuilib/VPEPostIt.h
Examining data/dx-4.4.4/src/uipp/dxuilib/VPERoot.C
Examining data/dx-4.4.4/src/uipp/dxuilib/VPERoot.h
Examining data/dx-4.4.4/src/uipp/dxuilib/vrmlmac.h
Examining data/dx-4.4.4/src/uipp/dxuilib/._WorkSpaceComponent.C
Examining data/dx-4.4.4/src/uipp/dxuilib/WorkSpaceComponent.C
Examining data/dx-4.4.4/src/uipp/dxuilib/WorkSpaceComponent.h
Examining data/dx-4.4.4/src/uipp/dxuilib/DXApplication.h
Examining data/dx-4.4.4/src/uipp/dxuilib/JavaNet.C
Examining data/dx-4.4.4/src/uipp/dxuilib/PostScriptImageFormat.C
Examining data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C
Examining data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C
Examining data/dx-4.4.4/src/uipp/dxuilib/AutoAxesDialog.C
Examining data/dx-4.4.4/src/uipp/dxuilib/DXWindow.C
Examining data/dx-4.4.4/src/uipp/dxuilib/PageTab.C
Examining data/dx-4.4.4/src/uipp/dxuilib/VPEPostIt.C
Examining data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C
Examining data/dx-4.4.4/src/uipp/java/server/DXLink.c
Examining data/dx-4.4.4/src/uipp/mb/CommentDialog.C
Examining data/dx-4.4.4/src/uipp/mb/CommentDialog.h
Examining data/dx-4.4.4/src/uipp/mb/ConfirmedQCommand.C
Examining data/dx-4.4.4/src/uipp/mb/ConfirmedQCommand.h
Examining data/dx-4.4.4/src/uipp/mb/MBCommand.C
Examining data/dx-4.4.4/src/uipp/mb/MBCommand.h
Examining data/dx-4.4.4/src/uipp/mb/MBGenerate.h
Examining data/dx-4.4.4/src/uipp/mb/MBMainWindow.C
Examining data/dx-4.4.4/src/uipp/mb/MBMainWindow.h
Examining data/dx-4.4.4/src/uipp/mb/MBNewCommand.C
Examining data/dx-4.4.4/src/uipp/mb/MBNewCommand.h
Examining data/dx-4.4.4/src/uipp/mb/MBParameter.C
Examining data/dx-4.4.4/src/uipp/mb/MBParameter.h
Examining data/dx-4.4.4/src/uipp/mb/OpenFileDialog.C
Examining data/dx-4.4.4/src/uipp/mb/OpenFileDialog.h
Examining data/dx-4.4.4/src/uipp/mb/OptionsDialog.C
Examining data/dx-4.4.4/src/uipp/mb/OptionsDialog.h
Examining data/dx-4.4.4/src/uipp/mb/QuitCommand.C
Examining data/dx-4.4.4/src/uipp/mb/QuitCommand.h
Examining data/dx-4.4.4/src/uipp/mb/SADialog.C
Examining data/dx-4.4.4/src/uipp/mb/SADialog.h
Examining data/dx-4.4.4/src/uipp/mb/MBApplication.C
Examining data/dx-4.4.4/src/uipp/mb/MBApplication.h
Examining data/dx-4.4.4/src/uipp/mb/Main.C
Examining data/dx-4.4.4/src/uipp/mb/MBGenerate.C
Examining data/dx-4.4.4/src/uipp/prompter/Browser.C
Examining data/dx-4.4.4/src/uipp/prompter/Browser.h
Examining data/dx-4.4.4/src/uipp/prompter/BrowserCommand.C
Examining data/dx-4.4.4/src/uipp/prompter/BrowserCommand.h
Examining data/dx-4.4.4/src/uipp/prompter/BuildTCDict.C
Examining data/dx-4.4.4/src/uipp/prompter/CDFChoice.C
Examining data/dx-4.4.4/src/uipp/prompter/CDFChoice.h
Examining data/dx-4.4.4/src/uipp/prompter/CommandTextPopup.h
Examining data/dx-4.4.4/src/uipp/prompter/CommentDialog.C
Examining data/dx-4.4.4/src/uipp/prompter/CommentDialog.h
Examining data/dx-4.4.4/src/uipp/prompter/ConfirmedOpenCommand.C
Examining data/dx-4.4.4/src/uipp/prompter/ConfirmedOpenCommand.h
Examining data/dx-4.4.4/src/uipp/prompter/ConfirmedQCommand.C
Examining data/dx-4.4.4/src/uipp/prompter/ConfirmedQCommand.h
Examining data/dx-4.4.4/src/uipp/prompter/DataFileDialog.C
Examining data/dx-4.4.4/src/uipp/prompter/DataFileDialog.h
Examining data/dx-4.4.4/src/uipp/prompter/DXChoice.C
Examining data/dx-4.4.4/src/uipp/prompter/DXChoice.h
Examining data/dx-4.4.4/src/uipp/prompter/Field.C
Examining data/dx-4.4.4/src/uipp/prompter/Field.h
Examining data/dx-4.4.4/src/uipp/prompter/FileContents.C
Examining data/dx-4.4.4/src/uipp/prompter/FileContents.h
Examining data/dx-4.4.4/src/uipp/prompter/FilenameSelectDialog.C
Examining data/dx-4.4.4/src/uipp/prompter/FilenameSelectDialog.h
Examining data/dx-4.4.4/src/uipp/prompter/._GARApplication.h
Examining data/dx-4.4.4/src/uipp/prompter/._GARChooserWindow.C
Examining data/dx-4.4.4/src/uipp/prompter/GARChooserWindow.C
Examining data/dx-4.4.4/src/uipp/prompter/GARChooserWindow.h
Examining data/dx-4.4.4/src/uipp/prompter/GARCommand.C
Examining data/dx-4.4.4/src/uipp/prompter/GARCommand.h
Examining data/dx-4.4.4/src/uipp/prompter/._GARMainWindow.C
Examining data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C
Examining data/dx-4.4.4/src/uipp/prompter/._GARMainWindow.h
Examining data/dx-4.4.4/src/uipp/prompter/GARMainWindow.h
Examining data/dx-4.4.4/src/uipp/prompter/GARNewCommand.C
Examining data/dx-4.4.4/src/uipp/prompter/GARNewCommand.h
Examining data/dx-4.4.4/src/uipp/prompter/GridChoice.C
Examining data/dx-4.4.4/src/uipp/prompter/GridChoice.h
Examining data/dx-4.4.4/src/uipp/prompter/HDFChoice.C
Examining data/dx-4.4.4/src/uipp/prompter/HDFChoice.h
Examining data/dx-4.4.4/src/uipp/prompter/ImageChoice.C
Examining data/dx-4.4.4/src/uipp/prompter/ImageChoice.h
Examining data/dx-4.4.4/src/uipp/prompter/ImportableChoice.C
Examining data/dx-4.4.4/src/uipp/prompter/ImportableChoice.h
Examining data/dx-4.4.4/src/uipp/prompter/MsgDialog.C
Examining data/dx-4.4.4/src/uipp/prompter/MsgDialog.h
Examining data/dx-4.4.4/src/uipp/prompter/NetCDFChoice.C
Examining data/dx-4.4.4/src/uipp/prompter/NetCDFChoice.h
Examining data/dx-4.4.4/src/uipp/prompter/NonimportableChoice.C
Examining data/dx-4.4.4/src/uipp/prompter/NonimportableChoice.h
Examining data/dx-4.4.4/src/uipp/prompter/NoUndoChoiceCommand.C
Examining data/dx-4.4.4/src/uipp/prompter/NoUndoChoiceCommand.h
Examining data/dx-4.4.4/src/uipp/prompter/NoUndoChooserCommand.C
Examining data/dx-4.4.4/src/uipp/prompter/NoUndoChooserCommand.h
Examining data/dx-4.4.4/src/uipp/prompter/NoUndoGARAppCommand.C
Examining data/dx-4.4.4/src/uipp/prompter/NoUndoGARAppCommand.h
Examining data/dx-4.4.4/src/uipp/prompter/OpenFileDialog.C
Examining data/dx-4.4.4/src/uipp/prompter/OpenFileDialog.h
Examining data/dx-4.4.4/src/uipp/prompter/QuitCommand.C
Examining data/dx-4.4.4/src/uipp/prompter/QuitCommand.h
Examining data/dx-4.4.4/src/uipp/prompter/RecordSeparator.C
Examining data/dx-4.4.4/src/uipp/prompter/RecordSeparator.h
Examining data/dx-4.4.4/src/uipp/prompter/SADialog.C
Examining data/dx-4.4.4/src/uipp/prompter/SADialog.h
Examining data/dx-4.4.4/src/uipp/prompter/SearchDialog.C
Examining data/dx-4.4.4/src/uipp/prompter/SearchDialog.h
Examining data/dx-4.4.4/src/uipp/prompter/SpreadSheetChoice.C
Examining data/dx-4.4.4/src/uipp/prompter/SpreadSheetChoice.h
Examining data/dx-4.4.4/src/uipp/prompter/TypeChoice.C
Examining data/dx-4.4.4/src/uipp/prompter/TypeChoice.h
Examining data/dx-4.4.4/src/uipp/prompter/GARApplication.h
Examining data/dx-4.4.4/src/uipp/prompter/Main.C
Examining data/dx-4.4.4/src/uipp/prompter/CommandTextPopup.C
Examining data/dx-4.4.4/src/uipp/prompter/GARApplication.C
Examining data/dx-4.4.4/src/uipp/startup/NetFileDialog.C
Examining data/dx-4.4.4/src/uipp/startup/NetFileDialog.h
Examining data/dx-4.4.4/src/uipp/startup/._StartupApplication.C
Examining data/dx-4.4.4/src/uipp/startup/._StartupApplication.h
Examining data/dx-4.4.4/src/uipp/startup/StartupCommand.C
Examining data/dx-4.4.4/src/uipp/startup/StartupCommand.h
Examining data/dx-4.4.4/src/uipp/startup/StartupWindow.C
Examining data/dx-4.4.4/src/uipp/startup/StartupWindow.h
Examining data/dx-4.4.4/src/uipp/startup/TimedInfoDialog.C
Examining data/dx-4.4.4/src/uipp/startup/TimedInfoDialog.h
Examining data/dx-4.4.4/src/uipp/startup/Main.C
Examining data/dx-4.4.4/src/uipp/startup/StartupApplication.C
Examining data/dx-4.4.4/src/uipp/startup/StartupApplication.h
Examining data/dx-4.4.4/src/uipp/tutor/NoUndoTutorAppCommand.C
Examining data/dx-4.4.4/src/uipp/tutor/NoUndoTutorAppCommand.h
Examining data/dx-4.4.4/src/uipp/tutor/TutorWindow.C
Examining data/dx-4.4.4/src/uipp/tutor/TutorWindow.h
Examining data/dx-4.4.4/src/uipp/tutor/Main.C
Examining data/dx-4.4.4/src/uipp/tutor/TutorApplication.h
Examining data/dx-4.4.4/src/uipp/tutor/TutorApplication.C
Examining data/dx-4.4.4/src/uipp/widgets/clipnotify.h
Examining data/dx-4.4.4/src/uipp/widgets/Color.h
Examining data/dx-4.4.4/src/uipp/widgets/ColorBar.c
Examining data/dx-4.4.4/src/uipp/widgets/._ColorMapEditor.c
Examining data/dx-4.4.4/src/uipp/widgets/ColorMapEditor.c
Examining data/dx-4.4.4/src/uipp/widgets/ColorMapEditor.h
Examining data/dx-4.4.4/src/uipp/widgets/ColorMapEditorP.h
Examining data/dx-4.4.4/src/uipp/widgets/ColorRGB.c
Examining data/dx-4.4.4/src/uipp/widgets/ControlColor.c
Examining data/dx-4.4.4/src/uipp/widgets/ControlField.c
Examining data/dx-4.4.4/src/uipp/widgets/ControlField.h
Examining data/dx-4.4.4/src/uipp/widgets/ControlLine.c
Examining data/dx-4.4.4/src/uipp/widgets/._ControlPoint.c
Examining data/dx-4.4.4/src/uipp/widgets/ControlPoint.c
Examining data/dx-4.4.4/src/uipp/widgets/ControlValue.c
Examining data/dx-4.4.4/src/uipp/widgets/._Dial.c
Examining data/dx-4.4.4/src/uipp/widgets/Dial.c
Examining data/dx-4.4.4/src/uipp/widgets/Dial.h
Examining data/dx-4.4.4/src/uipp/widgets/DialP.h
Examining data/dx-4.4.4/src/uipp/widgets/Dither.c
Examining data/dx-4.4.4/src/uipp/widgets/FFloat.c
Examining data/dx-4.4.4/src/uipp/widgets/FFloat.h
Examining data/dx-4.4.4/src/uipp/widgets/FieldCursor.h
Examining data/dx-4.4.4/src/uipp/widgets/findcolor.c
Examining data/dx-4.4.4/src/uipp/widgets/findcolor.h
Examining data/dx-4.4.4/src/uipp/widgets/Findroute.c
Examining data/dx-4.4.4/src/uipp/widgets/._FrameControl.c
Examining data/dx-4.4.4/src/uipp/widgets/FrameControl.c
Examining data/dx-4.4.4/src/uipp/widgets/FrameControl.h
Examining data/dx-4.4.4/src/uipp/widgets/FrameControlP.h
Examining data/dx-4.4.4/src/uipp/widgets/gamma.c
Examining data/dx-4.4.4/src/uipp/widgets/gamma.h
Examining data/dx-4.4.4/src/uipp/widgets/Grid.c
Examining data/dx-4.4.4/src/uipp/widgets/Grid.h
Examining data/dx-4.4.4/src/uipp/widgets/._Image.c
Examining data/dx-4.4.4/src/uipp/widgets/Image.c
Examining data/dx-4.4.4/src/uipp/widgets/Image.h
Examining data/dx-4.4.4/src/uipp/widgets/ImageP.h
Examining data/dx-4.4.4/src/uipp/widgets/._MultiText.h
Examining data/dx-4.4.4/src/uipp/widgets/MultiText.h
Examining data/dx-4.4.4/src/uipp/widgets/MultiTextP.h
Examining data/dx-4.4.4/src/uipp/widgets/Number.c
Examining data/dx-4.4.4/src/uipp/widgets/Number.h
Examining data/dx-4.4.4/src/uipp/widgets/NumberInput.h
Examining data/dx-4.4.4/src/uipp/widgets/NumberOutput.c
Examining data/dx-4.4.4/src/uipp/widgets/NumberP.h
Examining data/dx-4.4.4/src/uipp/widgets/NumericList.c
Examining data/dx-4.4.4/src/uipp/widgets/NumericList.h
Examining data/dx-4.4.4/src/uipp/widgets/NumericListP.h
Examining data/dx-4.4.4/src/uipp/widgets/Picture.c
Examining data/dx-4.4.4/src/uipp/widgets/Picture.h
Examining data/dx-4.4.4/src/uipp/widgets/PictureP.h
Examining data/dx-4.4.4/src/uipp/widgets/._SlideBar.c
Examining data/dx-4.4.4/src/uipp/widgets/SlideBar.c
Examining data/dx-4.4.4/src/uipp/widgets/SlideBar.h
Examining data/dx-4.4.4/src/uipp/widgets/SlideBarP.h
Examining data/dx-4.4.4/src/uipp/widgets/Slider.c
Examining data/dx-4.4.4/src/uipp/widgets/Slider.h
Examining data/dx-4.4.4/src/uipp/widgets/SliderP.h
Examining data/dx-4.4.4/src/uipp/widgets/Stepper.c
Examining data/dx-4.4.4/src/uipp/widgets/Stepper.h
Examining data/dx-4.4.4/src/uipp/widgets/StepperP.h
Examining data/dx-4.4.4/src/uipp/widgets/._VCRControl.c
Examining data/dx-4.4.4/src/uipp/widgets/VCRControl.c
Examining data/dx-4.4.4/src/uipp/widgets/VCRControl.h
Examining data/dx-4.4.4/src/uipp/widgets/VCRControlP.h
Examining data/dx-4.4.4/src/uipp/widgets/WorkspaceCallback.c
Examining data/dx-4.4.4/src/uipp/widgets/WorkspaceCallback.h
Examining data/dx-4.4.4/src/uipp/widgets/WorkspaceP.h
Examining data/dx-4.4.4/src/uipp/widgets/WorkspaceW.c
Examining data/dx-4.4.4/src/uipp/widgets/WorkspaceW.h
Examining data/dx-4.4.4/src/uipp/widgets/XmDX.h
Examining data/dx-4.4.4/src/uipp/widgets/MultiText.c

FINAL RESULTS:

data/dx-4.4.4/src/exec/dpexec/ccm.c:159:5:  [5] (race) chmod:
  This accepts filename arguments; if an attacker can move those files, a
  race condition results. (CWE-362). Use fchmod( ) instead.
    chmod("/tmp/.DX-unix/", 0777);
data/dx-4.4.4/src/exec/dpexec/socket.c:209:5:  [5] (race) chmod:
  This accepts filename arguments; if an attacker can move those files, a
  race condition results. (CWE-362). Use fchmod( ) instead.
    chmod("/tmp/.DX-unix", 0777);
data/dx-4.4.4/src/exec/dpexec/socket.c:501:16:  [5] (buffer) gets:
  Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
	printf("> "); gets(buffer);
data/dx-4.4.4/src/exec/dxmods/_im_image.c:672:9:  [5] (buffer) strncat:
  Easily used incorrectly (e.g., incorrectly computing the correct maximum
  size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
  or automatically resizing strings. Risk is high; the length parameter
  appears to be a constant, instead of computing the number of characters
  left.
        strncat( user_basename, name, sizeof(user_basename)-1 );
data/dx-4.4.4/src/uipp/dxl/conn.c:501:31:  [5] (buffer) gets:
  Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
	printf("Enter Port No... "); gets(achStr);
data/dx-4.4.4/src/uipp/dxuilib/GetSetConversionDialog.C:509:44:  [5] (buffer) gets:
  Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
	    (theDXApplication->network, maclist, &gets, &sets);
data/dx-4.4.4/src/uipp/dxuilib/GetSetConversionDialog.C:517:10:  [5] (buffer) gets:
  Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
    if ((gets) || (sets)) {
data/dx-4.4.4/src/uipp/dxuilib/GetSetConversionDialog.C:524:6:  [5] (buffer) gets:
  Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
	if (gets) delete gets;
data/dx-4.4.4/src/uipp/dxuilib/GetSetConversionDialog.C:524:19:  [5] (buffer) gets:
  Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
	if (gets) delete gets;
data/dx-4.4.4/src/uipp/dxuilib/GetSetConversionDialog.C:603:17:  [5] (buffer) gets:
  Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
    int gcnt = (gets?gets->getSize():0);
data/dx-4.4.4/src/uipp/dxuilib/GetSetConversionDialog.C:620:9:  [5] (buffer) gets:
  Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
    if (gets) delete gets;
data/dx-4.4.4/src/uipp/dxuilib/GetSetConversionDialog.C:620:22:  [5] (buffer) gets:
  Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
    if (gets) delete gets;
data/dx-4.4.4/src/uipp/dxuilib/GetSetConversionDialog.C:631:43:  [5] (buffer) gets:
  Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
	(Network *topnet, List * maclist, List **gets, List **sets)
data/dx-4.4.4/src/uipp/dxuilib/GetSetConversionDialog.C:673:11:  [5] (buffer) gets:
  Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
    if ((!gets) && (!sets)) {
data/dx-4.4.4/src/uipp/dxuilib/GetSetConversionDialog.C:677:10:  [5] (buffer) gets:
  Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
    if ((gets) || (sets))
data/dx-4.4.4/src/uipp/dxuilib/GetSetConversionDialog.C:680:9:  [5] (buffer) gets:
  Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
    if (gets) {
data/dx-4.4.4/src/uipp/dxuilib/GetSetConversionDialog.C:681:14:  [5] (buffer) gets:
  Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
	it.setList(*gets);
data/dx-4.4.4/src/uipp/dxuilib/GetSetConversionDialog.C:684:9:  [5] (buffer) gets:
  Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
	delete gets;
data/dx-4.4.4/src/uipp/dxuilib/GetSetConversionDialog.C:712:9:  [5] (buffer) gets:
  Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
    if (gets) gcnt = gets->getSize();
data/dx-4.4.4/src/uipp/dxuilib/GetSetConversionDialog.C:723:9:  [5] (buffer) gets:
  Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
    if (gets) delete gets;
data/dx-4.4.4/src/uipp/dxuilib/GetSetConversionDialog.C:723:22:  [5] (buffer) gets:
  Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
    if (gets) delete gets;
data/dx-4.4.4/src/uipp/dxuilib/GetSetConversionDialog.C:747:9:  [5] (buffer) gets:
  Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
    if (gets) {
data/dx-4.4.4/src/uipp/dxuilib/GetSetConversionDialog.C:748:14:  [5] (buffer) gets:
  Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
	it.setList(*gets);
data/dx-4.4.4/src/uipp/dxuilib/GetSetConversionDialog.C:810:9:  [5] (buffer) gets:
  Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
    if (gets) delete gets;
data/dx-4.4.4/src/uipp/dxuilib/GetSetConversionDialog.C:810:22:  [5] (buffer) gets:
  Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
    if (gets) delete gets;
data/dx-4.4.4/src/uipp/dxuilib/GetSetConversionDialog.C:1027:17:  [5] (buffer) gets:
  Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
    int gcnt = (gets?gets->getSize():0);
data/dx-4.4.4/src/uipp/dxuilib/GetSetConversionDialog.C:1029:9:  [5] (buffer) gets:
  Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
    if (gets) delete gets;
data/dx-4.4.4/src/uipp/dxuilib/GetSetConversionDialog.C:1029:22:  [5] (buffer) gets:
  Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
    if (gets) delete gets;
data/dx-4.4.4/src/uipp/dxuilib/GetSetConversionDialog.h:103:42:  [5] (buffer) gets:
  Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
	(Network *topnet, List* maclist, List **gets, List **sets);
data/dx-4.4.4/src/uipp/dxuilib/PacketIF.C:1670:2:  [5] (race) chmod:
  This accepts filename arguments; if an attacker can move those files, a
  race condition results. (CWE-362). Use fchmod( ) instead.
	chmod("/tmp/.DX-unix", 0777);
data/dx-4.4.4/include/dx/arch.h:71:9:  [4] (shell) popen:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
#define popen _popen
data/dx-4.4.4/include/dx/arch.h:540:8:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
#ifdef snprintf
data/dx-4.4.4/include/dx/arch.h:541:8:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
#undef snprintf
data/dx-4.4.4/include/dx/arch.h:543:9:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
#define snprintf _snprintf
data/dx-4.4.4/include/dx/arch.h:543:18:  [4] (format) _snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
#define snprintf _snprintf
data/dx-4.4.4/include/dx/arch.h:545:8:  [4] (format) vsnprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
#ifdef vsnprintf
data/dx-4.4.4/include/dx/arch.h:546:8:  [4] (format) vsnprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
#undef vsnprintf
data/dx-4.4.4/include/dx/arch.h:548:9:  [4] (format) vsnprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
#define vsnprintf _vsnprintf
data/dx-4.4.4/src/exec/dpexec/_macro.h:16:7:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
These access methods are used to operate on dictionary entries which are
data/dx-4.4.4/src/exec/dpexec/_variable.h:16:7:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
These access methods are specifically used to operate on dictionary entries
data/dx-4.4.4/src/exec/dpexec/cache.h:23:7:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
These access methods are specifically used to operate on dictionary entries
data/dx-4.4.4/src/exec/dpexec/cache.h:24:63:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
that are associated with the recipe cache. These are the only access methods
data/dx-4.4.4/src/exec/dpexec/cachegraph.c:302:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy( mod_cache_str, mod );
data/dx-4.4.4/src/exec/dpexec/command.c:332:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(savehost, host);
data/dx-4.4.4/src/exec/dpexec/command.c:508:29:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                            strcpy(index->options, options);
data/dx-4.4.4/src/exec/dpexec/command.c:539:25:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                        strcpy(index->options, options);
data/dx-4.4.4/src/exec/dpexec/command.c:576:17:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                strcpy(dpentry.options, options);
data/dx-4.4.4/src/exec/dpexec/command.c:1470:36:  [4] (crypto) crypt:
  The crypt functions use a poor one-way hashing algorithm; since they only
  accept passwords of 8 characters or fewer and only a two-byte salt, they
  are excessively vulnerable to dictionary attacks given today's faster
  computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
  with a larger, non-repeating salt.
    if(strcmp(keybuf,(const char *)crypt(key,salt))){
data/dx-4.4.4/src/exec/dpexec/command.c:1580:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf (b, "%s", *c ? c : "<no version specified>");
data/dx-4.4.4/src/exec/dpexec/distconnect.c:334:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(spentry.peername, index->prochostname);
data/dx-4.4.4/src/exec/dpexec/dpparse.c:520:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		strcpy(str, p->v.id.id);
data/dx-4.4.4/src/exec/dpexec/dpparse.c:526:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		strcpy(str, p->v.id.id);
data/dx-4.4.4/src/exec/dpexec/dpparse.c:603:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		strcpy(str, p->v.id.id);
data/dx-4.4.4/src/exec/dpexec/dpparse.c:609:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		strcpy(str, p->v.id.id);
data/dx-4.4.4/src/exec/dpexec/dxThreadMain.cpp:186:2:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
	printf (prompt ? prompt : EX_PROMPT);\
data/dx-4.4.4/src/exec/dpexec/dxThreadMain.cpp:291:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		strcpy(largv[i], argv[i]);
data/dx-4.4.4/src/exec/dpexec/dxThreadMain.cpp:464:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(extesthost, optarg);
data/dx-4.4.4/src/exec/dpexec/dxThreadMain.cpp:1748:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(buf, EX_NAME);
data/dx-4.4.4/src/exec/dpexec/dxThreadMain.cpp:1750:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(buf, DXD_VERSION_STRING);
data/dx-4.4.4/src/exec/dpexec/dxThreadMain.cpp:1822:5:  [4] (format) vsprintf:
  Potential format string problem (CWE-134). Make format string constant.
    vsprintf(buffer, format, arg);
data/dx-4.4.4/src/exec/dpexec/dxThreadMain.cpp:2140:9:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
        printf (prompt? prompt: EX_PROMPT);
data/dx-4.4.4/src/exec/dpexec/dxmain.c:802:5:  [4] (format) vsprintf:
  Potential format string problem (CWE-134). Make format string constant.
    vsprintf(buffer, format, arg);
data/dx-4.4.4/src/exec/dpexec/dxmain.c:858:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(extesthost, optarg);
data/dx-4.4.4/src/exec/dpexec/dxmain.c:1092:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(buf, EX_NAME);
data/dx-4.4.4/src/exec/dpexec/dxmain.c:1094:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(buf, DXD_VERSION_STRING);
data/dx-4.4.4/src/exec/dpexec/dxpfsmgr.c:175:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(buf, partname);
data/dx-4.4.4/src/exec/dpexec/dxpfsmgr.c:181:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(buf+strlen(partname), gm_buf + i * PFS_NAME_LEN);
data/dx-4.4.4/src/exec/dpexec/evalgraph.c:999:9:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
        strcat(bell, _dxf_ExGFuncPathToString(n));
data/dx-4.4.4/src/exec/dpexec/evalgraph.c:1630:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buf, "%d::%s", p->graphId, _dxf_ExGFuncPathToString(n));
data/dx-4.4.4/src/exec/dpexec/evalgraph.c:2978:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(dphostent.name, prochost);
data/dx-4.4.4/src/exec/dpexec/function.c:485:8:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
       strcpy (formatstr, ATTR_DIREROUTE);
data/dx-4.4.4/src/exec/dpexec/function.c:487:8:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function. If the scanf format is influenceable by an
  attacker, it's exploitable.
       sscanf (curr_attr, formatstr, &tmp);
data/dx-4.4.4/src/exec/dpexec/function.c:493:8:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
       strcpy (formatstr, ATTR_CACHE);
data/dx-4.4.4/src/exec/dpexec/function.c:495:8:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function. If the scanf format is influenceable by an
  attacker, it's exploitable.
       sscanf (curr_attr, formatstr, &tmp);
data/dx-4.4.4/src/exec/dpexec/function.c:501:8:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
       strcpy (formatstr, ATTR_RERUNKEY);
data/dx-4.4.4/src/exec/dpexec/function.c:503:8:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function. If the scanf format is influenceable by an
  attacker, it's exploitable.
       sscanf (curr_attr, formatstr, &tmp);
data/dx-4.4.4/src/exec/dpexec/graph.c:378:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat (s, p->name);
data/dx-4.4.4/src/exec/dpexec/graph.c:792:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
				strcat (p, DXGetString (string));
data/dx-4.4.4/src/exec/dpexec/graph.c:831:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat (opstr, buf);
data/dx-4.4.4/src/exec/dpexec/graph.c:871:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat (opstr, id);
data/dx-4.4.4/src/exec/dpexec/graph.c:1257:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(modname, name);
data/dx-4.4.4/src/exec/dpexec/graph.c:2669:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
  strcpy (new, name);
data/dx-4.4.4/src/exec/dpexec/graph.c:2770:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy( p+1, module_name );
data/dx-4.4.4/src/exec/dpexec/graph.c:2773:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy( p+1, _dxf_BuildInstanceNumString( path->instances[i] ) );
data/dx-4.4.4/src/exec/dpexec/graph.c:2912:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
  strcpy(tmp, path);
data/dx-4.4.4/src/exec/dpexec/graph2.c:115:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		strcpy (mptr, warning);
data/dx-4.4.4/src/exec/dpexec/graph2.c:120:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		    strcpy (mptr, _macro_stack[j]);
data/dx-4.4.4/src/exec/dpexec/graph2.c:125:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		strcpy (mptr, name);
data/dx-4.4.4/src/exec/dpexec/help.c:48:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf (buffer, "\nThe function %s is not defined\n\n", f);
data/dx-4.4.4/src/exec/dpexec/help.c:51:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy (ret, buffer);
data/dx-4.4.4/src/exec/dpexec/help.c:62:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf (bufp, "\nThe %s %s has the following usage:\n\n", type, f);
data/dx-4.4.4/src/exec/dpexec/help.c:70:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy (bufp, name->v.id.id);
data/dx-4.4.4/src/exec/dpexec/help.c:83:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy (bufp, f);
data/dx-4.4.4/src/exec/dpexec/help.c:90:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy (bufp, name->v.id.id);
data/dx-4.4.4/src/exec/dpexec/help.c:107:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy (ret, buffer);
data/dx-4.4.4/src/exec/dpexec/lex.c:54:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
      strcpy(c->buf, b);
data/dx-4.4.4/src/exec/dpexec/license.c:191:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(envbuf, c_buf+4);
data/dx-4.4.4/src/exec/dpexec/license.c:224:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy(remname,getenv("DXSHADOW"));
data/dx-4.4.4/src/exec/dpexec/license.c:226:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(remname,"%s/bin_%s/dxshadow",root,DXD_ARCHNAME);
data/dx-4.4.4/src/exec/dpexec/license.c:239:2:  [4] (shell) execlp:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
	execlp(remname, "dxshadow", arg1 , "-version", arg3 ,NULL);
data/dx-4.4.4/src/exec/dpexec/license.c:269:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(ckey, c_buf+4);
data/dx-4.4.4/src/exec/dpexec/license.c:276:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(p_buf, crypt(ckey, salt));;
data/dx-4.4.4/src/exec/dpexec/license.c:276:16:  [4] (crypto) crypt:
  The crypt functions use a poor one-way hashing algorithm; since they only
  accept passwords of 8 characters or fewer and only a two-byte salt, they
  are excessively vulnerable to dictionary attacks given today's faster
  computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
  with a larger, non-repeating salt.
	strcpy(p_buf, crypt(ckey, salt));;
data/dx-4.4.4/src/exec/dpexec/license.c:316:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(messagebuf,"Exec got nodelocked %s license.",lic_name);
data/dx-4.4.4/src/exec/dpexec/license.c:330:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(messagebuf,"Exec got concurrent use %s license.",
data/dx-4.4.4/src/exec/dpexec/license.c:350:8:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	      sprintf(messagebuf,"Exec could not get a %s license,"
data/dx-4.4.4/src/exec/dpexec/license.c:451:11:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
          sprintf(fileName, "%s/expiration", root);
data/dx-4.4.4/src/exec/dpexec/license.c:456:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(key_location_buf,"file %s",fname);	
data/dx-4.4.4/src/exec/dpexec/license.c:468:4:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	  sprintf(buf,"Found Data Explorer trial password in %s.\n",
data/dx-4.4.4/src/exec/dpexec/license.c:471:8:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	      strcat(messagebuf,buf);
data/dx-4.4.4/src/exec/dpexec/license.c:518:19:  [4] (crypto) crypt:
  The crypt functions use a poor one-way hashing algorithm; since they only
  accept passwords of 8 characters or fewer and only a two-byte salt, they
  are excessively vulnerable to dictionary attacks given today's faster
  computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
  with a larger, non-repeating salt.
    myCryptHost = crypt(host, KEY1);
data/dx-4.4.4/src/exec/dpexec/license.c:521:23:  [4] (crypto) crypt:
  The crypt functions use a poor one-way hashing algorithm; since they only
  accept passwords of 8 characters or fewer and only a two-byte salt, they
  are excessively vulnerable to dictionary attacks given today's faster
  computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
  with a larger, non-repeating salt.
        myCryptHost = crypt(ANYWHERE_HOSTID, KEY1);
data/dx-4.4.4/src/exec/dpexec/license.c:610:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(host, name.machine+2);
data/dx-4.4.4/src/exec/dpexec/license.c:616:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(host, name.idnumber+2);
data/dx-4.4.4/src/exec/dpexec/license.c:622:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(host, host+2);
data/dx-4.4.4/src/exec/dpexec/license.c:658:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy(devea.ifr_name,dev);
data/dx-4.4.4/src/exec/dpexec/license.c:663:7:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
		    strcat(host,buf);
data/dx-4.4.4/src/exec/dpexec/loader.c:222:1:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
system dependent).
data/dx-4.4.4/src/exec/dpexec/loader.c:585:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(szName, fname);
data/dx-4.4.4/src/exec/dpexec/loader.c:587:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(szStr, "%s.dll", szName);
data/dx-4.4.4/src/exec/dpexec/loader.c:799:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(np->filename, filename);
data/dx-4.4.4/src/exec/dpexec/loader.c:895:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(*outname, inname);
data/dx-4.4.4/src/exec/dpexec/loader.c:897:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy(*outname, inname);
data/dx-4.4.4/src/exec/dpexec/loader.c:901:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(*outname, inname);
data/dx-4.4.4/src/exec/dpexec/loader.c:903:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy(*outname, inname);
data/dx-4.4.4/src/exec/dpexec/loader.c:934:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(*outname, inname);
data/dx-4.4.4/src/exec/dpexec/loader.c:936:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy(*outname, inname);
data/dx-4.4.4/src/exec/dpexec/loader.c:940:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(*outname, inname);
data/dx-4.4.4/src/exec/dpexec/loader.c:942:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy(*outname, inname);
data/dx-4.4.4/src/exec/dpexec/loader.c:947:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(*outname, extension);
data/dx-4.4.4/src/exec/dpexec/loader.c:994:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(*outname, datadir);
data/dx-4.4.4/src/exec/dpexec/loader.c:996:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy(*outname, datadir);
data/dx-4.4.4/src/exec/dpexec/loader.c:1000:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(*outname, datadir);
data/dx-4.4.4/src/exec/dpexec/loader.c:1002:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy(*outname, datadir);
data/dx-4.4.4/src/exec/dpexec/loader.c:1007:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(*outname, inname);
data/dx-4.4.4/src/exec/dpexec/loader.c:1033:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(*outname, extension);
data/dx-4.4.4/src/exec/dpexec/log.c:118:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(whobuf,who);
data/dx-4.4.4/src/exec/dpexec/log.c:135:21:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
                n = sprintf (buf, "%s:  ", who + 1);
data/dx-4.4.4/src/exec/dpexec/log.c:138:17:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
                sprintf (buf, "%s:  ", who + 1);
data/dx-4.4.4/src/exec/dpexec/log.c:147:21:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
                n = sprintf (buf, "%2d:  %s:  ", DXProcessorId (), who);
data/dx-4.4.4/src/exec/dpexec/log.c:150:17:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
                sprintf (buf, "%2d:  %s:  ", DXProcessorId (), who);
data/dx-4.4.4/src/exec/dpexec/log.c:167:10:  [4] (format) vsnprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    n2 = vsnprintf(buf + n, spaceLeft, message, args);
data/dx-4.4.4/src/exec/dpexec/log.c:172:7:  [4] (format) vsnprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
	n2 = vsnprintf(buf + n, spaceLeft, message, args);
data/dx-4.4.4/src/exec/dpexec/parsemdf.c:168:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(name, "%s%d", map->thisarg, i);
data/dx-4.4.4/src/exec/dpexec/path.c:34:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy (tail, name);
data/dx-4.4.4/src/exec/dpexec/path.c:68:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(tail, path);
data/dx-4.4.4/src/exec/dpexec/remote.c:253:7:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
		    strcat (s, av[0]);
data/dx-4.4.4/src/exec/dpexec/remote.c:296:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(script_name,"/tmp/dx-%s:%d",localhost,getpid());
data/dx-4.4.4/src/exec/dpexec/remote.c:304:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(cmd,"%s %s -l %s 'cat > %s'", local_rsh_cmd,
data/dx-4.4.4/src/exec/dpexec/remote.c:307:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(cmd,"%s %s 'cat > %s'", local_rsh_cmd,
data/dx-4.4.4/src/exec/dpexec/remote.c:316:7:  [4] (shell) popen:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
	fp = popen(cmd,"w");
data/dx-4.4.4/src/exec/dpexec/remote.c:407:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(cmdpvs, fargv[0]);
data/dx-4.4.4/src/exec/dpexec/remote.c:410:9:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
        strcat(cmdpvs, fargv[i]);
data/dx-4.4.4/src/exec/dpexec/remote.c:414:5:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    system(cmdpvs);
data/dx-4.4.4/src/exec/dpexec/remote.c:610:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(nargv[r_argc], myhost);
data/dx-4.4.4/src/exec/dpexec/remote.c:636:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(nargv[r_argc+1], myhost);
data/dx-4.4.4/src/exec/dpexec/remote.c:811:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy (buff, hostp);
data/dx-4.4.4/src/exec/dpexec/remote.c:1234:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(nid, id);
data/dx-4.4.4/src/exec/dpexec/socket.c:490:2:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
	fprintf(stdout, buffer);
data/dx-4.4.4/src/exec/dpexec/socket.c:499:2:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
	fprintf(stdout, buffer);
data/dx-4.4.4/src/exec/dpexec/utils.c:136:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy (new, old);
data/dx-4.4.4/src/exec/dpexec/utils.c:157:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy (new, old);
data/dx-4.4.4/src/exec/dpexec/yuiif.c:374:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf (&buf[n], "/%s", DXRC);
data/dx-4.4.4/src/exec/dpexec/yuiif.c:380:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buf, "C:\\%s", DXRC);
data/dx-4.4.4/src/exec/dpexec/yuiif.c:388:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf (buf, "%s/%s", pass->pw_dir, DXRC);
data/dx-4.4.4/src/exec/dpexec/yuiif.c:398:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf (buf, "%s/%s", root, DXRC);
data/dx-4.4.4/src/exec/dpexec/yuiif.c:405:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf (buf, "%s/lib/%s", root, SYSDXRC);
data/dx-4.4.4/src/exec/dpexec/yuiif.c:442:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy (fname[*fnum], name);
data/dx-4.4.4/src/exec/dpexec/yuiif.c:529:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(buf, tmp1);
data/dx-4.4.4/src/exec/dpexec/yuiif.c:531:17:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
                strcat(buf, DX_DIR_SEPARATOR_STR);
data/dx-4.4.4/src/exec/dpexec/yuiif.c:534:13:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
            strcat(buf, tmp2);
data/dx-4.4.4/src/exec/dpexec/yuiif.c:576:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy (buf, ipaths[i].path);
data/dx-4.4.4/src/exec/dpexec/yuiif.c:582:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy (buf + len + 1, name);
data/dx-4.4.4/src/exec/dpexec/yuiif.c:589:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(buf, "%s\\lib\\%s", getenv("DXROOT"), name);
data/dx-4.4.4/src/exec/dpexec/yuiif.c:591:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(buf, "%s/lib/%s", getenv("DXROOT"), name);
data/dx-4.4.4/src/exec/dpexec/yuiif.c:1447:21:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#  define YYFPRINTF fprintf
data/dx-4.4.4/src/exec/dpexec/yuiif.c:3339:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf (buf, "%s (non-printable character 0x%x)",
data/dx-4.4.4/src/exec/dxmods/_color.c:236:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(a.component, component);
data/dx-4.4.4/src/exec/dxmods/_compoper.c:452:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(result, DXGetString((String)o));
data/dx-4.4.4/src/exec/dxmods/_compoper.c:576:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(invalidName, "invalid %s", dep);
data/dx-4.4.4/src/exec/dxmods/_compoper.c:1001:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		strcpy(buff1, s1);
data/dx-4.4.4/src/exec/dxmods/_compoper.c:1002:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		strcpy(buff2, s2);
data/dx-4.4.4/src/exec/dxmods/_compoper.c:1289:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(symbolTable[symbolTableUsed].name, name);
data/dx-4.4.4/src/exec/dxmods/_compparse.c:660:21:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#  define YYFPRINTF fprintf
data/dx-4.4.4/src/exec/dxmods/_compparse.c:1594:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy(yyval.a->u.s, yyvsp[0].s);
data/dx-4.4.4/src/exec/dxmods/_glyph.c:1064:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
      strcpy(textarg.font,font); 
data/dx-4.4.4/src/exec/dxmods/_glyph.c:1079:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
      strcpy(arg.type, type_string);
data/dx-4.4.4/src/exec/dxmods/_glyph.c:5279:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(glyphelementtype, attr);
data/dx-4.4.4/src/exec/dxmods/_glyph.c:5330:4:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	  strcpy(font,start);
data/dx-4.4.4/src/exec/dxmods/_im_image.c:196:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(miff_filename,iargs->basename);
data/dx-4.4.4/src/exec/dxmods/_im_image.c:198:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(miff_filename,tmpargs.format);
data/dx-4.4.4/src/exec/dxmods/_im_image.c:228:16:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        (void) strcpy(image_info->filename,iargs->basename);
data/dx-4.4.4/src/exec/dxmods/_im_image.c:230:16:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
        (void) strcat(image_info->filename,tmpargs.format);
data/dx-4.4.4/src/exec/dxmods/_im_image.c:306:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(new_frame_info->filename, image->filename);
data/dx-4.4.4/src/exec/dxmods/_im_image.c:447:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(image->filename,iargs->basename);
data/dx-4.4.4/src/exec/dxmods/_im_image.c:450:13:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
            strcat(image->filename,iargs->extension);
data/dx-4.4.4/src/exec/dxmods/_im_image.c:549:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf( buf, "%s%s.%s", basename, framestr, extension );
data/dx-4.4.4/src/exec/dxmods/_im_image.c:557:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy ( buf, basename );
data/dx-4.4.4/src/exec/dxmods/_im_image.c:677:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf( newname, "%s.%d.%s",
data/dx-4.4.4/src/exec/dxmods/_newtri.c:91:31:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#define srprintf	if (srprint) printf
data/dx-4.4.4/src/exec/dxmods/_normals.c:103:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(gm, m);
data/dx-4.4.4/src/exec/dxmods/_plot.c:256:9:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
        sprintf(tempstring, fmt, locs[i]*ls);
data/dx-4.4.4/src/exec/dxmods/_plot.c:321:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buf,"%s","M"); 
data/dx-4.4.4/src/exec/dxmods/_plot.c:337:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(buf, "%s", labels[i]);
data/dx-4.4.4/src/exec/dxmods/_plot.c:339:2:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	sprintf(buf, fmt, pow(10.0,(double)((l + i*d) * ls))); 
data/dx-4.4.4/src/exec/dxmods/_plot.c:626:7:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
      sprintf(tempstring, fmt, locs[i]*ls);
data/dx-4.4.4/src/exec/dxmods/_plot.c:695:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buf,"%s","M");
data/dx-4.4.4/src/exec/dxmods/_plot.c:708:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(buf, "%s", labels[i]);
data/dx-4.4.4/src/exec/dxmods/_plot.c:711:2:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	sprintf( buf, fmt, pow(10.0,(double)((l + i*d) * ls))); 
data/dx-4.4.4/src/exec/dxmods/_post.c:1172:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(origName, "original %s", name);
data/dx-4.4.4/src/exec/dxmods/_postscript.c:53:24:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#define LINEOUT(s) if (fprintf(fout, s "\n") <= 0) goto bad_write;
data/dx-4.4.4/src/exec/dxmods/_postscript.c:1703:12:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
       if (fprintf(fout, NSCENES_STRING) <= 0) goto error;
data/dx-4.4.4/src/exec/dxmods/_postscript.c:1706:8:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
   if (fprintf(fout, DATASIZE_STRING) <= 0) goto error;
data/dx-4.4.4/src/exec/dxmods/_postscript.c:2042:9:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
	   if (fprintf(fp, NSCENES_STRING) < 0) goto error;
data/dx-4.4.4/src/exec/dxmods/_rgb_image.c:145:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(sizefilename,iargs->basename);
data/dx-4.4.4/src/exec/dxmods/_rw_image.c:342:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(cpy,str);
data/dx-4.4.4/src/exec/dxmods/_rw_image.c:497:11:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    if ( !strcpy ( buf, basename) )
data/dx-4.4.4/src/exec/dxmods/_rw_image.c:500:11:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    if ( !strcat ( buf, framestr) || !strcat(buf,".") )
data/dx-4.4.4/src/exec/dxmods/_rw_image.c:503:11:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    if ( !strcat ( buf, extension) )
data/dx-4.4.4/src/exec/dxmods/_tiff.c:1155:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy ( buf, basename );
data/dx-4.4.4/src/exec/dxmods/_tiff.c:1540:19:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    if ( ERROR == strcpy ( copyname, name ) )
data/dx-4.4.4/src/exec/dxmods/_tiff.c:1564:9:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
        sprintf
data/dx-4.4.4/src/exec/dxmods/autoglyph.c:137:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
      strcpy(type_string,type);
data/dx-4.4.4/src/exec/dxmods/autoglyph.c:325:10:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
         strcpy(textarg.font,font); 
data/dx-4.4.4/src/exec/dxmods/autoglyph.c:337:8:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
       strcpy(arg.type,type_string);
data/dx-4.4.4/src/exec/dxmods/autoglyph.c:358:8:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
       strcpy(arg.font,font);
data/dx-4.4.4/src/exec/dxmods/cachescene.c:49:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buf, "%s.object", tag);
data/dx-4.4.4/src/exec/dxmods/cachescene.c:65:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buf, "%s.camera", tag);
data/dx-4.4.4/src/exec/dxmods/caption.c:213:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(tmpstring, s[i]);
data/dx-4.4.4/src/exec/dxmods/caption.c:220:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(newstring, buf);
data/dx-4.4.4/src/exec/dxmods/caption.c:233:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(newstring, buf);
data/dx-4.4.4/src/exec/dxmods/categorize.c:858:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy( buff, cp->comp_name );
data/dx-4.4.4/src/exec/dxmods/categorize.c:859:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat( buff, LUT_POSTFIX );
data/dx-4.4.4/src/exec/dxmods/categorize.c:913:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat( invalid, dep );
data/dx-4.4.4/src/exec/dxmods/catstats.c:353:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(name_str, "%s lookup", cat_comp);
data/dx-4.4.4/src/exec/dxmods/catstats.c:360:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
      sprintf(name_str, "%s lookup", cat_comp);
data/dx-4.4.4/src/exec/dxmods/catstats.c:672:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(invalid, dep);
data/dx-4.4.4/src/exec/dxmods/colorbar.c:80:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
  strcpy(extralabel,nullstring);
data/dx-4.4.4/src/exec/dxmods/colormap.c:405:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
      sprintf(ei.mp, "title=%s",label);
data/dx-4.4.4/src/exec/dxmods/colormap.c:1170:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
      strcpy(ei.mp,name);  while(*ei.mp) ei.mp++;
data/dx-4.4.4/src/exec/dxmods/colormap.c:1189:4:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
   strcpy(ei.mp,name); while(*ei.mp) ei.mp++;
data/dx-4.4.4/src/exec/dxmods/compute2.c:87:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(p,s);			    \
data/dx-4.4.4/src/exec/dxmods/compute2.c:120:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(s,"%s=$%d;", name, cnt);
data/dx-4.4.4/src/exec/dxmods/describe.c:493:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(mbuf, "There %s %d data item%s (%d valid), each is of type ", 
data/dx-4.4.4/src/exec/dxmods/describe.c:497:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(mbuf, "There %s %d data item%s, each is of type ", 
data/dx-4.4.4/src/exec/dxmods/describe.c:508:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(mbuf, tbuf);
data/dx-4.4.4/src/exec/dxmods/describe.c:512:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(mbuf, tbuf);
data/dx-4.4.4/src/exec/dxmods/describe.c:516:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(mbuf, tbuf);
data/dx-4.4.4/src/exec/dxmods/describe.c:519:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(mbuf, tbuf);
data/dx-4.4.4/src/exec/dxmods/describe.c:986:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(invalid, dep);
data/dx-4.4.4/src/exec/dxmods/describe.c:1112:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(invalid, dep);
data/dx-4.4.4/src/exec/dxmods/display.c:161:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(copy, where);
data/dx-4.4.4/src/exec/dxmods/display.c:177:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(type, *copy? copy : "X");
data/dx-4.4.4/src/exec/dxmods/display.c:183:13:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
            strcat(type, arg1);
data/dx-4.4.4/src/exec/dxmods/display.c:252:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(cacheTag, "%s%s", "CACHED_OBJECT_", where);
data/dx-4.4.4/src/exec/dxmods/display.c:255:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(cacheTag, "%s%s", "CACHED_CAMERA_", where);
data/dx-4.4.4/src/exec/dxmods/display.c:281:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf (cacheid, "Display.%s.%x.%d.%s",
data/dx-4.4.4/src/exec/dxmods/display.c:623:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(tag, "%s%s", CACHE_APPENDAGE, where);
data/dx-4.4.4/src/exec/dxmods/echo.c:455:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(ei.mp, "%s", ClassNameString(class));
data/dx-4.4.4/src/exec/dxmods/enumerate.c:661:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(cbuf, "%s($0 + ($1 * $2))", TypeName(t));
data/dx-4.4.4/src/exec/dxmods/equalize.c:709:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf (buf, "histogram function:  %s", f);
data/dx-4.4.4/src/exec/dxmods/exp_gai.c:429:9:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
	       fprintf(h->dfp,format,nextf[k]);
data/dx-4.4.4/src/exec/dxmods/exp_gai.c:446:9:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
	       fprintf(h->dfp,format,nexti[k]);
data/dx-4.4.4/src/exec/dxmods/exp_gai.c:463:9:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
	       fprintf(h->dfp,format,nextui[k]);
data/dx-4.4.4/src/exec/dxmods/exp_gai.c:480:9:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
	       fprintf(h->dfp,format,nextb[k]);
data/dx-4.4.4/src/exec/dxmods/exp_gai.c:497:9:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
	       fprintf(h->dfp,format,nextub[k]);
data/dx-4.4.4/src/exec/dxmods/exp_gai.c:514:9:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
	       fprintf(h->dfp,format,nexts[k]);
data/dx-4.4.4/src/exec/dxmods/exp_gai.c:531:9:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
	       fprintf(h->dfp,format,nextus[k]);
data/dx-4.4.4/src/exec/dxmods/exp_gai.c:548:9:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
	       fprintf(h->dfp,format,nextd[k]);
data/dx-4.4.4/src/exec/dxmods/exp_gai.c:855:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	       sprintf(cmp,"%s_cmp%d",name,j);
data/dx-4.4.4/src/exec/dxmods/filter.c:1600:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat (buf, component);
data/dx-4.4.4/src/exec/dxmods/format.c:224:7:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
		    sprintf(bp, format, s);
data/dx-4.4.4/src/exec/dxmods/format.c:244:4:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
			sprintf(bp, format, s[0]);
data/dx-4.4.4/src/exec/dxmods/format.c:250:7:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
		    sprintf(bp, format, i);
data/dx-4.4.4/src/exec/dxmods/format.c:271:4:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
			sprintf(bp, format, ip[i]);
data/dx-4.4.4/src/exec/dxmods/format.c:297:7:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
		    sprintf(bp, format, i);
data/dx-4.4.4/src/exec/dxmods/format.c:318:4:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
			sprintf(bp, format, ip[i]);
data/dx-4.4.4/src/exec/dxmods/format.c:345:7:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
		    sprintf(bp, format, f);
data/dx-4.4.4/src/exec/dxmods/format.c:351:7:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
		    sprintf(bp,format,d);
data/dx-4.4.4/src/exec/dxmods/format.c:380:12:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
			        sprintf(bp, format, ((float *)p)[i]);
data/dx-4.4.4/src/exec/dxmods/format.c:382:12:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
			        sprintf(bp, format, ((double *)p)[i]);
data/dx-4.4.4/src/exec/dxmods/format.c:417:8:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
			    sprintf(bp, format, ((float *)p)[i*2]);
data/dx-4.4.4/src/exec/dxmods/format.c:419:8:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
			    sprintf(bp, format, ((double *)p)[i*2]);
data/dx-4.4.4/src/exec/dxmods/format.c:424:8:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
			    sprintf(bp, format, ((float *)p)[i*2 + 1]);
data/dx-4.4.4/src/exec/dxmods/format.c:426:8:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
			    sprintf(bp, format, ((double *)p)[i*2 + 1]);
data/dx-4.4.4/src/exec/dxmods/format.c:465:8:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
			    sprintf(bp, format, ((float *)p)[i*3]);
data/dx-4.4.4/src/exec/dxmods/format.c:467:8:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
			    sprintf(bp, format, ((double *)p)[i*3]);
data/dx-4.4.4/src/exec/dxmods/format.c:472:8:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
			    sprintf(bp, format, ((float *)p)[i*3 + 1]);
data/dx-4.4.4/src/exec/dxmods/format.c:474:8:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
			    sprintf(bp, format, ((double *)p)[i*3 + 1]);
data/dx-4.4.4/src/exec/dxmods/format.c:479:8:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
			    sprintf(bp, format, ((float *)p)[i*3 + 2]);
data/dx-4.4.4/src/exec/dxmods/format.c:481:8:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
			    sprintf(bp, format, ((double *)p)[i*3 + 2]);
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:201:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy(infopath,outname);
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:1235:6:  [4] (buffer) fscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
	r = fscanf(fp,"%s",&DREF(char,data,index));
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:1382:6:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function. If the scanf format is influenceable by an
  attacker, it's exploitable.
	if (sscanf(s,format,&DREF(char,data,index)) <=0){
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:1547:4:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
   strcpy(line,str);
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:1555:7:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
      strcat(line,str);
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:1686:12:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	          strcpy(r,&str[k]);
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:175:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
  strcpy(headerfile,table);
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:358:8:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
       strcpy(rec_sep[1]->marker, rec_sep[0]->marker);
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:365:11:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
          strcpy(rec_sep[f]->marker,rec_sep[0]->marker);
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:434:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(_dxd_gi_filename, name);    
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:450:4:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	  strcpy(_dxd_gi_var[i]->name, s);
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:483:12:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
           strcpy(_dxd_gi_var[i]->rec_separat[j].marker,rec_sep[n]->marker);
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:502:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(_dxd_gi_var[i]->rec_separat[0].marker,rec_sep[i]->marker);
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:559:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
      strcpy(_dxd_gi_var[myGI_numflds]->name, name);
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:1491:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
  strcpy(_dxd_gi_filename, p);    
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:1851:4:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
   strcpy(_dxd_gi_filename,*filename);
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:2323:4:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
   strcpy(line,str);
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:2331:7:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
      strcat(line,str);
data/dx-4.4.4/src/exec/dxmods/getscene.c:67:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(buf, "%s.object", tag);
data/dx-4.4.4/src/exec/dxmods/getscene.c:79:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(buf, "%s.camera", tag);
data/dx-4.4.4/src/exec/dxmods/glyph.c:139:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
      strcpy(type_string,type);
data/dx-4.4.4/src/exec/dxmods/glyph.c:327:10:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
         strcpy(textarg.font,font); 
data/dx-4.4.4/src/exec/dxmods/glyph.c:339:8:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
       strcpy(arg.type,type_string);
data/dx-4.4.4/src/exec/dxmods/glyph.c:360:8:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
       strcpy(arg.font,font);
data/dx-4.4.4/src/exec/dxmods/grid.c:168:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy (*structure, str);
data/dx-4.4.4/src/exec/dxmods/histogram.c:1736:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(invalid, dep);
data/dx-4.4.4/src/exec/dxmods/imagemessage.c:1213:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy( plr->messageType, type );
data/dx-4.4.4/src/exec/dxmods/import.c:373:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(tbuf, "%s.%d", p->filename, frame);
data/dx-4.4.4/src/exec/dxmods/import.c:432:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(firsterr, DXGetErrorMessage());
data/dx-4.4.4/src/exec/dxmods/import.c:470:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy(dataset_name, p->filename);
data/dx-4.4.4/src/exec/dxmods/import.c:472:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(dataset_name, numbuf);
data/dx-4.4.4/src/exec/dxmods/import.c:543:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(tbuf, "%s.%d", p->filename, frame);
data/dx-4.4.4/src/exec/dxmods/import.c:615:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	   strcpy(skip ,p->fieldlist[j]);
data/dx-4.4.4/src/exec/dxmods/import.c:635:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy(dataset_name, p->filename);
data/dx-4.4.4/src/exec/dxmods/import.c:639:3:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
		strcat(dataset_name, numbuf);
data/dx-4.4.4/src/exec/dxmods/import.c:756:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(tryname, inname);
data/dx-4.4.4/src/exec/dxmods/import.c:763:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(tryname, datadir);
data/dx-4.4.4/src/exec/dxmods/import.c:767:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(tryname, inname);
data/dx-4.4.4/src/exec/dxmods/import_cdf.c:898:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
      strcpy(outname, datadir);
data/dx-4.4.4/src/exec/dxmods/import_cdf.c:902:7:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
      strcat(outname, filename);
data/dx-4.4.4/src/exec/dxmods/import_cdf.c:2419:4:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
   strcpy (ptr->name,vp->name);
data/dx-4.4.4/src/exec/dxmods/import_cdf.c:2474:4:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	  strcpy(ptr->conn,nameConnect[ptr->dataDims]);
data/dx-4.4.4/src/exec/dxmods/import_hdf.c:329:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(foundname, filename);
data/dx-4.4.4/src/exec/dxmods/import_hdf.c:346:9:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
    if (access(foundname, E_ACC) >= 0 && !foundfile) {
data/dx-4.4.4/src/exec/dxmods/import_hdf.c:348:6:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
	if (access(foundname, R_ACC) < 0)
data/dx-4.4.4/src/exec/dxmods/import_hdf.c:354:9:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
    if (access(foundname, F_OK) >= 0 && !foundfile) {
data/dx-4.4.4/src/exec/dxmods/import_hdf.c:356:6:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
	if (access(foundname, R_OK) < 0)
data/dx-4.4.4/src/exec/dxmods/import_hdf.c:376:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(foundname, dir);
data/dx-4.4.4/src/exec/dxmods/import_hdf.c:380:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(foundname, filename);
data/dx-4.4.4/src/exec/dxmods/import_hdf.c:387:6:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
	if (access(foundname, E_ACC) >= 0 && !foundfile) {
data/dx-4.4.4/src/exec/dxmods/import_hdf.c:389:10:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
	    if (access(foundname, R_ACC) < 0)
data/dx-4.4.4/src/exec/dxmods/import_hdf.c:395:6:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
	if (access(foundname, F_OK) >= 0 && !foundfile) {
data/dx-4.4.4/src/exec/dxmods/import_hdf.c:397:10:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
	    if (access(foundname, R_OK) < 0)
data/dx-4.4.4/src/exec/dxmods/import_hdf.c:424:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(pathname, foundname);
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:377:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy(foundname, filename);
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:381:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(fname, filename);
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:392:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy(foundname, fname);
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:400:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy(fname, datadir);
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:404:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(fname, filename);
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:414:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		strcpy(foundname, fname);
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:427:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		strcpy(foundname, fname);
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:495:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(fname, filename);
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:505:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(fname, datadir);
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:509:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(fname, filename);
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:622:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(vp2->name, s[0]);
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:694:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		strcpy(vp1->cdfname, s[0]);
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:752:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		strcpy(vp1->name, s[0]);
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:854:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy(vp2->name, s[0]);
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:863:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy(vp2->name, s[0]);
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:946:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy(vp2->name, stringattr);
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:1119:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy(sp1, DXGetString((String)o));
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:1120:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(sp1, DXGetString((String)newo));
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:1141:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy(sp1, DXGetString((String)o));
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:1142:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(sp1, DXGetString((String)newo));
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:1165:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy(sp1, DXGetString((String)o));
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:1166:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(sp1, DXGetString((String)newo));
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:1194:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy(sp1, DXGetString((String)o));
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:1195:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(sp1, DXGetString((String)newo));
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:1230:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(sp1, vp->name);
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:1236:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(sp1, vp->name);
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:1522:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(savename, compname);
data/dx-4.4.4/src/exec/dxmods/import_ss.c:128:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	 strcpy(fs.delimiter, string);
data/dx-4.4.4/src/exec/dxmods/import_ss.c:636:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(ds[i]->name,labelsrc[i]->name);
data/dx-4.4.4/src/exec/dxmods/import_ss.c:849:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
      sprintf(inv_name, "%s missingvalues",ds[i]->name);
data/dx-4.4.4/src/exec/dxmods/import_ss.c:895:4:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	  strcpy(new_string[ncat],ds[i]->name);
data/dx-4.4.4/src/exec/dxmods/import_ss.c:1142:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
      strcpy(string[imp],ds[i]->name);
data/dx-4.4.4/src/exec/dxmods/import_ss.c:1314:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
  strcpy(line,str);
data/dx-4.4.4/src/exec/dxmods/import_ss.c:1322:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(line,str);
data/dx-4.4.4/src/exec/dxmods/import_ss.c:1341:10:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
  ret1 = sscanf(p,"$%g %1s %s",&f,percent,string); 
data/dx-4.4.4/src/exec/dxmods/import_ss.c:1342:9:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
  ret = sscanf(p,"%g %1s %s",&f,percent,string);
data/dx-4.4.4/src/exec/dxmods/import_ss.c:1437:4:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	  sprintf(string,"%s"," ");
data/dx-4.4.4/src/exec/dxmods/inquire.c:1511:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(invalid, dep);
data/dx-4.4.4/src/exec/dxmods/inquire.c:1611:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy(pcp2->con_name, elem_type);
data/dx-4.4.4/src/exec/dxmods/inquire.c:1626:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		strcpy(pcp2->con_name, elem_type);
data/dx-4.4.4/src/exec/dxmods/inquire.c:1648:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(pcp2->con_total, "%d %s", pcp2->con_count, pcp2->con_name);
data/dx-4.4.4/src/exec/dxmods/lookup.c:382:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf( value_str, "%s lookup", data_comp );
data/dx-4.4.4/src/exec/dxmods/lookup.c:393:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf( value_str, "%s lookup", data_comp );
data/dx-4.4.4/src/exec/dxmods/parse.c:126:11:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function. If the scanf format is influenceable by an
  attacker, it's exploitable.
	    if ((sscanf(icp, tempcontrol, &bcount) < 0) || (bcount <= 0)) {
data/dx-4.4.4/src/exec/dxmods/parse.c:173:7:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function. If the scanf format is influenceable by an
  attacker, it's exploitable.
	if ((sscanf(icp, tempcontrol, tempspace, &bcount) != 1) || (bcount <= 0)) {
data/dx-4.4.4/src/exec/dxmods/pick.c:748:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buf, "%s.picks", tag);
data/dx-4.4.4/src/exec/dxmods/pick.c:764:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buf, "%s.picks", tag);
data/dx-4.4.4/src/exec/dxmods/pick.c:960:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(buf, "%s.object", tag);
data/dx-4.4.4/src/exec/dxmods/pick.c:972:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(buf, "%s.camera", tag);
data/dx-4.4.4/src/exec/dxmods/pie.c:71:12:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
           sprintf(buf, format, dataptr[i]);                           \
data/dx-4.4.4/src/exec/dxmods/pie.c:76:13:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
            sprintf(buf, format, dataptr[i]);                          \
data/dx-4.4.4/src/exec/dxmods/pie.c:624:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(stringlabel, "%s %6.2f %%", nthstring, percentarray[i]/3.6);
data/dx-4.4.4/src/exec/dxmods/pie.c:626:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(stringlabel, "%s", nthstring);
data/dx-4.4.4/src/exec/dxmods/plot.c:1756:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(depatt,DXGetString((String)DXGetComponentAttribute((Field)ino,
data/dx-4.4.4/src/exec/dxmods/plot.c:1954:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(depatt,DXGetString((String)DXGetComponentAttribute((Field)ino,
data/dx-4.4.4/src/exec/dxmods/plot.c:2059:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(coldepatt,DXGetString((String)DXGetComponentAttribute((Field)ino,
data/dx-4.4.4/src/exec/dxmods/plot.c:2880:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(coldepatt,DXGetString((String)DXGetComponentAttribute((Field)ino,
data/dx-4.4.4/src/exec/dxmods/programctl.c:326:11:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		        sprintf(buf, "open colormapEditor %s=%s", how, name);
data/dx-4.4.4/src/exec/dxmods/programctl.c:328:11:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		        sprintf(buf, "open image %s=%s", how, name);
data/dx-4.4.4/src/exec/dxmods/programctl.c:330:11:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		        sprintf(buf, "open controlpanel %s", name);
data/dx-4.4.4/src/exec/dxmods/programctl.c:356:4:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
			sprintf(buf, "close colormapEditor %s=%s", how,name);
data/dx-4.4.4/src/exec/dxmods/programctl.c:358:4:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
			sprintf(buf, "close image %s=%s", how,name);
data/dx-4.4.4/src/exec/dxmods/programctl.c:360:4:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
			sprintf(buf, "close controlpanel %s", name);
data/dx-4.4.4/src/exec/dxmods/programctl.c:388:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		    sprintf(buf, "open colormapEditor %s=%s", how,name);
data/dx-4.4.4/src/exec/dxmods/programctl.c:390:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		    sprintf(buf, "open image %s=%s", how,name);
data/dx-4.4.4/src/exec/dxmods/programctl.c:392:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		    sprintf(buf, "open controlpanel %s", name);
data/dx-4.4.4/src/exec/dxmods/programctl.c:397:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		    sprintf(buf, "close colormapEditor %s=%s", how,name);
data/dx-4.4.4/src/exec/dxmods/programctl.c:399:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		    sprintf(buf, "close image %s=%s", how,name);
data/dx-4.4.4/src/exec/dxmods/programctl.c:401:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		    sprintf(buf, "close controlpanel %s", name);
data/dx-4.4.4/src/exec/dxmods/programctl.c:431:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(buf, "open colormapEditor %s=%s", how,name);
data/dx-4.4.4/src/exec/dxmods/programctl.c:433:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(buf, "open image %s=%s", how,name);
data/dx-4.4.4/src/exec/dxmods/programctl.c:435:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(buf, "open controlpanel %s", name);
data/dx-4.4.4/src/exec/dxmods/programctl.c:440:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(buf, "close colormapEditor %s=%s", how,name);
data/dx-4.4.4/src/exec/dxmods/programctl.c:442:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(buf, "close image %s=%s", how,name);
data/dx-4.4.4/src/exec/dxmods/programctl.c:444:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(buf, "close controlpanel %s", name);
data/dx-4.4.4/src/exec/dxmods/programctl.c:523:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buf, "open network %s", name);
data/dx-4.4.4/src/exec/dxmods/programctl.c:525:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buf, "open networkNoReset %s", name);
data/dx-4.4.4/src/exec/dxmods/readimage.c:53:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(a, "%s%s", b, c); \
data/dx-4.4.4/src/exec/dxmods/readimage.c:55:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy(a, c); 
data/dx-4.4.4/src/exec/dxmods/readimage.c:240:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(originalname,filename);
data/dx-4.4.4/src/exec/dxmods/readimage.c:245:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(basename,originalname);
data/dx-4.4.4/src/exec/dxmods/readimage.c:446:10:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	        strcpy(sizefilename,basename);
data/dx-4.4.4/src/exec/dxmods/readimage.c:859:7:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
		    sprintf
data/dx-4.4.4/src/exec/dxmods/readimage.c:885:7:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
		    sprintf
data/dx-4.4.4/src/exec/dxmods/readimage.c:911:7:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
		    sprintf
data/dx-4.4.4/src/exec/dxmods/readimage.c:963:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		    sprintf( &imopts.name [ strlen ( imopts.name ) ],
data/dx-4.4.4/src/exec/dxmods/selector.c:366:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(cp[i],string);
data/dx-4.4.4/src/exec/dxmods/selector.c:387:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(cp[i],string);
data/dx-4.4.4/src/exec/dxmods/selector.c:406:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(cp[i],string);
data/dx-4.4.4/src/exec/dxmods/separate.c:42:4:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
   strcpy(cache_label,id);
data/dx-4.4.4/src/exec/dxmods/separate.c:92:4:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
   strcpy(cache_label,id);
data/dx-4.4.4/src/exec/dxmods/separate.c:276:4:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
   strcpy(cache_label,id);
data/dx-4.4.4/src/exec/dxmods/simplesurf.c:933:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(the_message," %s should be a field", in_name[the_input]);
data/dx-4.4.4/src/exec/dxmods/simplesurf.c:942:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(the_message," %s has no data component", in_name[the_input]);
data/dx-4.4.4/src/exec/dxmods/simplesurf.c:949:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(the_message,"data component of %s should be an array", in_name[the_input]);
data/dx-4.4.4/src/exec/dxmods/simplesurf.c:961:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	   sprintf(the_message, "input %s", in_name[the_input]);
data/dx-4.4.4/src/exec/dxmods/stack.c:680:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(si->compname[si->compcount], ccp);
data/dx-4.4.4/src/exec/dxmods/stringlegend.c:65:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
  strcpy(extralabel,nullstring);
data/dx-4.4.4/src/exec/dxmods/superstate.c:86:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(oTag, "%s%s", CACHE_CAMERA, old);
data/dx-4.4.4/src/exec/dxmods/superstate.c:87:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(nTag, "%s%s", CACHE_CAMERA, new);
data/dx-4.4.4/src/exec/dxmods/superstate.c:94:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(oTag, "%s%s", CACHE_OBJECT, old);
data/dx-4.4.4/src/exec/dxmods/superstate.c:95:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(nTag, "%s%s", CACHE_OBJECT, new);
data/dx-4.4.4/src/exec/dxmods/superstate.c:119:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(cameraCacheTag, "%s%s", CACHE_CAMERA, where);
data/dx-4.4.4/src/exec/dxmods/superstate.c:157:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(objectCacheTag, "%s%s", CACHE_OBJECT, where);
data/dx-4.4.4/src/exec/dxmods/superwin.c:306:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buf, "_DXWINDOW_%s", name);
data/dx-4.4.4/src/exec/dxmods/superwin.c:364:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(iw->displayString, displayString);
data/dx-4.4.4/src/exec/dxmods/superwin.c:367:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(iw->title, title);
data/dx-4.4.4/src/exec/dxmods/superwin.c:386:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buf, "X%d,%s,#X%d", iw->depth, iw->displayString, _dxf_getWindowId(iw));
data/dx-4.4.4/src/exec/dxmods/superwin.c:388:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(iw->where, buf);
data/dx-4.4.4/src/exec/dxmods/superwin.c:476:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(buf, "%s[%s]", iw->where, oldWhere);
data/dx-4.4.4/src/exec/dxmods/system.c:37:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(buf, cmd);
data/dx-4.4.4/src/exec/dxmods/system.c:62:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(buf2, p[0]);
data/dx-4.4.4/src/exec/dxmods/system.c:76:2:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	sprintf(buf, format, cmd);
data/dx-4.4.4/src/exec/dxmods/system.c:77:2:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
	system(buf);
data/dx-4.4.4/src/exec/dxmods/toggle.c:138:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(ei.mp, "%s",value); while(*ei.mp) ei.mp++;
data/dx-4.4.4/src/exec/dxmods/toggle.c:151:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(ei.mp,"%s",value); while(*ei.mp) ei.mp++;
data/dx-4.4.4/src/exec/dxmods/visualobject.c:823:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(np->ptag, ptag);
data/dx-4.4.4/src/exec/dxmods/visualobject.c:841:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(np->ctag, ctag);
data/dx-4.4.4/src/exec/dxmods/vrml.c:60:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
     strcpy(wrlname,filename);
data/dx-4.4.4/src/exec/dxmods/vrml.c:62:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
     strcpy(wrlname,filename);
data/dx-4.4.4/src/exec/dxmods/writeimage.c:63:9:  [4] (shell) popen:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
#define popen popen_host
data/dx-4.4.4/src/exec/dxmods/writeimage.c:72:9:  [4] (shell) popen:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
#define	popen	_popen
data/dx-4.4.4/src/exec/dxmods/writeimage.c:204:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    	strcpy(basename,filename);
data/dx-4.4.4/src/exec/dxmods/writeimage.c:313:15:  [4] (shell) popen:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
	iargs.pipe = popen(p,"w");
data/dx-4.4.4/src/exec/hwrender/gl/hwLoad.c:53:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
  strcpy(buff,path);
data/dx-4.4.4/src/exec/hwrender/gl/hwLoad.c:55:3:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
  strcat(buff,file);
data/dx-4.4.4/src/exec/hwrender/gl/hwLoad.c:115:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(HWpath,getenv("DXEXECROOT"));
data/dx-4.4.4/src/exec/hwrender/gl/hwLoad.c:120:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(HWpath,getenv("DXROOT"));
data/dx-4.4.4/src/exec/hwrender/gl/hwLoad.c:130:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(HWname,getenv("DXHWMOD"));
data/dx-4.4.4/src/exec/hwrender/gl/hwLoad.c:143:11:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
          strcat(buff,HWpath);
data/dx-4.4.4/src/exec/hwrender/hwDebug.h:36:20:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#define PRINT_FUNC printf
data/dx-4.4.4/src/exec/hwrender/hwInteractor.h:340:22:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#define DPRINT(str) {fprintf (stderr, str); fflush(stderr);}
data/dx-4.4.4/src/exec/hwrender/hwInteractor.h:341:25:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#define DPRINT1(str,a) {fprintf (stderr, str, a); fflush(stderr);}
data/dx-4.4.4/src/exec/hwrender/hwInteractor.h:346:2:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
 fprintf \
data/dx-4.4.4/src/exec/hwrender/hwRender.c:226:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(globals->cacheId,cacheId) ;
data/dx-4.4.4/src/exec/hwrender/hwRender.c:387:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(globals->cacheId,cacheId) ;
data/dx-4.4.4/src/exec/hwrender/hwRender.c:661:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(WHERE, format->where);
data/dx-4.4.4/src/exec/hwrender/hwRender.c:667:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(ORIGINALWHERE, format->originalWhere);
data/dx-4.4.4/src/exec/hwrender/hwRender.c:830:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(newcopy->thing, pFormat->thing); \
data/dx-4.4.4/src/exec/hwrender/hwRender.c:884:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(*cacheIdP, (char *)(priv[0]));
data/dx-4.4.4/src/exec/hwrender/hwRender.c:903:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(pFormat->originalWhere, displayString);
data/dx-4.4.4/src/exec/hwrender/hwRender.c:979:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(*cacheIdP,CACHEPREFIX);
data/dx-4.4.4/src/exec/hwrender/hwRender.c:980:9:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
        strcat(*cacheIdP,pFormat->type);
data/dx-4.4.4/src/exec/hwrender/hwRender.c:981:9:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
        strcat(*cacheIdP,pFormat->fullHost);
data/dx-4.4.4/src/exec/hwrender/hwRender.c:982:9:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
        strcat(*cacheIdP,pFormat->Xserver);
data/dx-4.4.4/src/exec/hwrender/hwRender.c:983:9:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
        strcat(*cacheIdP,pFormat->name);
data/dx-4.4.4/src/exec/hwrender/hwRender.c:995:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(*cacheIdP,CACHEPREFIX);
data/dx-4.4.4/src/exec/hwrender/hwRender.c:996:9:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
        strcat(*cacheIdP,pFormat->type);
data/dx-4.4.4/src/exec/hwrender/hwRender.c:997:9:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
        strcat(*cacheIdP,pFormat->name);
data/dx-4.4.4/src/exec/hwrender/hwRender.c:1015:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy((void *)(priv[0]), (void *)*cacheIdP);
data/dx-4.4.4/src/exec/hwrender/hwRender.c:1108:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(newDisplay,"DISPLAY=%s",pFormat->where);
data/dx-4.4.4/src/exec/hwrender/hwRender.c:1242:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(ret,ret+tmp);	/* Move the text to the front of ret */
data/dx-4.4.4/src/exec/hwrender/hwRender.c:1271:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(shortName,givenName);
data/dx-4.4.4/src/exec/hwrender/hwRender.c:1274:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(shortName,givenName);
data/dx-4.4.4/src/exec/hwrender/hwRender.c:1300:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(ret,h_ent->h_name);
data/dx-4.4.4/src/exec/hwrender/hwRender.c:1306:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(ret,shortName);
data/dx-4.4.4/src/exec/hwrender/hwRender.c:1326:13:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
            strcat(ret,givenXserver);
data/dx-4.4.4/src/exec/hwrender/hwRender.c:1333:13:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
            strcat(ret,givenXserver);
data/dx-4.4.4/src/exec/hwrender/hwRender.c:1340:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(ret,givenXserver);
data/dx-4.4.4/src/exec/hwrender/hwRender.c:1346:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(ret,givenXserver);
data/dx-4.4.4/src/exec/hwrender/hwStereoSys.c:204:5:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    system("/usr/gfx/setmon -n STR_RECT");
data/dx-4.4.4/src/exec/hwrender/hwStereoSys.c:221:5:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    system("/usr/gfx/setmon -n 60HZ");
data/dx-4.4.4/src/exec/hwrender/hwStereoSys.c:279:2:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
	system(cmd);
data/dx-4.4.4/src/exec/hwrender/hwStereoSys.c:294:2:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
	system(cmd);
data/dx-4.4.4/src/exec/hwrender/hwUserInteractor.c:543:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(tag, "%s%s", CACHE_OBJECT_TAG, baseTag);
data/dx-4.4.4/src/exec/hwrender/hwUserInteractor.c:556:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(tag, "%s%s", CACHE_CAMERA_TAG, baseTag);
data/dx-4.4.4/src/exec/hwrender/opengl/hwLoadOGL.c:79:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
      strcpy(buff, file);
data/dx-4.4.4/src/exec/hwrender/opengl/hwLoadOGL.c:83:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
      strcpy(buff,path);
data/dx-4.4.4/src/exec/hwrender/opengl/hwLoadOGL.c:85:7:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
      strcat(buff,file);
data/dx-4.4.4/src/exec/hwrender/opengl/hwLoadOGL.c:148:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
  strcpy(buff,path);
data/dx-4.4.4/src/exec/hwrender/opengl/hwLoadOGL.c:150:3:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
  strcat(buff,file);
data/dx-4.4.4/src/exec/hwrender/opengl/hwLoadOGL.c:201:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
      strcpy(buff, file);
data/dx-4.4.4/src/exec/hwrender/opengl/hwLoadOGL.c:204:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
      strcpy(buff,path);
data/dx-4.4.4/src/exec/hwrender/opengl/hwLoadOGL.c:206:7:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
      strcat(buff,file);
data/dx-4.4.4/src/exec/hwrender/opengl/hwLoadOGL.c:216:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
  strcpy(buf1, buff);
data/dx-4.4.4/src/exec/hwrender/opengl/hwLoadOGL.c:289:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
     strcpy(HWpath,getenv("DXEXECROOT"));
data/dx-4.4.4/src/exec/hwrender/opengl/hwLoadOGL.c:291:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
     strcat(HWpath,DXD_ARCHNAME);
data/dx-4.4.4/src/exec/hwrender/opengl/hwLoadOGL.c:296:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
     strcpy(HWpath,getenv("DXROOT"));
data/dx-4.4.4/src/exec/hwrender/opengl/hwLoadOGL.c:298:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
     strcat(HWpath,DXD_ARCHNAME);
data/dx-4.4.4/src/exec/hwrender/opengl/hwLoadOGL.c:303:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
     strcat(HWpath,DXD_ARCHNAME);
data/dx-4.4.4/src/exec/hwrender/opengl/hwLoadOGL.c:308:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
     strcpy(HWname,getenv("DXHWMOD"));
data/dx-4.4.4/src/exec/hwrender/opengl/hwPortOGL.c:634:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
  strcpy(vendor_string, glGetString(GL_VENDOR));
data/dx-4.4.4/src/exec/hwrender/opengl/hwPortOGL.c:641:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
  strcpy(renderer_string, glGetString(GL_RENDERER));
data/dx-4.4.4/src/exec/hwrender/opengl/hwPortUtilOGL.c:2097:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
  strcpy(filename, s);
data/dx-4.4.4/src/exec/hwrender/opengl/hwPortUtilOGL.c:2099:3:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
  strcat(filename, extention[type]);
data/dx-4.4.4/src/exec/hwrender/starbase/hwCacheUtilSB.c:49:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
  sprintf (cache_id, "%x-%s", xf, fun) ;
data/dx-4.4.4/src/exec/hwrender/starbase/hwCacheUtilSB.c:77:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
      sprintf (cache_id, "%x-%s", xf, fun) ;
data/dx-4.4.4/src/exec/hwrender/starbase/hwCacheUtilSB.c:136:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
  sprintf (cache_id, "%x-%s", xf, fun) ;
data/dx-4.4.4/src/exec/hwrender/starbase/hwCacheUtilSB.c:193:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
  sprintf (cache_id, "%x-%s", xf, fun) ;
data/dx-4.4.4/src/exec/hwrender/starbase/hwLoad.c:57:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
      strcpy(HWname,getenv("DXHWMOD"));
data/dx-4.4.4/src/exec/hwrender/starbase/hwLoad.c:64:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(HWpath,getenv("DXEXECROOT"));
data/dx-4.4.4/src/exec/hwrender/starbase/hwLoad.c:66:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(HWpath,HWname);
data/dx-4.4.4/src/exec/hwrender/starbase/hwLoad.c:72:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(HWpath,getenv("DXROOT"));
data/dx-4.4.4/src/exec/hwrender/starbase/hwLoad.c:74:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(HWpath,HWname);
data/dx-4.4.4/src/exec/hwrender/starbase/hwLoad.c:80:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(HWpath,HWname);
data/dx-4.4.4/src/exec/hwrender/xgl/hwCacheUtilXGL.c:117:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
  sprintf (cache_id, "%x-%s", f, fun) ;
data/dx-4.4.4/src/exec/hwrender/xgl/hwCacheUtilXGL.c:144:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
      sprintf (cache_id, "%x-%s", f, fun) ;
data/dx-4.4.4/src/exec/hwrender/xgl/hwCacheUtilXGL.c:214:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
  sprintf (cache_id, "%x-%s", f, fun) ;
data/dx-4.4.4/src/exec/hwrender/xgl/hwCacheUtilXGL.c:240:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
      sprintf (cache_id, "%x-%s", f, fun) ;
data/dx-4.4.4/src/exec/hwrender/xgl/hwCacheUtilXGL.c:273:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
  sprintf (cache_id, "%x-%s", f, fun) ;
data/dx-4.4.4/src/exec/hwrender/xgl/hwCacheUtilXGL.c:300:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
      sprintf (cache_id, "%x-%s", f, fun) ;
data/dx-4.4.4/src/exec/hwrender/xgl/hwCacheUtilXGL.c:344:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
  sprintf (cache_id, "%x-%s", f, fun) ;
data/dx-4.4.4/src/exec/hwrender/xgl/hwCacheUtilXGL.c:371:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
      sprintf (cache_id, "%x-%s", f, fun) ;
data/dx-4.4.4/src/exec/hwrender/xgl/hwLoad.c:90:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
      strcpy(HWname,getenv("DXHWMOD"));
data/dx-4.4.4/src/exec/hwrender/xgl/hwLoad.c:96:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(HWpath,getenv("DXEXECROOT"));
data/dx-4.4.4/src/exec/hwrender/xgl/hwLoad.c:98:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(HWpath,DXD_ARCHNAME);
data/dx-4.4.4/src/exec/hwrender/xgl/hwLoad.c:100:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(HWpath,HWname);
data/dx-4.4.4/src/exec/hwrender/xgl/hwLoad.c:106:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(HWpath,getenv("DXROOT"));
data/dx-4.4.4/src/exec/hwrender/xgl/hwLoad.c:108:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(HWpath,DXD_ARCHNAME);
data/dx-4.4.4/src/exec/hwrender/xgl/hwLoad.c:110:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(HWpath,HWname);
data/dx-4.4.4/src/exec/hwrender/xgl/hwLoad.c:116:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(HWpath,DXD_ARCHNAME);
data/dx-4.4.4/src/exec/hwrender/xgl/hwLoad.c:118:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(HWpath,HWname);
data/dx-4.4.4/src/exec/libdx/axes.c:410:9:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
        sprintf(tempstring, fmtx, xlocs[i]*lsx);
data/dx-4.4.4/src/exec/libdx/axes.c:470:9:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
        sprintf(tempstring, fmty, ylocs[i]*lsy);
data/dx-4.4.4/src/exec/libdx/axes.c:536:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
      sprintf(buf, "%s", xlabels[i]);
data/dx-4.4.4/src/exec/libdx/axes.c:587:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
      sprintf(buf,"%s", ylabels[i]);
data/dx-4.4.4/src/exec/libdx/axes.c:1750:8:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
       sprintf(fmt, tbuf, locs[i]); 
data/dx-4.4.4/src/exec/libdx/callm_init.c:60:5:  [4] (format) vsprintf:
  Potential format string problem (CWE-134). Make format string constant.
    vsprintf(buffer, format, arg);
data/dx-4.4.4/src/exec/libdx/client.c:76:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(tmpHost, host);
data/dx-4.4.4/src/exec/libdx/client.c:97:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(remoteHostname, he->h_name);
data/dx-4.4.4/src/exec/libdx/client.c:101:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(localHostname, he->h_name);
data/dx-4.4.4/src/exec/libdx/client.c:121:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(localhostHostname, he->h_name);
data/dx-4.4.4/src/exec/libdx/displayfb.c:293:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(copy, name? name : "");
data/dx-4.4.4/src/exec/libdx/displayutil.c:247:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(copy, where);
data/dx-4.4.4/src/exec/libdx/displayw.c:453:5:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
    sprintf(cacheid, WINDOW_TEMPLATE, title);
data/dx-4.4.4/src/exec/libdx/displayw.c:471:5:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
    sprintf(cacheid, WINDOW_ID_TEMPLATE, modid);
data/dx-4.4.4/src/exec/libdx/displayw.c:500:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(tmp, title);
data/dx-4.4.4/src/exec/libdx/displayw.c:536:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(tmp, p_data);
data/dx-4.4.4/src/exec/libdx/displayw.c:1160:4:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
			strcpy(w->title, title);
data/dx-4.4.4/src/exec/libdx/displayw.c:1163:4:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
			strcpy(w->cacheid, cachetag);
data/dx-4.4.4/src/exec/libdx/displayw.c:2643:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(copy, where);
data/dx-4.4.4/src/exec/libdx/displayx.c:2173:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buf, "XDisplay %s %s %d", name, title, depth);
data/dx-4.4.4/src/exec/libdx/displayx.c:2276:5:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
    sprintf(cacheid, WINDOW_TEMPLATE, host, title);
data/dx-4.4.4/src/exec/libdx/displayx.c:2294:5:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
    sprintf(cacheid, WINDOW_ID_TEMPLATE, modid);
data/dx-4.4.4/src/exec/libdx/displayx.c:2314:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(tmp, title);
data/dx-4.4.4/src/exec/libdx/displayx.c:2350:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(tmp, p_data);
data/dx-4.4.4/src/exec/libdx/displayx.c:2625:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy(w->title, title);
data/dx-4.4.4/src/exec/libdx/displayx.c:2628:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy(w->cacheid, cachetag);
data/dx-4.4.4/src/exec/libdx/displayx.c:2986:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(copy, where);
data/dx-4.4.4/src/exec/libdx/displayx.c:3750:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(cacheid, "X%s%d", where, desiredDepth);
data/dx-4.4.4/src/exec/libdx/edfdata.c:343:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		strcpy(cp, dp);
data/dx-4.4.4/src/exec/libdx/edfdict.c:248:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(ki.contents, word);
data/dx-4.4.4/src/exec/libdx/edfdict.c:475:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(di.contents, word);
data/dx-4.4.4/src/exec/libdx/edfio.c:56:9:  [4] (shell) popen:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
#define popen popen_host
data/dx-4.4.4/src/exec/libdx/edfio.c:337:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(cmd, "mknod %s p; chmod 0%o %s", path, mode, path);
data/dx-4.4.4/src/exec/libdx/edfio.c:338:10:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    rc = system(cmd);
data/dx-4.4.4/src/exec/libdx/edfio.c:348:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(cmd, "rm -f %s", path);
data/dx-4.4.4/src/exec/libdx/edfio.c:349:10:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    rc = system(cmd);
data/dx-4.4.4/src/exec/libdx/edfio.c:523:12:  [4] (shell) popen:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
	if ((fd = popen(inname+1, "r")) == NULL) {
data/dx-4.4.4/src/exec/libdx/edfio.c:543:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(*outname, inname+1);
data/dx-4.4.4/src/exec/libdx/edfio.c:569:9:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
        sprintf(*outname, TEMPLATE, pid);
data/dx-4.4.4/src/exec/libdx/edfio.c:574:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(cmd, "(%s) > %s &", inname+1, *outname+1);
data/dx-4.4.4/src/exec/libdx/edfio.c:576:14:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
        rc = system(cmd);
data/dx-4.4.4/src/exec/libdx/edfio.c:618:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(*outname, inname);
data/dx-4.4.4/src/exec/libdx/edfio.c:643:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(*outname, inname);
data/dx-4.4.4/src/exec/libdx/edfio.c:644:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(*outname, ext);
data/dx-4.4.4/src/exec/libdx/edfio.c:684:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy(*outname, auxname);
data/dx-4.4.4/src/exec/libdx/edfio.c:686:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(*outname, inname);
data/dx-4.4.4/src/exec/libdx/edfio.c:697:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(*outname, ext);
data/dx-4.4.4/src/exec/libdx/edfio.c:715:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(*outname, datadir);
data/dx-4.4.4/src/exec/libdx/edfio.c:719:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(*outname, inname);
data/dx-4.4.4/src/exec/libdx/edfio.c:729:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(*outname, ext);
data/dx-4.4.4/src/exec/libdx/edflex.c:629:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(cbuf, "keyword '%s'", _dxflookkeyword(t->token.id));
data/dx-4.4.4/src/exec/libdx/edflex.c:632:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(cbuf, "string '%s'", _dxfdictname(d, t->token.id));
data/dx-4.4.4/src/exec/libdx/edflex.c:635:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(cbuf, "string '%s'", _dxfdictname(d, t->token.id));
data/dx-4.4.4/src/exec/libdx/edfobj.c:121:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(new->name, name);
data/dx-4.4.4/src/exec/libdx/edfparse.c:3483:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy((*gpp)->fname, cp);
data/dx-4.4.4/src/exec/libdx/edfparse.c:3517:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy((char *)((*gpp)->gbuf)+(2*sizeof(char *)), cp);
data/dx-4.4.4/src/exec/libdx/edfparse.c:3590:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(gb->namelist[0], cp);
data/dx-4.4.4/src/exec/libdx/edfprint.c:92:9:  [4] (shell) popen:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
#define popen popen_host
data/dx-4.4.4/src/exec/libdx/edfprint.c:108:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(fred, "\"%s\"", _dxfdictname(p->d, id));
data/dx-4.4.4/src/exec/libdx/edfprint.c:164:9:  [4] (shell) popen:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
	p.fp = popen(filename+1, "w");
data/dx-4.4.4/src/exec/libdx/edfprint.c:178:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(fname, filename);
data/dx-4.4.4/src/exec/libdx/edfprint.c:330:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(fname2, filename);
data/dx-4.4.4/src/exec/libdx/edfprint.c:334:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(fname2, ep);
data/dx-4.4.4/src/exec/libdx/edfprint.c:337:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		strcpy(cp2, ep);
data/dx-4.4.4/src/exec/libdx/edfprint.c:339:3:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
		strcat(fname2, ep);
data/dx-4.4.4/src/exec/libdx/edfprint.c:898:2:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
	fprintf(datafile, format, *tp); \
data/dx-4.4.4/src/exec/libdx/fileio.c:289:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(of[i].fname, name);
data/dx-4.4.4/src/exec/libdx/fileio.c:326:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(of[i].fname, name);
data/dx-4.4.4/src/exec/libdx/group.c:38:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy(c, s);	
data/dx-4.4.4/src/exec/libdx/grow.c:548:33:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
#define SetOrigName(buf, name)  sprintf((buf), "original %s", (name))
data/dx-4.4.4/src/exec/libdx/invalid.c:2362:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(sbuf, "invalid %s", name);
data/dx-4.4.4/src/exec/libdx/invalid.c:2400:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(handle->iName, "%s", name);
data/dx-4.4.4/src/exec/libdx/invalid.c:2609:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(sbuf, "invalid %s", handle->iName);
data/dx-4.4.4/src/exec/libdx/irreggrow.c:241:32:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
#define SetOrigName(buf, name)	sprintf((buf), "original %s", (name))
data/dx-4.4.4/src/exec/libdx/lbcache.c:162:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(this->fun, fun);
data/dx-4.4.4/src/exec/libdx/lbcolor.c:150:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(colorfile,"%s",rootstring);
data/dx-4.4.4/src/exec/libdx/lbcolor.c:157:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(colorfile,"%s/lib/colors.txt",rootstring);
data/dx-4.4.4/src/exec/libdx/lbcolor.c:164:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(colorfile,"%s/lib/colors.txt",rootstring);
data/dx-4.4.4/src/exec/libdx/lbcolor.c:183:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		    strcpy(laststring, compactstring);
data/dx-4.4.4/src/exec/libdx/lbcolor.c:200:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		    strcpy(cp->colorname, compactstring);
data/dx-4.4.4/src/exec/libdx/lbcolor.c:202:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		    strcpy(laststring, compactstring);
data/dx-4.4.4/src/exec/libdx/lbcolor.c:279:9:  [4] (buffer) fscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
    if (fscanf(in,"%s", string) != EOF) {
data/dx-4.4.4/src/exec/libdx/lbcolor.c:292:5:  [4] (buffer) fscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
	if(fscanf(in,"%s", string) != EOF) {
data/dx-4.4.4/src/exec/libdx/lbextract.c:1128:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy((char *)p, sp);
data/dx-4.4.4/src/exec/libdx/lbmessage.c:84:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(name, "%s", file);
data/dx-4.4.4/src/exec/libdx/lbmessage.c:89:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(name, "%s/lib/messages", root);
data/dx-4.4.4/src/exec/libdx/lbmessage.c:215:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(_ErrorMessage, TAG);
data/dx-4.4.4/src/exec/libdx/lbmessage.c:220:5:  [4] (format) vsprintf:
  Potential format string problem (CWE-134). Make format string constant.
    vsprintf(_ErrorMessage+offset, message, arg);
data/dx-4.4.4/src/exec/libdx/lbmessage.c:244:5:  [4] (format) vsprintf:
  Potential format string problem (CWE-134). Make format string constant.
    vsprintf(buf, message, arg);
data/dx-4.4.4/src/exec/libdx/lbmessage.c:247:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(_ErrorMessage, buf);
data/dx-4.4.4/src/exec/libdx/lbmessage.c:385:2:  [4] (format) vsprintf:
  Potential format string problem (CWE-134). Make format string constant.
	vsprintf(long_buf+long_n, message, arg);
data/dx-4.4.4/src/exec/libdx/lbmessage.c:391:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		strcpy(long_buf, p+1);
data/dx-4.4.4/src/exec/libdx/lbprint.c:1573:6:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	    sprintf(sbuf, sformat, s[i].num, "Groups.", USED(struct group));
data/dx-4.4.4/src/exec/libdx/lbprint.c:1574:6:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	    sprintf(mbuf, mformat, "Members", 
data/dx-4.4.4/src/exec/libdx/lbprint.c:1580:6:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	    sprintf(sbuf, sformat, s[i].num, "Series.", USED(struct series));
data/dx-4.4.4/src/exec/libdx/lbprint.c:1581:6:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	    sprintf(mbuf, mformat, "Members", 
data/dx-4.4.4/src/exec/libdx/lbprint.c:1587:6:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	    sprintf(sbuf, sformat, s[i].num, "CompositeFields.", 
data/dx-4.4.4/src/exec/libdx/lbprint.c:1589:6:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	    sprintf(mbuf, mformat, "Members", 
data/dx-4.4.4/src/exec/libdx/lbprint.c:1595:6:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	    sprintf(sbuf, sformat, s[i].num, "MultiGrids.", USED(struct multigrid));
data/dx-4.4.4/src/exec/libdx/lbprint.c:1596:6:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	    sprintf(mbuf, mformat, "Members", 
data/dx-4.4.4/src/exec/libdx/lbprint.c:1602:6:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	    sprintf(sbuf, sformat, s[i].num, "Fields.", USED(struct field));
data/dx-4.4.4/src/exec/libdx/lbprint.c:1603:6:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	    sprintf(mbuf, mformat, "Components", 
data/dx-4.4.4/src/exec/libdx/lbprint.c:1609:6:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	    sprintf(sbuf, sformat, s[i].num, "Arrays.", USED(struct array));
data/dx-4.4.4/src/exec/libdx/lbprint.c:1610:6:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	    sprintf(mbuf, mformat, "Items", 
data/dx-4.4.4/src/exec/libdx/lbprint.c:1616:6:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	    sprintf(sbuf, sformat, s[i].num, "ConstantArrays.",
data/dx-4.4.4/src/exec/libdx/lbprint.c:1618:6:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	    sprintf(mbuf, mformat, "Items", 
data/dx-4.4.4/src/exec/libdx/lbprint.c:1624:6:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	    sprintf(sbuf, sformat, s[i].num, "RegularArrays.",
data/dx-4.4.4/src/exec/libdx/lbprint.c:1626:6:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	    sprintf(mbuf, mformat, "Items", 
data/dx-4.4.4/src/exec/libdx/lbprint.c:1632:6:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	    sprintf(sbuf, sformat, s[i].num, "PathArrays.",
data/dx-4.4.4/src/exec/libdx/lbprint.c:1634:6:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	    sprintf(mbuf, mformat, "Items", 
data/dx-4.4.4/src/exec/libdx/lbprint.c:1640:6:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	    sprintf(sbuf, sformat, s[i].num, "ProductArrays.",
data/dx-4.4.4/src/exec/libdx/lbprint.c:1642:6:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	    sprintf(mbuf, mformat, "Terms", 
data/dx-4.4.4/src/exec/libdx/lbprint.c:1648:6:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	    sprintf(sbuf, sformat, s[i].num, "MeshArrays.", 
data/dx-4.4.4/src/exec/libdx/lbprint.c:1650:6:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	    sprintf(mbuf, mformat, "Terms", 
data/dx-4.4.4/src/exec/libdx/lbprint.c:1656:6:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	    sprintf(sbuf, sformat, s[i].num, "Strings.", USED(struct string));
data/dx-4.4.4/src/exec/libdx/lbprint.c:1657:6:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	    sprintf(mbuf, mformat, "Length", 
data/dx-4.4.4/src/exec/libdx/lbprint.c:1663:6:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	    sprintf(sbuf, sformat, s[i].num, "Cameras.", USED(struct camera));
data/dx-4.4.4/src/exec/libdx/lbprint.c:1667:6:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	    sprintf(sbuf, sformat, s[i].num, "Transforms.", 
data/dx-4.4.4/src/exec/libdx/lbprint.c:1672:6:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	    sprintf(sbuf, sformat, s[i].num, "Generic Objects.",
data/dx-4.4.4/src/exec/libdx/lbprint.c:1677:6:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	    sprintf(sbuf, sformat, s[i].num, "Lights.",
data/dx-4.4.4/src/exec/libdx/lbprint.c:1682:6:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	    sprintf(sbuf, sformat, s[i].num, "Clipped Objects.",
data/dx-4.4.4/src/exec/libdx/lbprint.c:1687:6:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	    sprintf(sbuf, sformat, s[i].num, "Interpolators.",
data/dx-4.4.4/src/exec/libdx/lbprint.c:1692:6:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	    sprintf(sbuf, sformat, s[i].num, "Screen Objects.",
data/dx-4.4.4/src/exec/libdx/lbprint.c:1697:6:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	    sprintf(sbuf, sformat, s[i].num, "Private Objects.",
data/dx-4.4.4/src/exec/libdx/lbprint.c:1702:6:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	    sprintf(sbuf, sformat, s[i].num, "Deleted Objects.", 
data/dx-4.4.4/src/exec/libdx/lbprint.c:1709:6:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	    sprintf(sbuf, sformat, s[i].num, "Unrecognized objects.",
data/dx-4.4.4/src/exec/libdx/lbprint.c:1714:2:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	sprintf(ebuf, eformat, s[i].depth);
data/dx-4.4.4/src/exec/libdx/lbprint.c:1716:2:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	sprintf(linebuf, lformat, sbuf, mbuf, ebuf);
data/dx-4.4.4/src/exec/libdx/lbtext.c:156:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy( result, file );
data/dx-4.4.4/src/exec/libdx/lbtext.c:177:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy( dirbuf, dp );
data/dx-4.4.4/src/exec/libdx/lbtext.c:184:9:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
        strcat( dirbuf, file );
data/dx-4.4.4/src/exec/libdx/lbtext.c:194:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy( dirbuf, dp );
data/dx-4.4.4/src/exec/libdx/lbtext.c:201:9:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
        strcat( dirbuf, file );
data/dx-4.4.4/src/exec/libdx/lbtext.c:232:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy( result, dirbuf );
data/dx-4.4.4/src/exec/libdx/lock.c:550:11:  [4] (tmpfile) mktemp:
  Temporary file race condition (CWE-377).
    char *mktemp();
data/dx-4.4.4/src/exec/libdx/lock.c:557:2:  [4] (tmpfile) mktemp:
  Temporary file race condition (CWE-377).
	mktemp(tmp);
data/dx-4.4.4/src/exec/libdx/lock.c:675:11:  [4] (tmpfile) mktemp:
  Temporary file race condition (CWE-377).
    char *mktemp();
data/dx-4.4.4/src/exec/libdx/lock.c:680:2:  [4] (tmpfile) mktemp:
  Temporary file race condition (CWE-377).
	mktemp(tmp);
data/dx-4.4.4/src/exec/libdx/memory.c:1183:44:  [4] (buffer) fscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
	while ((memsize <= 0 || swapsize <= 0) && fscanf(fp, "%s", str) == 1)
data/dx-4.4.4/src/exec/libdx/memory.c:1188:3:  [4] (buffer) fscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
		fscanf(fp, "%s", str);
data/dx-4.4.4/src/exec/libdx/memory.c:1197:3:  [4] (buffer) fscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
		fscanf(fp, "%s", str);
data/dx-4.4.4/src/exec/libdx/memory.c:1345:12:  [4] (shell) popen:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
	FILE *f = popen("/usr/sbin/lsattr -E -l sys0 | grep realmem", "r");
data/dx-4.4.4/src/exec/libdx/memory.c:1382:6:  [4] (shell) execl:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
	    execl("/etc/dmesg", "/etc/dmesg", 0);
data/dx-4.4.4/src/exec/libdx/notify.c:63:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(_str->string, str);
data/dx-4.4.4/src/exec/libdx/qmessage.c:161:5:  [4] (format) vsprintf:
  Potential format string problem (CWE-134). Make format string constant.
    vsprintf(buf, message, arg);
data/dx-4.4.4/src/exec/libdx/qmessage.c:212:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(buf, "%2d: %s: ", DXProcessorId(), who);
data/dx-4.4.4/src/exec/libdx/qmessage.c:213:5:  [4] (format) vsprintf:
  Potential format string problem (CWE-134). Make format string constant.
    vsprintf(buf+strlen(buf), message, arg);
data/dx-4.4.4/src/exec/libdx/reggrow.c:128:33:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
#define SetOrigName(buf, name)  sprintf((buf), "original %s", (name))
data/dx-4.4.4/src/exec/libdx/rwobject.c:997:28:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
#define SetString(value) { strcpy((char *)*header, value); \
data/dx-4.4.4/src/exec/libdx/stats.c:737:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy (statname, compname);
data/dx-4.4.4/src/exec/libdx/stats.c:959:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(cp, compname);
data/dx-4.4.4/src/exec/libdx/stats.c:963:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(cp, statname);
data/dx-4.4.4/src/exec/libdx/stats.c:1951:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(invalid, dep);
data/dx-4.4.4/src/exec/libdx/stats.c:1986:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(*invalid, dep);
data/dx-4.4.4/src/exec/libdx/tile.c:339:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy(depth_str, format);
data/dx-4.4.4/src/misc/dx.c:248:65:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
	rc_m = RegOpenKeyEx(HKEY_LOCAL_MACHINE, __TEXT(regpath[i]), 0, access, &hkey_m);
data/dx-4.4.4/src/misc/dx.c:249:64:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
	rc_u = RegOpenKeyEx(HKEY_CURRENT_USER, __TEXT(regpath[i]), 0, access, &hkey_u);
data/dx-4.4.4/src/misc/dx.c:275:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(errstr, "%s %s %s", 
data/dx-4.4.4/src/misc/dx.c:380:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(exhost, thishost);
data/dx-4.4.4/src/misc/dx.c:381:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(exarch, DXD_ARCHNAME);
data/dx-4.4.4/src/misc/dx.c:382:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(uiarch, DXD_ARCHNAME);
data/dx-4.4.4/src/misc/dx.c:408:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(dxroot, dxrootreg);
data/dx-4.4.4/src/misc/dx.c:410:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    	strcpy(dxdata, dxdatareg);
data/dx-4.4.4/src/misc/dx.c:412:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    	strcpy(dxmacros, dxmacroreg);
data/dx-4.4.4/src/misc/dx.c:414:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(magickhome, magickhomereg);
data/dx-4.4.4/src/misc/dx.c:435:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(dxdata, dxroot);
data/dx-4.4.4/src/misc/dx.c:442:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(dxdata, dxroot);
data/dx-4.4.4/src/misc/dx.c:453:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(dxmacros, dxroot);
data/dx-4.4.4/src/misc/dx.c:460:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(buf, dxroot);
data/dx-4.4.4/src/misc/dx.c:467:13:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
            strcat(dxmacros, buf);
data/dx-4.4.4/src/misc/dx.c:481:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(s, v);		\
data/dx-4.4.4/src/misc/dx.c:501:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(xkeysymdb, "%s\\lib\\keysyms.dx", dxroot);
data/dx-4.4.4/src/misc/dx.c:515:4:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
			strcat(path, exceeddir);
data/dx-4.4.4/src/misc/dx.c:532:4:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
			strcat(path, starnetdir);
data/dx-4.4.4/src/misc/dx.c:546:4:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
			strcat(path, winaxedir);
data/dx-4.4.4/src/misc/dx.c:563:3:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
		strcat(path, exceeddir);
data/dx-4.4.4/src/misc/dx.c:566:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(temp, "%s\\bin_%s", dxroot, DXD_ARCHNAME);
data/dx-4.4.4/src/misc/dx.c:570:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(path, temp);
data/dx-4.4.4/src/misc/dx.c:576:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(path, magickhome);
data/dx-4.4.4/src/misc/dx.c:634:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(jdxsrvPath, "%s\\java\\server", dxroot);
data/dx-4.4.4/src/misc/dx.c:637:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(classpath, "%s\\class", jdxsrvPath);
data/dx-4.4.4/src/misc/dx.c:643:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(temp, "%s\\bin", dxroot);
data/dx-4.4.4/src/misc/dx.c:645:24:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(path, ";"); strcat(path, temp);
data/dx-4.4.4/src/misc/dx.c:648:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(temp, "%s\\bin_%s", dxroot, DXD_ARCHNAME);
data/dx-4.4.4/src/misc/dx.c:650:24:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(path, ";"); strcat(path, temp);
data/dx-4.4.4/src/misc/dx.c:653:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(temp, "%s\\lib_%s", dxroot, DXD_ARCHNAME);
data/dx-4.4.4/src/misc/dx.c:655:24:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(path, ";"); strcat(path, temp);
data/dx-4.4.4/src/misc/dx.c:658:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(temp, "%s\\lib_%s", jdxsrvPath, DXD_ARCHNAME);
data/dx-4.4.4/src/misc/dx.c:660:24:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(path, ";"); strcat(path, temp);
data/dx-4.4.4/src/misc/dx.c:664:24:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(path, ";"); strcat(path, magickhome);
data/dx-4.4.4/src/misc/dx.c:674:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(temp, "%s\\dxmacros", jdxsrvPath);
data/dx-4.4.4/src/misc/dx.c:677:29:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    	strcat(dxmacros, ";"); strcat(dxmacros, temp);
data/dx-4.4.4/src/misc/dx.c:678:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(temp, "%s\\usermacros", jdxsrvPath);
data/dx-4.4.4/src/misc/dx.c:680:28:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(dxmacros, ";"); strcat(dxmacros, temp);
data/dx-4.4.4/src/misc/dx.c:683:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(dxinclude, dxmacros);
data/dx-4.4.4/src/misc/dx.c:686:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(temp, "%s\\userdata", jdxsrvPath);
data/dx-4.4.4/src/misc/dx.c:689:27:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    	strcat(dxdata, ";"); strcat(dxdata, temp);
data/dx-4.4.4/src/misc/dx.c:718:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(outdir, "%s\\java\\output", dxroot);
data/dx-4.4.4/src/misc/dx.c:724:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(cmd, "java -classpath %s\\server.jar -DDXServer.pathsFile=%s\\dxserver.paths -DDXServer.hostsFile=%s\\dxserver.hosts -DDXServer.outUrl=output -DDXServer.outDir=%s DXServer",
data/dx-4.4.4/src/misc/dx.c:735:4:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
			sprintf(dxexecdef, "%s\\bin_%s\\dxexec-native%s", dxexroot, exarch, EXE_EXT);
data/dx-4.4.4/src/misc/dx.c:737:4:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
			sprintf(dxexecdef, "%s\\bin_%s\\dxexec%s", dxexroot, exarch, EXE_EXT);
data/dx-4.4.4/src/misc/dx.c:743:4:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
			sprintf(dxui, "%s\\bin_%s\\dxui%s", dxuiroot, uiarch, EXE_EXT);
data/dx-4.4.4/src/misc/dx.c:775:4:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
			sprintf(cmd, "%s -v", dxexec);
data/dx-4.4.4/src/misc/dx.c:777:4:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
			sprintf(cmd, "%s -version", dxui);
data/dx-4.4.4/src/misc/dx.c:783:4:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
			sprintf(cmd, "%s%sbin_%s%stutor%s", dxexroot, DIRSEP, uiarch, DIRSEP, EXE_EXT);
data/dx-4.4.4/src/misc/dx.c:789:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
				strcat(prompterflags, FileName);
data/dx-4.4.4/src/misc/dx.c:791:4:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
			sprintf(cmd, "%s%sbin_%s%sprompter%s %s", dxuiroot, DIRSEP, uiarch, DIRSEP, EXE_EXT, prompterflags);
data/dx-4.4.4/src/misc/dx.c:795:4:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
			sprintf(cmd, "%s%sbin_%s%sstartupui%s %s", dxuiroot, DIRSEP, uiarch, DIRSEP, EXE_EXT, argstr);
data/dx-4.4.4/src/misc/dx.c:799:4:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
			sprintf(cmd, "%s%sbin_%s%sbuilder%s %s", dxuiroot, DIRSEP, uiarch, DIRSEP, EXE_EXT, FileName);
data/dx-4.4.4/src/misc/dx.c:805:4:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
			sprintf(exflags, "%s %s %s %s %s %s %s %s %s %s",
data/dx-4.4.4/src/misc/dx.c:809:4:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
			sprintf(cmd, "%s %s ", dxexec, exflags);
data/dx-4.4.4/src/misc/dx.c:817:4:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
			sprintf(tmp, " %s %s %s %s %s %s %s %s %s %s %s %s", 
data/dx-4.4.4/src/misc/dx.c:821:4:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
			strcat(uiflags, tmp);
data/dx-4.4.4/src/misc/dx.c:824:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
				strcat(uiflags, port);
data/dx-4.4.4/src/misc/dx.c:828:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
				strcat(uiflags, FileName);
data/dx-4.4.4/src/misc/dx.c:837:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
				strcat(uiflags, cdto);
data/dx-4.4.4/src/misc/dx.c:843:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
				strcat(uiflags, dxexec);
data/dx-4.4.4/src/misc/dx.c:846:4:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
			sprintf(cmd, "%s %s", dxui, uiflags);
data/dx-4.4.4/src/misc/dx.c:882:6:  [4] (shell) popen:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
	p = popen(cmd, "wt");
data/dx-4.4.4/src/misc/dx.c:924:7:  [4] (shell) execvp:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
	rc = execvp(args[0], args);
data/dx-4.4.4/src/misc/dx.c:957:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(parm[n], argv[i]);
data/dx-4.4.4/src/misc/dx.c:962:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(argstr, parm[n]);
data/dx-4.4.4/src/misc/dx.c:1053:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(errmsg, str);	\
data/dx-4.4.4/src/misc/dx.c:1063:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(errmsg, str);				\
data/dx-4.4.4/src/misc/dx.c:1069:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(val, s);
data/dx-4.4.4/src/misc/dx.c:1073:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(val, s);
data/dx-4.4.4/src/misc/dx.c:1081:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(val, " -" #what);	\
data/dx-4.4.4/src/misc/dx.c:1095:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(errmsg, str);	\
data/dx-4.4.4/src/misc/dx.c:1109:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(msgstr, s);						\
data/dx-4.4.4/src/misc/dx.c:1115:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(msgstr, "ignoring option -" #val);	\
data/dx-4.4.4/src/misc/dx.c:1155:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy(exhost, thishost);
data/dx-4.4.4/src/misc/dx.c:1170:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(exmem, s);
data/dx-4.4.4/src/misc/dx.c:1194:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy(uimode, s);
data/dx-4.4.4/src/misc/dx.c:1309:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		    sprintf(errmsg, "-optimize: parameter \'%s\' not recognized", s);
data/dx-4.4.4/src/misc/dx.c:1439:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		    sprintf(errmsg, "-hwrender: parameter \'%s\' not recognized", s);
data/dx-4.4.4/src/misc/dx.c:1536:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(msgstr, "ignoring option: %s --- & used only on Unix systems\n", s);
data/dx-4.4.4/src/misc/dx.c:1537:6:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
	    printf(msgstr);
data/dx-4.4.4/src/misc/dx.c:1542:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(errmsg, s);
data/dx-4.4.4/src/misc/dx.c:1548:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(errmsg, "input filename already set to \'%s\'; \'%s\' unrecognized", FileName, s);
data/dx-4.4.4/src/misc/dx.h:80:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(errstr, s);	\
data/dx-4.4.4/src/misc/dx.h:86:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(errstr, "%s %s %s", s, t, u);	\
data/dx-4.4.4/src/misc/dx.h:92:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(errstr, s);	\
data/dx-4.4.4/src/misc/dx.h:97:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(errstr, "%s %s %s", s, t, u);	\
data/dx-4.4.4/src/misc/utils.c:66:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(s, temp);
data/dx-4.4.4/src/misc/utils.c:97:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(value, s);
data/dx-4.4.4/src/misc/utils.c:143:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(p, s);
data/dx-4.4.4/src/uipp/base/Application.C:500:5:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    fprintf(stderr, mesg, event->request_code);
data/dx-4.4.4/src/uipp/base/Application.C:510:5:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    fprintf(stderr, mesg, event->minor_code);
data/dx-4.4.4/src/uipp/base/Application.C:520:5:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    fprintf(stderr, mesg, event->resourceid);
data/dx-4.4.4/src/uipp/base/Application.C:524:5:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    fprintf(stderr, mesg, event->serial);
data/dx-4.4.4/src/uipp/base/Application.C:531:5:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    fprintf(stderr, mesg, display->request);
data/dx-4.4.4/src/uipp/base/Application.C:583:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy (res_file, home);
data/dx-4.4.4/src/uipp/base/CascadeMenu.C:38:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(pulldownName,"%s%s",name,NAME);
data/dx-4.4.4/src/uipp/base/CmdEntry.C:78:2:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
	sscanf(next, "%s", s);
data/dx-4.4.4/src/uipp/base/DXStrings.h:56:18:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
# define SPRINTF	sprintf
data/dx-4.4.4/src/uipp/base/DXTensor.C:290:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		strcpy(&s[index],buf);
data/dx-4.4.4/src/uipp/base/DXValue.C:581:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy (value, string);
data/dx-4.4.4/src/uipp/base/DXValue.C:908:10:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
									sprintf(p,"%s ",buf);
data/dx-4.4.4/src/uipp/base/DXValue.C:1233:5:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
    sprintf(s, format,val);
data/dx-4.4.4/src/uipp/base/DXValue.C:1261:4:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
			strcpy(&s[1],p);
data/dx-4.4.4/src/uipp/base/DXValue.C:1289:4:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
			strcpy(s,p);
data/dx-4.4.4/src/uipp/base/DXValue.C:1333:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(nlist,"{ %s }",item);
data/dx-4.4.4/src/uipp/base/DXValue.C:1338:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(nlist,list);
data/dx-4.4.4/src/uipp/base/DXValue.C:1346:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(c-1, item);
data/dx-4.4.4/src/uipp/base/DXValue.C:1539:3:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
		strcat(p, s);
data/dx-4.4.4/src/uipp/base/DXValue.C:1599:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(itembuf, valbuf);
data/dx-4.4.4/src/uipp/base/DXValue.C:1732:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(p,value);	
data/dx-4.4.4/src/uipp/base/DXValue.C:1745:8:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
       strcat(p,&list[idx]);
data/dx-4.4.4/src/uipp/base/DXValue.C:1804:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(p,buf);	
data/dx-4.4.4/src/uipp/base/DXValue.C:1811:4:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
   strcat(p,item);
data/dx-4.4.4/src/uipp/base/DXValue.C:1824:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(p,&list[idx]);
data/dx-4.4.4/src/uipp/base/DXValue.C:1913:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(newlist,"{ %s }",item);
data/dx-4.4.4/src/uipp/base/DXValue.C:1939:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(p,buf);	
data/dx-4.4.4/src/uipp/base/DXValue.C:1945:4:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
   strcat(p,item);
data/dx-4.4.4/src/uipp/base/DXValue.C:1953:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(p,&list[idx]);
data/dx-4.4.4/src/uipp/base/Dialog.C:159:4:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
   sprintf(buffer,"%sPopup",name);
data/dx-4.4.4/src/uipp/base/DynamicResource.C:43:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy (this->resourceName, resourceName);
data/dx-4.4.4/src/uipp/base/DynamicResource.C:152:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy (this->stringRepresentation, value);
data/dx-4.4.4/src/uipp/base/DynamicResource.C:351:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy (widgetName, full_resource);
data/dx-4.4.4/src/uipp/base/DynamicResource.C:417:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy (&newname[os], names_of_dest[i]);
data/dx-4.4.4/src/uipp/base/DynamicResource.C:546:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy (dest->resource_name, src->resource_name);
data/dx-4.4.4/src/uipp/base/DynamicResource.C:548:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy (dest->resource_class, src->resource_class);
data/dx-4.4.4/src/uipp/base/DynamicResource.C:550:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy (dest->resource_type, src->resource_type);
data/dx-4.4.4/src/uipp/base/DynamicResource.C:552:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy (dest->default_type, src->default_type);
data/dx-4.4.4/src/uipp/base/DynamicResource.C:571:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy (newlist[i], newname);
data/dx-4.4.4/src/uipp/base/ErrorDialogManager.C:77:9:  [4] (format) vsprintf:
  Potential format string problem (CWE-134). Make format string constant.
        vsprintf(buffer,(char*)fmt,ap);
data/dx-4.4.4/src/uipp/base/ErrorDialogManager.C:96:2:  [4] (format) vsprintf:
  Potential format string problem (CWE-134). Make format string constant.
	vsprintf(buffer,(char*)fmt,ap);	
data/dx-4.4.4/src/uipp/base/FileDialog.C:153:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(path,"%s%s",dir,file);
data/dx-4.4.4/src/uipp/base/FileDialog.C:265:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(shellname,"%sShell",this->name);
data/dx-4.4.4/src/uipp/base/FileDialog.C:482:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(filter, GetNullStr(cbs->mask));
data/dx-4.4.4/src/uipp/base/FileDialog.C:483:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(mask, filter);
data/dx-4.4.4/src/uipp/base/FileDialog.C:486:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(mask, s1);
data/dx-4.4.4/src/uipp/base/FileDialog.C:493:7:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
      strcat(buff,mask);
data/dx-4.4.4/src/uipp/base/FileDialog.C:494:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
      strcpy(mask,buff);
data/dx-4.4.4/src/uipp/base/FileDialog.C:496:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
  strcpy(dir,mask);                        /* get dir from mask    */
data/dx-4.4.4/src/uipp/base/FileDialog.C:503:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
      strcpy(filter,&ptr[1]);              /* get filter from filter text */
data/dx-4.4.4/src/uipp/base/FileDialog.C:515:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
      strcpy(mask,s1);
data/dx-4.4.4/src/uipp/base/FileDialog.C:522:11:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
          strcat(buff,mask);
data/dx-4.4.4/src/uipp/base/FileDialog.C:523:11:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
          strcpy(mask,buff);
data/dx-4.4.4/src/uipp/base/FileDialog.C:525:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
      strcpy(dir,mask);
data/dx-4.4.4/src/uipp/base/FileDialog.C:526:7:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
      strcat(mask, filter);
data/dx-4.4.4/src/uipp/base/FileDialog.C:532:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(value,mask);
data/dx-4.4.4/src/uipp/base/FileDialog.C:534:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(value,s2);
data/dx-4.4.4/src/uipp/base/FileDialog.C:585:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(p, dir);
data/dx-4.4.4/src/uipp/base/FileDialog.C:586:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(p, DirHandle.name);
data/dx-4.4.4/src/uipp/base/FileDialog.C:637:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(fullname,dir);
data/dx-4.4.4/src/uipp/base/FileDialog.C:638:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(fullname,FindBuffer.achName);
data/dx-4.4.4/src/uipp/base/FileDialog.C:699:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
  strcpy(dirmask, dir);
data/dx-4.4.4/src/uipp/base/FileDialog.C:707:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(fullname,dir);
data/dx-4.4.4/src/uipp/base/FileDialog.C:708:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(fullname,FindBuffer.achName);
data/dx-4.4.4/src/uipp/base/FileDialog.C:763:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy (&buf[os], text);
data/dx-4.4.4/src/uipp/base/HelpMenuCommand.C:64:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(url, theIBMApplication->getUIRoot());
data/dx-4.4.4/src/uipp/base/HelpWin.C:170:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(helpDirFileName, GetHTMLDirectory());
data/dx-4.4.4/src/uipp/base/HelpWin.C:172:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(helpDirFileName, GetHTMLDirFileName());
data/dx-4.4.4/src/uipp/base/HelpWin.C:178:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(helpDirFileName, GetHelpDirectory());
data/dx-4.4.4/src/uipp/base/HelpWin.C:180:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(helpDirFileName, GetHelpDirFileName());
data/dx-4.4.4/src/uipp/base/HelpWin.C:193:6:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
	if (sscanf(line, "%s %s", topic, file) == 2)
data/dx-4.4.4/src/uipp/base/HelpWin.C:416:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    	strcat(url, GetHTMLDirectory());
data/dx-4.4.4/src/uipp/base/HelpWin.C:421:10:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    	    strcat(url, file);
data/dx-4.4.4/src/uipp/base/IBMApplication.C:322:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf (errmsg, "Unrecognized color entry: %s\n", colorname);
data/dx-4.4.4/src/uipp/base/IBMApplication.C:479:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(url, getUIRoot());
data/dx-4.4.4/src/uipp/base/IBMApplication.C:482:2:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
	system("dx -tutor");
data/dx-4.4.4/src/uipp/base/IBMApplication.C:531:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(s, "%s/ui/logo.xpm", theIBMApplication->getUIRoot());
data/dx-4.4.4/src/uipp/base/IBMApplication.C:540:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(s,"%s/ui/logo.dat", this->getUIRoot());
data/dx-4.4.4/src/uipp/base/IBMApplication.C:686:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(s, "%s/ui/icon50.xpm", theIBMApplication->getUIRoot());
data/dx-4.4.4/src/uipp/base/IBMApplication.C:696:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(s,"%s/ui/icon50.dat", theIBMApplication->getUIRoot());
data/dx-4.4.4/src/uipp/base/IBMApplication.C:758:9:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
        sprintf(this->aboutAppString,
data/dx-4.4.4/src/uipp/base/IBMApplication.C:785:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(supfile,"%s/ui/support.txt",dxroot);
data/dx-4.4.4/src/uipp/base/IBMApplication.C:827:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(helpDir, "%s/help", root);
data/dx-4.4.4/src/uipp/base/IBMApplication.C:839:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(htmlDir, "%s/html", root);
data/dx-4.4.4/src/uipp/base/IBMApplication.C:860:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(tmpDirList, p);
data/dx-4.4.4/src/uipp/base/IBMApplication.C:867:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(tmpDirList, p);
data/dx-4.4.4/src/uipp/base/IBMApplication.C:888:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(tmpDirList, p);
data/dx-4.4.4/src/uipp/base/IBMApplication.C:895:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(tmpDirList, p);
data/dx-4.4.4/src/uipp/base/IBMApplication.C:921:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(res_file, "/%s-AD", class_name);
data/dx-4.4.4/src/uipp/base/IBMApplication.C:923:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(res_file, "%s/ui/%s-AD", home, class_name);
data/dx-4.4.4/src/uipp/base/IBMApplication.C:926:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(res_file, "%s/ui/%s-AD", home, class_name);
data/dx-4.4.4/src/uipp/base/IBMApplication.C:948:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf (resource_line, "%s*%s: %s\n", class_name, resource, value);
data/dx-4.4.4/src/uipp/base/IBMApplication.C:1068:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy (&name_list[nl_os], name);
data/dx-4.4.4/src/uipp/base/IBMApplication.C:1077:5:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
    sprintf (resource_line, resource_fmt, class_name, name_list);
data/dx-4.4.4/src/uipp/base/InfoDialogManager.C:94:9:  [4] (format) vsprintf:
  Potential format string problem (CWE-134). Make format string constant.
        vsprintf(buffer,(char*)fmt,ap);
data/dx-4.4.4/src/uipp/base/InfoDialogManager.C:119:9:  [4] (format) vsprintf:
  Potential format string problem (CWE-134). Make format string constant.
        vsprintf(p,(char*)fmt,ap);
data/dx-4.4.4/src/uipp/base/License.C:82:13:  [4] (crypto) crypt:
  The crypt functions use a poor one-way hashing algorithm; since they only
  accept passwords of 8 characters or fewer and only a two-byte salt, they
  are excessively vulnerable to dictionary attacks given today's faster
  computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
  with a larger, non-repeating salt.
const char *crypt(const char*, const char*);
data/dx-4.4.4/src/uipp/base/License.C:133:20:  [4] (crypto) crypt:
  The crypt functions use a poor one-way hashing algorithm; since they only
  accept passwords of 8 characters or fewer and only a two-byte salt, they
  are excessively vulnerable to dictionary attacks given today's faster
  computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
  with a larger, non-repeating salt.
#define CRYPT(A,B) crypt((const char*)A, (const char*)B) 
data/dx-4.4.4/src/uipp/base/License.C:138:51:  [4] (crypto) crypt:
  The crypt functions use a poor one-way hashing algorithm; since they only
  accept passwords of 8 characters or fewer and only a two-byte salt, they
  are excessively vulnerable to dictionary attacks given today's faster
  computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
  with a larger, non-repeating salt.
  error:  Can not  run licensing routines without crypt()
data/dx-4.4.4/src/uipp/base/License.C:198:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(envbuf,c_buf+4);
data/dx-4.4.4/src/uipp/base/License.C:238:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(remname,s);
data/dx-4.4.4/src/uipp/base/License.C:240:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(remname,"%s/bin_%s/dxshadow",root,DXD_ARCHNAME);
data/dx-4.4.4/src/uipp/base/License.C:251:7:  [4] (shell) execlp:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
      execlp(remname, "dxshadow", arg1, "-version", arg3, NULL);
data/dx-4.4.4/src/uipp/base/License.C:314:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(ckey,c_buf+4);
data/dx-4.4.4/src/uipp/base/License.C:321:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(p_buf,CRYPT(ckey,salt));;
data/dx-4.4.4/src/uipp/base/License.C:446:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(cryptbuf,CRYPT(keybuf,salt));
data/dx-4.4.4/src/uipp/base/License.C:449:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(outkey,"%s%hx",cryptbuf,
data/dx-4.4.4/src/uipp/base/License.C:512:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
  strcpy(host, name.machine+2);
data/dx-4.4.4/src/uipp/base/License.C:518:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
  strcpy(host, name.idnumber+2);
data/dx-4.4.4/src/uipp/base/License.C:524:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
  strcpy(host, host+2);
data/dx-4.4.4/src/uipp/base/License.C:566:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy(devea.ifr_name,dev);
data/dx-4.4.4/src/uipp/base/License.C:571:7:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
		    strcat(host,buf);
data/dx-4.4.4/src/uipp/base/License.C:603:4:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	  sprintf(fileName, "%s/expiration", root);
data/dx-4.4.4/src/uipp/base/License.C:704:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(errstr, s);	\
data/dx-4.4.4/src/uipp/base/License.C:774:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(k, buf);
data/dx-4.4.4/src/uipp/base/ListEditor.C:101:3:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
		strcat(p,s);
data/dx-4.4.4/src/uipp/base/MainWindow.C:377:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(menubar_name,"%sMenuBar",this->name);
data/dx-4.4.4/src/uipp/base/MainWindow.C:820:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		    strcpy (geom, this->geometry_string);
data/dx-4.4.4/src/uipp/base/SaveFileDialog.C:78:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(file, filename);
data/dx-4.4.4/src/uipp/base/SaveFileDialog.C:99:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(file,this->forced_extension);
data/dx-4.4.4/src/uipp/base/StartWebBrowser.C:125:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(fname + strlen(fname), "%s.%s", tmpnam(NULL), ".htm");
data/dx-4.4.4/src/uipp/base/StartWebBrowser.C:136:13:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
            strcat(CmdLine, URL);
data/dx-4.4.4/src/uipp/base/StartWebBrowser.C:150:13:  [4] (shell) execlp:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
		int ret = execlp(webApp, webApp, URL, NULL);
data/dx-4.4.4/src/uipp/base/Strings.C:44:18:  [4] (tmpfile) mktemp:
  Temporary file race condition (CWE-377).
extern "C" char *mktemp(char *);
data/dx-4.4.4/src/uipp/base/Strings.C:52:10:  [4] (tmpfile) mktemp:
  Temporary file race condition (CWE-377).
#define  mktemp   _mktemp
data/dx-4.4.4/src/uipp/base/Strings.C:73:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(new_string, string); 
data/dx-4.4.4/src/uipp/base/Strings.C:120:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(unique, path);
data/dx-4.4.4/src/uipp/base/Strings.C:129:10:  [4] (tmpfile) mktemp:
  Temporary file race condition (CWE-377).
    if (!mktemp(unique)) {
data/dx-4.4.4/src/uipp/base/Strings.C:244:15:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
        (void)strcat(path, oldPath);
data/dx-4.4.4/src/uipp/base/Strings.C:258:17:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                strcpy(path, oldPath);
data/dx-4.4.4/src/uipp/base/Strings.C:262:17:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                strcpy(path, home);
data/dx-4.4.4/src/uipp/base/Strings.C:263:17:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
                strcat(path, oldPath + 1);
data/dx-4.4.4/src/uipp/base/Strings.C:284:17:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                strcpy(path, oldPath);
data/dx-4.4.4/src/uipp/base/Strings.C:288:17:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                strcpy(path, ent->pw_dir);
data/dx-4.4.4/src/uipp/base/Strings.C:289:17:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
                strcat(path, oldPath + i);
data/dx-4.4.4/src/uipp/base/Strings.C:304:9:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
        strcat(path, oldPath);
data/dx-4.4.4/src/uipp/base/Strings.C:308:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(path, oldPath);
data/dx-4.4.4/src/uipp/base/Strings.C:444:5:  [4] (format) vsprintf:
  Potential format string problem (CWE-134). Make format string constant.
    vsprintf(s,format,ap);	
data/dx-4.4.4/src/uipp/base/TemporaryLicense.C:38:24:  [4] (crypto) crypt:
  The crypt functions use a poor one-way hashing algorithm; since they only
  accept passwords of 8 characters or fewer and only a two-byte salt, they
  are excessively vulnerable to dictionary attacks given today's faster
  computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
  with a larger, non-repeating salt.
extern "C" const char *crypt(const char* , const char*);
data/dx-4.4.4/src/uipp/base/TemporaryLicense.C:40:18:  [4] (crypto) crypt:
  The crypt functions use a poor one-way hashing algorithm; since they only
  accept passwords of 8 characters or fewer and only a two-byte salt, they
  are excessively vulnerable to dictionary attacks given today's faster
  computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
  with a larger, non-repeating salt.
extern "C" char *crypt(const char* , const char*);
data/dx-4.4.4/src/uipp/base/TemporaryLicense.C:149:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(cryptHost, crypt(host, KEY1));
data/dx-4.4.4/src/uipp/base/TemporaryLicense.C:149:23:  [4] (crypto) crypt:
  The crypt functions use a poor one-way hashing algorithm; since they only
  accept passwords of 8 characters or fewer and only a two-byte salt, they
  are excessively vulnerable to dictionary attacks given today's faster
  computing equipment (CWE-327). Use a different algorithm, such as SHA-256,
  with a larger, non-repeating salt.
    strcpy(cryptHost, crypt(host, KEY1));
data/dx-4.4.4/src/uipp/base/TemporaryLicense.C:272:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy (host, host+2);
data/dx-4.4.4/src/uipp/base/TemporaryLicense.C:281:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy (host, name.idnumber+2);
data/dx-4.4.4/src/uipp/base/TemporaryLicense.C:300:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy (host, name.machine+2);
data/dx-4.4.4/src/uipp/base/TemporaryLicense.C:328:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		    strcpy(devea.ifr_name,dev);
data/dx-4.4.4/src/uipp/base/TemporaryLicense.C:333:8:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
			    strcat(host,buf);
data/dx-4.4.4/src/uipp/base/TemporaryLicense.C:360:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf (envsetting, "%s%s", cp,key);
data/dx-4.4.4/src/uipp/base/TemporaryLicense.C:364:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy (envsetting, cp);
data/dx-4.4.4/src/uipp/base/TextSelector.C:169:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy (seli, cp);
data/dx-4.4.4/src/uipp/base/TextSelector.C:663:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy (proposed, cp);
data/dx-4.4.4/src/uipp/base/TextSelector.C:664:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy (&proposed[tvcs->startPos], tbrec->ptr);
data/dx-4.4.4/src/uipp/base/TextSelector.C:665:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat (proposed, &cp[tvcs->startPos]);
data/dx-4.4.4/src/uipp/base/TransferStyle.C:28:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy (this->name, name);
data/dx-4.4.4/src/uipp/base/UIComponent.C:270:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(prepend,classname);
data/dx-4.4.4/src/uipp/base/UIComponent.C:273:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(prepend,"%s*%s",classname,this->name);
data/dx-4.4.4/src/uipp/base/UIComponent.C:282:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(buffer, "%s%s", prepend, resourceSpec[i++]);
data/dx-4.4.4/src/uipp/base/UIComponent.C:647:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(format," %s: position = (%%f,%%f), size = %%fx%%f, screen = %%d",tag);
data/dx-4.4.4/src/uipp/base/UIComponent.C:653:13:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function. If the scanf format is influenceable by an
  attacker, it's exploitable.
    items = sscanf(line,format,&norm_xpos,&norm_ypos,&norm_xsize,&norm_ysize,&screen);
data/dx-4.4.4/src/uipp/base/WarningDialogManager.C:77:5:  [4] (format) vsprintf:
  Potential format string problem (CWE-134). Make format string constant.
    vsprintf(buffer,(char*)fmt,ap);
data/dx-4.4.4/src/uipp/base/WarningDialogManager.C:93:5:  [4] (format) vsprintf:
  Potential format string problem (CWE-134). Make format string constant.
    vsprintf(buffer,(char*)fmt,ap);
data/dx-4.4.4/src/uipp/base/WizardDialog.C:131:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf (pathname, "%sui/%s", uiroot, this->parent_name);
data/dx-4.4.4/src/uipp/base/WizardDialog.C:133:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf (pathname, "%s/ui/%s", uiroot, this->parent_name);
data/dx-4.4.4/src/uipp/base/WorkSpaceGrid.C:145:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(r, "// layout: snap = %d, width = %d, height = %d, align = %s\n",
data/dx-4.4.4/src/uipp/base/defines.h:71:18:  [4] (misc) getlogin:
  It's often easy to fool getlogin. Sometimes it does not work at all,
  because some program messed up the utmp file. Often, it gives only the
  first 8 characters of the login name. The user currently logged in on the
  controlling tty of our program need not be the user who started it. Avoid
  getlogin() for security-related purposes (CWE-807). Use getpwuid(geteuid())
  and extract the desired information instead.
#define GETLOGIN getlogin()
data/dx-4.4.4/src/uipp/base/defines.h:104:9:  [4] (shell) popen:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
#define popen  _popen
data/dx-4.4.4/src/uipp/base/defines.h:106:18:  [4] (shell) popen:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
Got to have SOME popen available
data/dx-4.4.4/src/uipp/base/defines.h:122:18:  [4] (shell) popen:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
Got to have SOME popen available
data/dx-4.4.4/src/uipp/base/help.c:70:7:  [4] (tmpfile) mktemp:
  Temporary file race condition (CWE-377).
char* mktemp(char*);
data/dx-4.4.4/src/uipp/base/help.c:72:14:  [4] (tmpfile) mktemp:
  Temporary file race condition (CWE-377).
extern char* mktemp(char*);
data/dx-4.4.4/src/uipp/base/help.c:245:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(CurrentFont, DEFAULT_INDEX_FONT);
data/dx-4.4.4/src/uipp/base/help.c:246:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(CurrentColor, DEFAULT_INDEX_COLOR);
data/dx-4.4.4/src/uipp/base/help.c:249:13:  [4] (tmpfile) mktemp:
  Temporary file race condition (CWE-377).
    fname = mktemp(name);
data/dx-4.4.4/src/uipp/base/help.c:251:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(str, "%s/%s", "/tmp", fname);
data/dx-4.4.4/src/uipp/base/help.c:266:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy(CurrentFont,IndexTable[i]->Font);
data/dx-4.4.4/src/uipp/base/help.c:268:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy(CurrentColor,IndexTable[i]->Color);
data/dx-4.4.4/src/uipp/base/help.c:346:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(fname,"%s/%s", GetHelpDirectory(), LinkData);
data/dx-4.4.4/src/uipp/base/help.c:348:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy(fname, LinkData);
data/dx-4.4.4/src/uipp/base/help.c:362:11:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
          sprintf(fname,"%s%s%s%s",tempname,README_PREFIX,"_",DXD_ARCHNAME);
data/dx-4.4.4/src/uipp/base/help.c:370:11:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
          sprintf(fname,"%s%s",tempname,README_PREFIX);
data/dx-4.4.4/src/uipp/base/help.c:377:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	   sprintf(fname,"%s/%s", GetHelpDirectory(), ReadmeNotAvailable);
data/dx-4.4.4/src/uipp/base/help.c:384:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(fname,"%s %s","man",LinkData + 1);
data/dx-4.4.4/src/uipp/base/help.c:385:11:  [4] (shell) popen:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
	infile = popen(fname,"r");
data/dx-4.4.4/src/uipp/base/help.c:388:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(userdata->filename,LinkData);
data/dx-4.4.4/src/uipp/base/help.c:389:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(userdata->label,Label);
data/dx-4.4.4/src/uipp/base/help.c:706:7:  [4] (tmpfile) mktemp:
  Temporary file race condition (CWE-377).
char *mktemp(char *tmplate)
data/dx-4.4.4/src/uipp/base/helpstack.c:93:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
  strcpy(val,value);
data/dx-4.4.4/src/uipp/base/history.c:306:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(oldData, data);
data/dx-4.4.4/src/uipp/base/history.c:338:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(oldData, data);
data/dx-4.4.4/src/uipp/base/history.c:357:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(menuDataPtr->filename, userdata->filename);
data/dx-4.4.4/src/uipp/base/history.c:358:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(menuDataPtr->label, userdata->label);
data/dx-4.4.4/src/uipp/base/parse.c:59:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
 sprintf(fmt,"%s%s%s%s%s%s","%[^",stoppat,"]","%[",stoppat,"]");
data/dx-4.4.4/src/uipp/base/parse.c:63:6:  [4] (buffer) fscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function. If the scanf format is influenceable by an
  attacker, it's exploitable.
 if (fscanf(*mathfile,fmt,buffer,rest) == EOF)
data/dx-4.4.4/src/uipp/base/parse.c:78:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(fmt, "%s%s%s%s%s%s", "%[^" ,stoppat, "]" , "%[" ,stoppat, "]");
data/dx-4.4.4/src/uipp/base/parse.c:79:9:  [4] (buffer) fscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function. If the scanf format is influenceable by an
  attacker, it's exploitable.
    if (fscanf(*file, fmt, buffer, rest) == EOF) return (NULL);
data/dx-4.4.4/src/uipp/base/parse.c:129:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
  strcpy(font, DEFAULT_FONT);
data/dx-4.4.4/src/uipp/base/parse.c:130:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
  strcpy(color, DEFAULT_COLOR);
data/dx-4.4.4/src/uipp/base/parse.c:169:16:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
               strcpy(spot->refname,buffer + TAGLEN);
data/dx-4.4.4/src/uipp/base/parse.c:231:22:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
                     sprintf(fascname,"%s%s%s%s",envptr,"/",ascname,".asc");
data/dx-4.4.4/src/uipp/base/parse.c:282:31:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		                            strcpy(font, Top(userdata->fontstack));
data/dx-4.4.4/src/uipp/base/parse.c:346:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		    strcpy(font, Top(userdata->fontstack));
data/dx-4.4.4/src/uipp/base/parse.c:350:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		    strcpy(color, Top(userdata->colorstack)); 
data/dx-4.4.4/src/uipp/dxl/close.c:41:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buf, "close colormapEditor label=%s", label);
data/dx-4.4.4/src/uipp/dxl/close.c:49:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buf, "close colormapEditor title=%s", title);
data/dx-4.4.4/src/uipp/dxl/close.c:63:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buf, "close image label=%s", label);
data/dx-4.4.4/src/uipp/dxl/close.c:71:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buf, "close image title=%s", title);
data/dx-4.4.4/src/uipp/dxl/conn.c:731:3:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
		strcat (s, av[0]);
data/dx-4.4.4/src/uipp/dxl/conn.c:777:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(script_name,"/tmp/dx-%s:%d",Uts_Name.nodename,getpid());
data/dx-4.4.4/src/uipp/dxl/conn.c:785:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(cmd, "%s -c \"%s %s -l %s 'cat > %s' > /dev/null 2>&1\"",
data/dx-4.4.4/src/uipp/dxl/conn.c:788:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(cmd, "%s -c \"%s %s 'cat > %s' > /dev/null 2>&1\"",
data/dx-4.4.4/src/uipp/dxl/conn.c:795:7:  [4] (shell) popen:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
	fp = popen(cmd,"w");
data/dx-4.4.4/src/uipp/dxl/conn.c:935:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(errstr,"Could not connect using '%s'\n",fargv[0]);
data/dx-4.4.4/src/uipp/dxl/conn.c:980:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(exename,av[0]);
data/dx-4.4.4/src/uipp/dxl/conn.c:990:13:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
            strcat(ptr,exename);
data/dx-4.4.4/src/uipp/dxl/conn.c:994:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(cmd,exename);
data/dx-4.4.4/src/uipp/dxl/conn.c:995:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy(args,exename);
data/dx-4.4.4/src/uipp/dxl/conn.c:1005:17:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
                strcat(ptr, av[i]);
data/dx-4.4.4/src/uipp/dxl/conn.c:1033:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(errstr,"Could not connect using '%s'\n", args[0]);
data/dx-4.4.4/src/uipp/dxl/conn.c:1073:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(exename,av[0]);
data/dx-4.4.4/src/uipp/dxl/conn.c:1082:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(cmd,exename);
data/dx-4.4.4/src/uipp/dxl/conn.c:1090:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(cmd, host);
data/dx-4.4.4/src/uipp/dxl/conn.c:1094:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(cmd,exename);
data/dx-4.4.4/src/uipp/dxl/conn.c:1102:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(cmd, av[i]);
data/dx-4.4.4/src/uipp/dxl/conn.c:1162:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(errstr,"Could not connect using '%s'\n",cmd);
data/dx-4.4.4/src/uipp/dxl/dxlP.h:251:17:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
#define SPRINTF sprintf
data/dx-4.4.4/src/uipp/dxl/execute.c:99:8:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
       sprintf(namestr, "%s(\n", name);
data/dx-4.4.4/src/uipp/dxl/execute.c:107:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	   strcat(namestr, args[i]);
data/dx-4.4.4/src/uipp/dxl/handlers.c:43:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(he->operand,str);
data/dx-4.4.4/src/uipp/dxl/load.c:27:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buffer, "load macroFile %s", file);
data/dx-4.4.4/src/uipp/dxl/load.c:40:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buffer, "load macroDirectory %s", dir);
data/dx-4.4.4/src/uipp/dxl/object.c:68:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(format,"%s %%s %%d",object_token);
data/dx-4.4.4/src/uipp/dxl/object.c:69:9:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function. If the scanf format is influenceable by an
  attacker, it's exploitable.
    if (sscanf(msg,format,varname,&object_size) == 2) {
data/dx-4.4.4/src/uipp/dxl/object.c:72:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(format,"%s %%s %%d",link_object_token);
data/dx-4.4.4/src/uipp/dxl/object.c:73:6:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function. If the scanf format is influenceable by an
  attacker, it's exploitable.
	if (sscanf(msg,format,varname,&object_size) == 2) 
data/dx-4.4.4/src/uipp/dxl/open.c:72:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(buffer, "open network %s", file);
data/dx-4.4.4/src/uipp/dxl/open.c:82:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buffer, "include \"%s\"", file);
data/dx-4.4.4/src/uipp/dxl/open.c:118:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buffer, "include \"%s\"", file);
data/dx-4.4.4/src/uipp/dxl/open.c:147:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(buffer, "open config %s", file);
data/dx-4.4.4/src/uipp/dxl/query.c:78:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buffer, "query value %s",varname) ;
data/dx-4.4.4/src/uipp/dxl/query.c:94:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(varname, "%s_%s_%d_in_%d", macro, module, instance, number);
data/dx-4.4.4/src/uipp/dxl/query.c:140:22:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
    if (sts == OK && sscanf(rbuf, "\"%s\"", value) != 1)
data/dx-4.4.4/src/uipp/dxl/query.c:156:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(varname, "%s_%s_%d_out_%d", macro, module, instance, number);
data/dx-4.4.4/src/uipp/dxl/query.c:201:22:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
    if (sts == OK && sscanf(rbuf, "\"%s\"", value) != 1)
data/dx-4.4.4/src/uipp/dxl/save.c:29:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(buffer, "save network %s", file);
data/dx-4.4.4/src/uipp/dxl/send.c:127:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(event->contents,msg);
data/dx-4.4.4/src/uipp/dxl/send.c:935:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(newString, string);
data/dx-4.4.4/src/uipp/dxl/send.c:978:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(newString, string);
data/dx-4.4.4/src/uipp/dxl/socket.c:90:5:  [4] (format) vsprintf:
  Potential format string problem (CWE-134). Make format string constant.
    vsprintf(s,(char*)format,ap);
data/dx-4.4.4/src/uipp/dxl/socket.c:120:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(hostname, host);
data/dx-4.4.4/src/uipp/dxl/socket.c:420:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(remoteHostname, he->h_name);
data/dx-4.4.4/src/uipp/dxl/socket.c:424:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(localHostname, he->h_name);
data/dx-4.4.4/src/uipp/dxl/socket.c:437:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(localhostHostname, he->h_name);
data/dx-4.4.4/src/uipp/dxl/value.c:69:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(format,"%s %%s %%n",link_value_token);
data/dx-4.4.4/src/uipp/dxl/value.c:70:9:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function. If the scanf format is influenceable by an
  attacker, it's exploitable.
    if (sscanf(msg,format,varname,&count) == 1) 
data/dx-4.4.4/src/uipp/dxl/value.c:77:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(value, msg + count);
data/dx-4.4.4/src/uipp/dxl/value.c:157:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(buffer, "set receiver %s = %s",var, value);
data/dx-4.4.4/src/uipp/dxl/value.c:159:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(buffer, "set value %s = %s",var, value);
data/dx-4.4.4/src/uipp/dxl/value.c:164:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(name, "\"%s\"", var);
data/dx-4.4.4/src/uipp/dxl/value.c:182:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(buffer, "set value %s = %s",var, value);
data/dx-4.4.4/src/uipp/dxl/value.c:184:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(buffer, "set tab %s = %s",var, value);
data/dx-4.4.4/src/uipp/dxl/value.c:186:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(buffer, "%s = %s;",var, value);
data/dx-4.4.4/src/uipp/dxl/value.c:216:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buffer, "\"%s\"",value);
data/dx-4.4.4/src/uipp/dxl/value.c:231:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(varname, "%s_%s_%d_in_%d", macro, module, instance, number);
data/dx-4.4.4/src/uipp/dxl/value.c:264:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buffer, "\"%s\"",value);
data/dx-4.4.4/src/uipp/dxl/value.c:279:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(varname, "%s_%s_%d_out_%d", macro, module, instance, number);
data/dx-4.4.4/src/uipp/dxl/value.c:312:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buffer, "\"%s\"",value);
data/dx-4.4.4/src/uipp/dxl/windows.c:41:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buf, "open colormapEditor label=%s", label);
data/dx-4.4.4/src/uipp/dxl/windows.c:51:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buf, "open colormapEditor title=%s", title);
data/dx-4.4.4/src/uipp/dxl/windows.c:61:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buf, "open controlpanel title=%s", name);
data/dx-4.4.4/src/uipp/dxl/windows.c:87:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buf, "open image label=%s", label);
data/dx-4.4.4/src/uipp/dxl/windows.c:95:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buf, "open image title=%s", title);
data/dx-4.4.4/src/uipp/dxl/windows.c:116:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buf, "render-mode %s title=%s",mode,title);
data/dx-4.4.4/src/uipp/dxui/ColormapNode.C:486:4:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
			strcpy(last,buf);
data/dx-4.4.4/src/uipp/dxui/ColormapNode.C:593:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(cmfile , "%s/%s", path, &comment[PATH_COMMENT_LEN]);
data/dx-4.4.4/src/uipp/dxui/ColormapNode.C:1083:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(cmname, "%s/%s.cm", path, name);
data/dx-4.4.4/src/uipp/dxui/ColormapNode.C:1332:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(p, "[%s %s] ", v1,v2); 
data/dx-4.4.4/src/uipp/dxui/ColormapNode.C:1422:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buffer, "{%s %s}", v1,v2); 
data/dx-4.4.4/src/uipp/dxui/ConfirmedQuitCommand.C:85:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(dialogQuestion,"Do you really want to quit %s?",
data/dx-4.4.4/src/uipp/dxui/DXLInputNode.C:34:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(label,"%s_%d",this->getNameString(),this->getInstanceNumber());
data/dx-4.4.4/src/uipp/dxui/DXLInputNode.C:69:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(string, "    %s = %s;\n"
data/dx-4.4.4/src/uipp/dxui/DXLInputNode.C:76:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(string,"    %s = %s;\n", outputname,label);
data/dx-4.4.4/src/uipp/dxui/DXLInputNode.C:90:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(vs,"%s = %s;\n", label, value);
data/dx-4.4.4/src/uipp/dxui/DXLInputNode.C:163:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf (new_label, "%s%d", matchstr, instnum);
data/dx-4.4.4/src/uipp/dxui/DXLInputNode.C:180:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy (buf, this->getLabelString());
data/dx-4.4.4/src/uipp/dxui/DXLInputNode.C:184:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy (propName, buf);
data/dx-4.4.4/src/uipp/dxui/DXLInputNode.C:186:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy (PropName, buf);
data/dx-4.4.4/src/uipp/dxui/DXLInputNode.C:217:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy (buf, this->getLabelString());
data/dx-4.4.4/src/uipp/dxui/DXLInputNode.C:221:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy (propName, buf);
data/dx-4.4.4/src/uipp/dxui/DXLInputNode.C:223:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy (PropName, buf);
data/dx-4.4.4/src/uipp/dxui/DXLOutputNode.C:32:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(label,"%s_%d",this->getNameString(),this->getInstanceNumber());
data/dx-4.4.4/src/uipp/dxui/DisplayNode.C:437:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(buf2, "\"X%d,,%s\";", this->getDepth(), cp);
data/dx-4.4.4/src/uipp/dxui/DisplayNode.C:441:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(retbuf, buf1);
data/dx-4.4.4/src/uipp/dxui/DisplayNode.C:442:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(retbuf, buf2);
data/dx-4.4.4/src/uipp/dxui/ExecCommandDialog.C:88:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(c,"%s\n",s);
data/dx-4.4.4/src/uipp/dxui/ImageNode.C:1068:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(buf, "CacheScene(%sImage_%d_in_%d, "
data/dx-4.4.4/src/uipp/dxui/ImageNode.C:1075:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(buf, "CacheScene(%sImage_%d_in_%d, "
data/dx-4.4.4/src/uipp/dxui/ImageNode.C:1082:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy (s, buf);
data/dx-4.4.4/src/uipp/dxui/ImageNode.C:1107:4:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
			sprintf(buf+len, "%d%s",
data/dx-4.4.4/src/uipp/dxui/ImageNode.C:1235:6:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
	n = sscanf(mode, "%s %s", imode, arg);
data/dx-4.4.4/src/uipp/dxui/Interactor.C:721:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(topic, "%sInteractor",
data/dx-4.4.4/src/uipp/dxui/InteractorNode.C:200:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(s,"%s %s:",nodename,varname);
data/dx-4.4.4/src/uipp/dxui/InteractorNode.C:537:8:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
	      sscanf(comment,
data/dx-4.4.4/src/uipp/dxui/InteractorNode.C:1149:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(this->lastInteractorLabel,(char*)p1);
data/dx-4.4.4/src/uipp/dxui/InteractorNode.C:1212:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf (var_name, "%s_%d", this->getNameString(), this->getInstanceNumber());
data/dx-4.4.4/src/uipp/dxui/InteractorNode.C:1256:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf (this->java_variable, "%s_%d",
data/dx-4.4.4/src/uipp/dxui/MacroDefinition.C:82:42:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
MacroDefinition::MacroDefinition(boolean system) : 
data/dx-4.4.4/src/uipp/dxui/MacroDefinition.C:85:25:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    this->systemMacro = system;
data/dx-4.4.4/src/uipp/dxui/MacroDefinition.C:91:10:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if (!system)
data/dx-4.4.4/src/uipp/dxui/MacroDefinition.C:632:3:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
		sprintf(p,errtxt,nsptr, strerror(errno));
data/dx-4.4.4/src/uipp/dxui/MacroDefinition.C:687:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy(srch_string2,nsptr);                        
data/dx-4.4.4/src/uipp/dxui/MacroDefinition.C:702:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		    strcpy(path, nsptr);
data/dx-4.4.4/src/uipp/dxui/MacroDefinition.C:706:21:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
                    strcat(path, entry.name);
data/dx-4.4.4/src/uipp/dxui/MacroDefinition.C:708:21:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
                    strcat(path, entry->d_name);
data/dx-4.4.4/src/uipp/dxui/MacroDefinition.C:731:8:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
			    sprintf(p,errtxt,path, strerror(errno));
data/dx-4.4.4/src/uipp/dxui/MacroDefinition.C:808:3:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
		sprintf(*errmsg,errtxt,netFile);
data/dx-4.4.4/src/uipp/dxui/MacroParameterNode.C:285:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(string, "%s = %s;\n", outputs, name);
data/dx-4.4.4/src/uipp/dxui/MacroParameterNode.C:293:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(string, "%s = %s;\n", name, inputs);
data/dx-4.4.4/src/uipp/dxui/MacroParameterNode.C:317:21:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function. If the scanf format is influenceable by an
  attacker, it's exploitable.
		int itemsParsed = sscanf(comment, PARAM_FMT, 
data/dx-4.4.4/src/uipp/dxui/MacroParameterNode.C:326:18:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function. If the scanf format is influenceable by an
  attacker, it's exploitable.
			itemsParsed = sscanf(comment, PARAM_FMT1, 
data/dx-4.4.4/src/uipp/dxui/MacroParameterNode.C:791:9:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    if (fprintf(f, "    //" PARAM_OFMT,
data/dx-4.4.4/src/uipp/dxui/Node.C:180:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(buf,
data/dx-4.4.4/src/uipp/dxui/Node.C:186:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(buf,
data/dx-4.4.4/src/uipp/dxui/Node.C:310:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(buf, "%s%s%s_%d_out_%d", indent,varprefix, 
data/dx-4.4.4/src/uipp/dxui/Node.C:322:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(buf,"%s%s",indent,this->getInputValueString(i));
data/dx-4.4.4/src/uipp/dxui/Node.C:325:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(buf,"%s%s%s_%d_in_%d", indent, varprefix, 
data/dx-4.4.4/src/uipp/dxui/Node.C:330:9:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
        strcat(pstr,buf);
data/dx-4.4.4/src/uipp/dxui/Node.C:362:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buf,"%s%s_%d_%s_%d", 
data/dx-4.4.4/src/uipp/dxui/Node.C:406:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(newprefix,"%s%s_%d_out_",varprefix,name,this->instanceNumber);
data/dx-4.4.4/src/uipp/dxui/Node.C:418:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(buf,"%s%d%s", newprefix, i, (i==num_params ? "" : ",\n"));
data/dx-4.4.4/src/uipp/dxui/Node.C:420:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(buf,"%s%d[cache: %d]%s",
data/dx-4.4.4/src/uipp/dxui/Node.C:423:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(pstr,buf);
data/dx-4.4.4/src/uipp/dxui/Node.C:706:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(module,"%s%s(",__indent,name);			
data/dx-4.4.4/src/uipp/dxui/Node.C:722:6:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
    	sprintf(attributes, fmt, __indent, 
data/dx-4.4.4/src/uipp/dxui/Node.C:732:6:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
    	sprintf(attributes, fmt, __indent, 
data/dx-4.4.4/src/uipp/dxui/Node.C:743:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(s,"%s\n%s\n%s\n",
data/dx-4.4.4/src/uipp/dxui/Node.C:748:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(s,"%s = \n%s\n%s\n%s\n",
data/dx-4.4.4/src/uipp/dxui/Node.C:830:8:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
       sprintf(this->moduleMessageId,"%s_%d",name, this->getInstanceNumber());
data/dx-4.4.4/src/uipp/dxui/Node.C:928:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(retstr,pname);
data/dx-4.4.4/src/uipp/dxui/Node.C:930:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(p,v);
data/dx-4.4.4/src/uipp/dxui/Node.C:965:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(s, v);
data/dx-4.4.4/src/uipp/dxui/Node.C:1002:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(retstr,pname);
data/dx-4.4.4/src/uipp/dxui/Node.C:1004:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(c,pval);
data/dx-4.4.4/src/uipp/dxui/Node.C:1046:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		s = strcpy(s, buf);
data/dx-4.4.4/src/uipp/dxui/Node.C:1048:7:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
		s = strcat(s,buf);
data/dx-4.4.4/src/uipp/dxui/Node.C:1069:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		s = strcpy(s, buf);
data/dx-4.4.4/src/uipp/dxui/Node.C:1071:7:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
		s = strcat(s,buf);
data/dx-4.4.4/src/uipp/dxui/Node.C:1212:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(s, names);
data/dx-4.4.4/src/uipp/dxui/Node.C:1214:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(s, values);
data/dx-4.4.4/src/uipp/dxui/Node.C:1869:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(msg,"Executive(\"assign noexecute\",\"%s\",%s);",
data/dx-4.4.4/src/uipp/dxui/Node.C:1880:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(msg ,"Executive(\"assign noexecute\",\"%s\",%s);",
data/dx-4.4.4/src/uipp/dxui/Node.C:2135:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(pname,"%s%d",rval,index);
data/dx-4.4.4/src/uipp/dxui/Node.C:2140:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(buf,rval);
data/dx-4.4.4/src/uipp/dxui/Node.C:3287:9:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
        sprintf(modinput_name, MODINPUT_FORMAT,name,instance_number);
data/dx-4.4.4/src/uipp/dxui/Node.C:3292:3:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
		sprintf(oname,OBJVAL_FORMAT,modinput_name, 
data/dx-4.4.4/src/uipp/dxui/Node.C:3296:11:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
		    if (fprintf(f,code) <= 0)
data/dx-4.4.4/src/uipp/dxui/Node.C:3305:9:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
        sprintf(modoutput_name, MODOUTPUT_FORMAT,name,instance_number);
data/dx-4.4.4/src/uipp/dxui/Node.C:3309:3:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
		sprintf(oname,OBJVAL_FORMAT,modoutput_name,
data/dx-4.4.4/src/uipp/dxui/Node.C:3350:2:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	sprintf(modinput_name, MODINPUT_FORMAT,name,instance_number);
data/dx-4.4.4/src/uipp/dxui/Node.C:3367:3:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
		sprintf(oname, MODOUTPUT_FORMAT,onode->getNameString(),
data/dx-4.4.4/src/uipp/dxui/Node.C:3369:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(input_val, "%s_%s", oname,
data/dx-4.4.4/src/uipp/dxui/Node.C:3375:3:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
		sprintf(oname,OBJVAL_FORMAT,modinput_name,
data/dx-4.4.4/src/uipp/dxui/Node.C:3381:23:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
	    if (init_code && fprintf(f,init_code) <= 0) {
data/dx-4.4.4/src/uipp/dxui/Node.C:3404:5:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
    sprintf(modoutput_name, MODOUTPUT_FORMAT,name,instance_number);
data/dx-4.4.4/src/uipp/dxui/Node.C:3413:2:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	sprintf(oname,OBJVAL_FORMAT,modoutput_name,
data/dx-4.4.4/src/uipp/dxui/Node.C:3415:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(output_objptr,"&%s",oname);
data/dx-4.4.4/src/uipp/dxui/Node.C:3440:6:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	    sprintf(oname,OBJVAL_FORMAT,modoutput_name,
data/dx-4.4.4/src/uipp/dxui/Node.C:3466:9:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
        sprintf(modinput_name, MODINPUT_FORMAT,name,instance_number);
data/dx-4.4.4/src/uipp/dxui/Node.C:3470:3:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
		sprintf(oname,OBJVAL_FORMAT,modinput_name,
data/dx-4.4.4/src/uipp/dxui/Node.C:3475:11:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
		    if (fprintf(f,cleanup_code) <= 0) {
data/dx-4.4.4/src/uipp/dxui/Node.C:3486:9:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
        sprintf(modoutput_name, MODOUTPUT_FORMAT,name,instance_number);
data/dx-4.4.4/src/uipp/dxui/Node.C:3490:3:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
		sprintf(oname,OBJVAL_FORMAT,modoutput_name,
data/dx-4.4.4/src/uipp/dxui/Node.C:3593:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		    sprintf (src_name, "%s_%d", src_ns, src_instno);
data/dx-4.4.4/src/uipp/dxui/NodeDefinition.C:256:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(mdf, "%s%s%s",
data/dx-4.4.4/src/uipp/dxui/NodeDefinition.C:279:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(category,"CATEGORY %s\n", this->getCategoryString());
data/dx-4.4.4/src/uipp/dxui/NodeDefinition.C:284:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(description,"DESCRIPTION %s\n", this->getDescription());
data/dx-4.4.4/src/uipp/dxui/NodeDefinition.C:290:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(io_board,"OUTBOARD \"%s\" ; %s\n",
data/dx-4.4.4/src/uipp/dxui/NodeDefinition.C:294:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(io_board,"LOADABLE %s\n", this->getDynamicLoadFile());
data/dx-4.4.4/src/uipp/dxui/NodeDefinition.C:299:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(flags,"FLAGS%s%s%s%s%s%s%s%s%s\n",
data/dx-4.4.4/src/uipp/dxui/NodeDefinition.C:319:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(header,"MODULE %s\n"
data/dx-4.4.4/src/uipp/dxui/NodeDefinition.C:359:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(&params[currend], line);
data/dx-4.4.4/src/uipp/dxui/ParameterDefinition.C:267:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(p,"%s",typeNames[i]);
data/dx-4.4.4/src/uipp/dxui/ParameterDefinition.C:269:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(p,"%s or ",typeNames[i]);
data/dx-4.4.4/src/uipp/dxui/ParameterDefinition.C:313:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(mdf,"INPUT %s %s ; %s ; %s ; %s\n",
data/dx-4.4.4/src/uipp/dxui/ParameterDefinition.C:320:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(mdf,"OUTPUT %s %s ; %s ; %s\n",
data/dx-4.4.4/src/uipp/dxui/PickNode.C:45:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(string, "%s_%d", this->getNameString(), this->getInstanceNumber());
data/dx-4.4.4/src/uipp/dxui/PickNode.C:112:3:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
		strcat(newValue, s);
data/dx-4.4.4/src/uipp/dxui/PickNode.C:119:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		strcpy(newValue, value);
data/dx-4.4.4/src/uipp/dxui/PickNode.C:124:3:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
		strcat(newValue, s);
data/dx-4.4.4/src/uipp/dxui/PickNode.C:145:3:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
		strcat(newValue, s);
data/dx-4.4.4/src/uipp/dxui/PickNode.C:149:4:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
			strcat(newValue, term);
data/dx-4.4.4/src/uipp/dxui/ProbeNode.C:40:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(string, "%s_%d", this->getNameString(), this->getInstanceNumber());
data/dx-4.4.4/src/uipp/dxui/ProbeNode.C:171:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(string,"%s = %s;\n", outputParam, this->getOutputValueString(1));
data/dx-4.4.4/src/uipp/dxui/ProbeNode.C:217:10:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function. If the scanf format is influenceable by an
  attacker, it's exploitable.
    if ((sscanf("%s_%d",curr_label,name,&instance) == 2) &&
data/dx-4.4.4/src/uipp/dxui/ProbeNode.C:241:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(dflt_label, "%s_%d", nodename, this->getInstanceNumber());
data/dx-4.4.4/src/uipp/dxui/ReceiverNode.C:74:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(string,"%s = %s;\n", outputParam, this->getLabelString());
data/dx-4.4.4/src/uipp/dxui/ResetNode.C:99:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(p,"[oneshot:%s]",reset);
data/dx-4.4.4/src/uipp/dxui/SaveMacroCommand.C:59:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(message, "Do you want to save macro %s as file: %s?", 
data/dx-4.4.4/src/uipp/dxui/ScalarListInteractor.C:488:3:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
		strcat(p,s);
data/dx-4.4.4/src/uipp/dxui/ScalarListNode.C:280:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(v,"%s ",vec);
data/dx-4.4.4/src/uipp/dxui/ScalarNode.C:1101:6:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
	    sscanf(comment,
data/dx-4.4.4/src/uipp/dxui/ScalarNode.C:1206:2:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
	sscanf(comment,
data/dx-4.4.4/src/uipp/dxui/ScalarNode.C:1217:6:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
	    sscanf(comment,
data/dx-4.4.4/src/uipp/dxui/SelectionNode.C:581:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(str,"\"%s\"",label);
data/dx-4.4.4/src/uipp/dxui/SelectionNode.C:766:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(p,"\"%s\" ",values[i]);
data/dx-4.4.4/src/uipp/dxui/SelectionNode.C:768:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(p,"%s ",values[i]);
data/dx-4.4.4/src/uipp/dxui/SelectionNode.C:940:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf (stmt, "%s%s.selectOption(%d);\n", indent, var_name, i);
data/dx-4.4.4/src/uipp/dxui/SequencerNode.C:185:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    	sprintf(s, "    %sSequencer_%d_out_1 = @frame;\n", prefix, inst);
data/dx-4.4.4/src/uipp/dxui/SequencerNode.C:197:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(s,"    %s = @frame;\n%s", buf, call);
data/dx-4.4.4/src/uipp/dxui/SequencerNode.C:424:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(s, 
data/dx-4.4.4/src/uipp/dxui/SequencerNode.C:436:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(s,
data/dx-4.4.4/src/uipp/dxui/SequencerNode.C:973:14:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
    parsed = sscanf(line,"%s %d %d", buffer, &frame, &next_frame);
data/dx-4.4.4/src/uipp/dxui/TransmitterNode.C:59:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(string, "%s = %s;\n", this->getLabelString(), source);
data/dx-4.4.4/src/uipp/dxuilib/ApplicIF.C:129:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(s, "Received %s\n",&this->line[i]);
data/dx-4.4.4/src/uipp/dxuilib/AutoAxesDialog.C:2843:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(colors, str);
data/dx-4.4.4/src/uipp/dxuilib/AutoAxesDialog.C:2858:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(colors, str);
data/dx-4.4.4/src/uipp/dxuilib/AutoAxesDialog.C:2873:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(colors, str);
data/dx-4.4.4/src/uipp/dxuilib/AutoAxesDialog.C:2888:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(colors, str);
data/dx-4.4.4/src/uipp/dxuilib/ColormapEditor.C:1196:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf (name, "%s%d", this->name,inum);
data/dx-4.4.4/src/uipp/dxuilib/CommentStyle.C:55:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy (cp, CommentStyle::ParseBuffer);
data/dx-4.4.4/src/uipp/dxuilib/CommentStyle.C:66:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy (cp, text);
data/dx-4.4.4/src/uipp/dxuilib/CommentStyle.C:83:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf (begin_stmnt, "%s_begin", this->getKeyword());
data/dx-4.4.4/src/uipp/dxuilib/CommentStyle.C:84:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf (end_stmnt, "%s_end", this->getKeyword());
data/dx-4.4.4/src/uipp/dxuilib/CommentStyle.C:175:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf (begin_stmnt, "%s_begin", this->getKeyword());
data/dx-4.4.4/src/uipp/dxuilib/CommentStyle.C:176:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf (end_stmnt, "%s_end", this->getKeyword());
data/dx-4.4.4/src/uipp/dxuilib/ConfigurationDialog.C:1127:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy(s, *ts);
data/dx-4.4.4/src/uipp/dxuilib/ConfigurationDialog.C:1132:3:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
		strcat(s, *ts);
data/dx-4.4.4/src/uipp/dxuilib/ConfigurationDialog.C:1330:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy(s, *ts);
data/dx-4.4.4/src/uipp/dxuilib/ConfigurationDialog.C:1335:3:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
		strcat(s, *ts);
data/dx-4.4.4/src/uipp/dxuilib/ConfigurationDialog.C:1365:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy(destString, dest->getNameString());
data/dx-4.4.4/src/uipp/dxuilib/ConfigurationDialog.C:1370:3:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
		strcat(destString, dest->getNameString());
data/dx-4.4.4/src/uipp/dxuilib/ConfigurationDialog.C:2182:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy (ConfigurationDialog::HelpText, nosup);
data/dx-4.4.4/src/uipp/dxuilib/ConfigurationDialog.C:2187:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(supfile,"%s/ui/syntax.txt",dxroot);
data/dx-4.4.4/src/uipp/dxuilib/ConfigurationDialog.C:2195:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy (ConfigurationDialog::HelpText, nosup);
data/dx-4.4.4/src/uipp/dxuilib/ControlPanel.C:1966:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(this->comment, comment + keyword_size);
data/dx-4.4.4/src/uipp/dxuilib/ControlPanel.C:3838:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf (name, "%s%d", this->name,this->instanceNumber);
data/dx-4.4.4/src/uipp/dxuilib/DXAnchorWindow.C:233:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy (buf, cp);
data/dx-4.4.4/src/uipp/dxuilib/DXAnchorWindow.C:560:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(t,"%s: %s", vpe_name, file);
data/dx-4.4.4/src/uipp/dxuilib/DXAnchorWindow.C:621:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy (tmpstr, c);
data/dx-4.4.4/src/uipp/dxuilib/DXAnchorWindow.C:783:44:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	char *tmpmsg = new char[strlen(msg) + 1]; strcpy (tmpmsg, msg);
data/dx-4.4.4/src/uipp/dxuilib/DXAnchorWindow.C:784:46:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	char *tmpfont = new char[strlen(font) + 1]; strcpy (tmpfont, font);
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:2078:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(s, this->resource.executiveModule);
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:2081:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(s, this->getUIRoot());
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:2083:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(s, this->resource.executiveModule);
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:2118:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(s, this->resource.uiModule);
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:2121:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(s, this->getUIRoot());
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:2123:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(s, this->resource.uiModule);
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:2206:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(msg,"AIX has notified %s that the User Interface\nis in "
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:2210:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(msg,"The operating system has issued a SIGDANGER to %s\n",
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:2524:3:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
		printf(
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:2631:3:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
		strcat(this->serverInfo.executiveFlags, argv[i]);
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:2643:4:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
			sprintf(buf,"%s/ui/viewer.net",this->getUIRoot());
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:2758:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(path,"%s/ui",this->getUIRoot());
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:3107:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(args, this->serverInfo.executive);
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:3114:7:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    	strcat(args, this->serverInfo.workingDirectory);
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:3117:10:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	        strcat(args, this->serverInfo.workingDirectory);
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:3122:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(args, this->serverInfo.userModules);
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:3140:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(args, l);
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:3146:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(args, this->serverInfo.executiveFlags);
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:3149:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(cmd, "dx %s", args);
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:3153:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(cmd,"%s/bin/dx %s",this->getUIRoot(),args);
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:3252:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(netname, name);
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:3399:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(s, "Connection to %s failed.", server);
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:3416:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(s, "Your connection to %s has been accepted.", server);
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:3424:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(s, "Your connection to server %s has been accepted.  Do you want to disconnect from %s and connect to it?", server, this->serverInfo.server);
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:3656:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(s, "Connection to server %s failed:\n\n%s", 
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:3670:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(s, "Connection to server %s has been queued", 
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:4019:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(sbuf,"Executive(\"package\",\"%s\");\n",file);
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:4460:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(buf,"license %s",outkey);
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:4603:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(buf,"%d minute%s %d seconds",
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:4606:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(buf,"%d minute%s", minutes, minutes == 1? "": "s");
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:4625:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(buffer,
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:4706:4:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
			sprintf(buf,"%s/%s",dirs[i],basename);
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:4708:4:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
			strcat(msg,buf);
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:4718:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(buf,"\n%s will now terminate.",
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:4720:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(msg, buf);
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:4780:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buf,
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:4974:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(buf,"%s\\%s",dirs[i],basename);
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:4976:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(buf,"%s/%s",dirs[i],basename);
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:4979:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		   strcpy (msg, introMsg);
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:4983:3:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
		strcat(msg,buf);
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:5086:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(achDate, "%s", __DATE__);
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:5087:5:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
    sscanf(achDate, "%s%s%s", szMonth, szDay, szYear);
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:5178:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy (dx, cp);
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:5182:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf (date_file, "%s/ui/date.fmt", dx);
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:5183:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf (date_mask, "DATEMSK=%s", date_file);
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:5197:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf (date_time, "%s %s EDT", compile_date, compile_time);
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:5220:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf (date_time, "%s %s", compile_date, compile_time);
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:181:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(remoteHostname, he->h_name);
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:184:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(localHostname, he->h_name);
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:196:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(localhostHostname, he->h_name);
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:221:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(remoteHostname, he->h_name);
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:226:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(localhostHostname, he->h_name);
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:357:17:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
                strcat (s, av[0]);
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:404:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(script_name,"/tmp/dx-%s:%d",Uts_Name.nodename,getpid());
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:412:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(cmd, "%s -c \"%s %s -l %s 'cat > %s' > /dev/null 2>&1\"",
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:415:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(cmd, "%s -c \"%s %s 'cat > %s' > /dev/null 2>&1\"",
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:422:14:  [4] (shell) popen:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
        fp = popen(cmd,"w");
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:597:13:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
            strcat(ptr,av[i]);
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:653:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(exename,av[0]);
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:661:9:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
        strcat(cmd,exename);
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:667:13:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
            strcat(cmd, host);
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:671:9:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
        strcat(cmd,exename);
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:677:13:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
            strcat(cmd, av[i]);
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:747:17:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
                sprintf(errstr,"Could not connect using '%s'\n",fargv[0]);
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:923:21:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
                    sscanf(s, "host = %s", buf);
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:1297:17:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
                sscanf(s, "host = %s", buf);
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:1336:21:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
                    sscanf(s, "host = %s", buf);
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:1443:21:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
                    sscanf(s, "host = %s", buf);
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:1520:25:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
                        sscanf(s, "host = %s", buf);
data/dx-4.4.4/src/uipp/dxuilib/DXDragSource.C:100:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(netfilename, "%sdx%d.net", tmpdir, getpid());
data/dx-4.4.4/src/uipp/dxuilib/DXDragSource.C:101:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(cfgfilename, "%sdx%d.cfg", tmpdir, getpid());
data/dx-4.4.4/src/uipp/dxuilib/DXDragSource.C:103:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(netfilename, "%s/dx%d.net", tmpdir, getpid());
data/dx-4.4.4/src/uipp/dxuilib/DXDragSource.C:104:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(cfgfilename, "%s/dx%d.cfg", tmpdir, getpid());
data/dx-4.4.4/src/uipp/dxuilib/DXDragSource.C:177:5:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
    sprintf (header, header_fmt, hostname, getpid(), net_len, cfg_len);
data/dx-4.4.4/src/uipp/dxuilib/DXDragSource.C:186:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(buf, header);
data/dx-4.4.4/src/uipp/dxuilib/DXDropSite.C:71:8:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function. If the scanf format is influenceable by an
  attacker, it's exploitable.
    if(sscanf(buf, header_fmt, draghost, &dragpid, &net_len, &cfg_len) < 4)
data/dx-4.4.4/src/uipp/dxuilib/DXDropSite.C:98:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(netfilename, "%s/dx%d.net", theDXApplication->getTmpDirectory(), getpid());
data/dx-4.4.4/src/uipp/dxuilib/DXDropSite.C:113:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(cfgfilename, "%s/dx%d.cfg", theDXApplication->getTmpDirectory(), getpid());
data/dx-4.4.4/src/uipp/dxuilib/DXExecCtl.C:277:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command, "sequence %s();\n", 
data/dx-4.4.4/src/uipp/dxuilib/DXExecCtl.C:363:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	     strcpy(command, pressed ? "palindrome on;\n" : "palindrome off;\n");
data/dx-4.4.4/src/uipp/dxuilib/DXExecCtl.C:378:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	     strcpy(command, pressed ?  "loop on;\n" : "loop off;\n");
data/dx-4.4.4/src/uipp/dxuilib/DXExecCtl.C:467:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(s, theDXApplication->network->getNameString());
data/dx-4.4.4/src/uipp/dxuilib/DXExecCtl.C:565:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(s, theDXApplication->network->getNameString());
data/dx-4.4.4/src/uipp/dxuilib/DXExecCtl.C:584:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(s, theDXApplication->network->getNameString());
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:158:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(buffer,"OpenColormapEditor: invalid qualifier (%s)", p);
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:191:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(buffer,"CloseColormapEditor: invalid qualifier (%s)", p);
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:233:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(buffer, "SetRenderMode: "
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:264:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(buffer, "OpenImage: unable to open image (%s)", c);
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:298:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(buffer, "OpenImage: unable to open image (%s)", c);
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:413:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(buf, c);
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:469:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(buffer, "Error opening network file %s", c);
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:525:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(buffer, "Error saving network file %s", net);
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:527:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(buffer, "Error saving network file %s",
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:580:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(buffer, "Error opening network file %s", c);
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:602:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(buffer, "Error opening configuration file %s", c);
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:686:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(buffer, "Error saving configuration file %s", c);
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:708:5:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
    sscanf(c, "%s = %n", label, &length);
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:738:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(s,"%s = %s;",label,value);
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:788:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(buffer, "Macro %s not found", macro);
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:797:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(buffer,"Module %s:%d not found", module, inst);
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:807:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(buffer,"Value \"%s\" not valid for %sput %d of %s",
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:859:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(buffer,"Macro %s not found", macro);
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:868:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(buffer,"Module %s:%d not found", module, inst);
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:1028:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(buffer, "no nodes with label %s found", c);
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:1053:5:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
    sscanf(c, "%s %d [%f, %f, %f]", probeName, &n, &x, &y, &z);
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:1086:9:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
    n = sscanf(c, "%s %s", arg0, arg1);
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:1126:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(buffer, 
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:1174:9:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
    n = sscanf(c, "%s %s %s", mode, qualifier0, qualifier1);
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:1186:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(buffer,
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:1227:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(buffer, "SetInteractionMode: could not set '%s' mode",mode);
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:1255:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(buffer,
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:1274:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(buffer,
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:1303:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(buffer, "LoadMacroFile: %s", msg);
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:1321:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(buffer, "LoadMacroDirectory: %s", msg);
data/dx-4.4.4/src/uipp/dxuilib/DXPacketIF.C:300:5:  [4] (format) vsprintf:
  Potential format string problem (CWE-134). Make format string constant.
    vsprintf(buffer,(char*)fmt,ap);
data/dx-4.4.4/src/uipp/dxuilib/DXPacketIF.C:326:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    int l = sprintf
data/dx-4.4.4/src/uipp/dxuilib/DXWindow.C:332:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(s,"Control Panel Access:%s",this->title);
data/dx-4.4.4/src/uipp/dxuilib/DXWindow.C:525:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(s,"Control Panel Access:%s",this->title);
data/dx-4.4.4/src/uipp/dxuilib/DescrDialog.C:69:5:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
    sprintf(buffer, title, this->node->getNameString());
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:4244:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(t,"%s: %s", vpe_name, p);
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:4609:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf (footer, "%s - page %d of %d", group_name, page_number, of_howmany);
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:4964:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(p,"%s  ",name);
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:5703:8:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
			    sprintf (msg, 
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:5748:8:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
			    sprintf (msg, 
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:6003:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(netfilename, "%sdx%d.net", tmpdir, getpid());
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:6004:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(cfgfilename, "%sdx%d.cfg", tmpdir, getpid());
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:6006:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(netfilename, "%s/dx%d.net", tmpdir, getpid());
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:6007:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(cfgfilename, "%s/dx%d.cfg", tmpdir, getpid());
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:6013:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf (msg, "Copy failed: %s", strerror(errno));
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:6031:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf (msg, "Copy failed (fopen): %s", strerror(errno));
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:6046:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf (msg, "Copy failed (fread): %s", strerror(errno));
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:6060:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf (msg, "Copy failed (stat): %s", strerror(errno));
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:6075:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf (msg, "Copy failed (fread): %s", strerror(errno));
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:6295:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(net_file_name, "%sdx%d.net", tmpdir, getpid());
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:6296:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(cfg_file_name, "%sdx%d.cfg", tmpdir, getpid());
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:6298:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(net_file_name, "%s/dx%d.net", tmpdir, getpid());
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:6299:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(cfg_file_name, "%s/dx%d.cfg", tmpdir, getpid());
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:6309:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf (msg, "Paste failed (fopen): %s", strerror(errno));
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:6324:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf (msg, "Paste failed (fopen): %s", strerror(errno));
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:7179:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(jxmacros,uiroot);
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:7180:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(jxmacros,macros);
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:7205:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf (uniq_file, "%s/foo.bar", tmpdir);
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:7208:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf (uniq_file, "%s.net", holder_file);
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:7541:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat (button_label, cp);
data/dx-4.4.4/src/uipp/dxuilib/EditorWorkSpace.C:303:6:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
	    sscanf ((char *)value, "%[^:]:%s", category, toolname);
data/dx-4.4.4/src/uipp/dxuilib/FileSelectorInstance.C:37:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(cf, filter);
data/dx-4.4.4/src/uipp/dxuilib/FindStack.C:35:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(this->name, name);
data/dx-4.4.4/src/uipp/dxuilib/FindStack.C:36:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(this->label, label);
data/dx-4.4.4/src/uipp/dxuilib/FindStack.C:57:8:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
       strcpy(name, element->name);
data/dx-4.4.4/src/uipp/dxuilib/FindStack.C:58:8:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
       strcpy(label, element->label);
data/dx-4.4.4/src/uipp/dxuilib/FindToolDialog.C:656:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(data->lastName, name);
data/dx-4.4.4/src/uipp/dxuilib/GroupedObject.C:121:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf (buf, " %s group:", mgr_name);
data/dx-4.4.4/src/uipp/dxuilib/HelpOnPanelDialog.C:48:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(dialogTitle,"Help On %s...",title);
data/dx-4.4.4/src/uipp/dxuilib/ImageFormat.C:59:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf (formstr, "%s delayed=1", cp);
data/dx-4.4.4/src/uipp/dxuilib/ImageFormat.C:61:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy (formstr, cp);
data/dx-4.4.4/src/uipp/dxuilib/ImageFormat.C:64:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf (formstr, "%s gamma=%lg delayed=1", cp, gamma);
data/dx-4.4.4/src/uipp/dxuilib/ImageFormat.C:66:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf (formstr, "%s gamma=%lg", cp, gamma);
data/dx-4.4.4/src/uipp/dxuilib/ImageFormatDialog.C:570:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buf, "dxfSaveCurrentImage(NULL, 0, 0.0, \"%s\", \"%s\", %s);",
data/dx-4.4.4/src/uipp/dxuilib/ImageFormatDialog.C:596:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buf, "dxfSaveCurrentImage(\"%s\", %d, %f, \"%s\", \"%s\", NULL);",
data/dx-4.4.4/src/uipp/dxuilib/ImageFormatREX.C:62:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf (file_to_delete, "%s.r", srcfile);
data/dx-4.4.4/src/uipp/dxuilib/ImageFormatREX.C:64:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf (file_to_delete, "%s.g", srcfile);
data/dx-4.4.4/src/uipp/dxuilib/ImageFormatREX.C:66:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf (file_to_delete, "%s.b", srcfile);
data/dx-4.4.4/src/uipp/dxuilib/ImageFormatREX.C:68:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf (file_to_delete, "%s.size", srcfile);
data/dx-4.4.4/src/uipp/dxuilib/ImageFormatRGB.C:61:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf (file_to_delete, "%s.rgb", srcfile);
data/dx-4.4.4/src/uipp/dxuilib/ImageFormatRGB.C:63:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf (file_to_delete, "%s.size", srcfile);
data/dx-4.4.4/src/uipp/dxuilib/ImageFormatYUV.C:62:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf (file_to_delete, "%s.yuv", srcfile);
data/dx-4.4.4/src/uipp/dxuilib/ImageFormatYUV.C:64:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf (file_to_delete, "%s.size", srcfile);
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:886:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy (&buffer[buflen], tmpbuf); buflen+= len;
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:1298:4:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
			strcpy (&tmpbuf[buflen], mac[i]);
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:1693:7:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
		if (sscanf(display, "%[^:]:%s", host, unit) == 2)
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:1717:12:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
		else if (sscanf(display, ":%s", unit) == 1)
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:3391:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(t,"%s: %s", node_name,file);
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:7711:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf (name, "%s%d", this->name,pos);
data/dx-4.4.4/src/uipp/dxuilib/InteractorInstance.C:456:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf (this->java_var_name, "%s_%s_%d", var_part, name_string, ino);
data/dx-4.4.4/src/uipp/dxuilib/InteractorStyle.C:335:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(this->interactorName,"%sInteractor",styleName);
data/dx-4.4.4/src/uipp/dxuilib/JavaNet.C:151:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf (this->html_file, "%s/%s%s", pathn, this->base_name, ext);
data/dx-4.4.4/src/uipp/dxuilib/JavaNet.C:156:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf (this->make_file, "%s/%s%s", pathn, this->base_name, ext);
data/dx-4.4.4/src/uipp/dxuilib/JavaNet.C:161:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf (this->applet_file, "%s/%s%s", pathn, this->base_name, ext);
data/dx-4.4.4/src/uipp/dxuilib/JavaNet.C:166:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf (this->bean_file, "%s/%s%s", pathn, this->base_name, ext);
data/dx-4.4.4/src/uipp/dxuilib/JavaNet.C:194:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy (tbuf, format);
data/dx-4.4.4/src/uipp/dxuilib/JavaNet.C:196:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf (tbuf, "\"%s\"", format);
data/dx-4.4.4/src/uipp/dxuilib/JavaNet.C:240:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy (&msg[msglen], tbuf);
data/dx-4.4.4/src/uipp/dxuilib/JavaNet.C:245:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf (tbuf, "%s\n", cp);
data/dx-4.4.4/src/uipp/dxuilib/JavaNet.C:246:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy (&msg[msglen], tbuf);
data/dx-4.4.4/src/uipp/dxuilib/JavaNet.C:720:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf (fname, "%s%d", this->base_name, f); 
data/dx-4.4.4/src/uipp/dxuilib/JavaNet.C:722:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf (fname, "%s/%s%d", pathn, this->base_name, f); 
data/dx-4.4.4/src/uipp/dxuilib/LabelDecorator.C:432:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy (this->font, font);
data/dx-4.4.4/src/uipp/dxuilib/LabelDecorator.C:542:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		strcpy (line1, filtered);
data/dx-4.4.4/src/uipp/dxuilib/LabelDecorator.C:543:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		strcpy (line2, &filtered[i+1]);
data/dx-4.4.4/src/uipp/dxuilib/LabelDecorator.C:620:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		strcpy (&label_buf[os], text);
data/dx-4.4.4/src/uipp/dxuilib/LabelDecorator.C:647:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy (label_buf, re_escaped_label_buf);
data/dx-4.4.4/src/uipp/dxuilib/LabelDecorator.C:769:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy ((char *)*value, cp);
data/dx-4.4.4/src/uipp/dxuilib/LabelDecorator.C:923:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf (lvar, "%s_label_%d", var_name, instance_no);
data/dx-4.4.4/src/uipp/dxuilib/LabelDecorator.C:1041:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy (&label_buf[os], text);
data/dx-4.4.4/src/uipp/dxuilib/MoveNodesDialog.C:245:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf (msg, "Page %s doesn't exist.", name);
data/dx-4.4.4/src/uipp/dxuilib/MoveNodesDialog.C:257:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf (msg, "Unable to move selected items to %s", name);
data/dx-4.4.4/src/uipp/dxuilib/MsgWin.C:555:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
						strcpy(p, netName);
data/dx-4.4.4/src/uipp/dxuilib/MsgWin.C:998:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		strcpy(netName, nodeName);
data/dx-4.4.4/src/uipp/dxuilib/MsgWin.C:1032:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		strcpy(netName, nodeName);
data/dx-4.4.4/src/uipp/dxuilib/MsgWin.C:1126:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf (confMsg, "Open editor on %s (%s)?", macro, file);
data/dx-4.4.4/src/uipp/dxuilib/Network.C:122:9:  [4] (shell) popen:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
#define	popen	_popen
data/dx-4.4.4/src/uipp/dxuilib/Network.C:898:8:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
       strcpy(this->prefix,s);
data/dx-4.4.4/src/uipp/dxuilib/Network.C:1691:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(message, "%s:\n",msg);
data/dx-4.4.4/src/uipp/dxuilib/Network.C:1697:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(p,"     %s.",nodes->getStringKey(i));
data/dx-4.4.4/src/uipp/dxuilib/Network.C:1699:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(p,"     %s,\n",nodes->getStringKey(i));
data/dx-4.4.4/src/uipp/dxuilib/Network.C:1948:17:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
                sprintf(buf,"The macro %s", md->getNameString());
data/dx-4.4.4/src/uipp/dxuilib/Network.C:2064:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(this->comment, comment + STRLEN(" comment: "));
data/dx-4.4.4/src/uipp/dxuilib/Network.C:2583:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(_current_module,name);
data/dx-4.4.4/src/uipp/dxuilib/Network.C:3076:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(file, filename);
data/dx-4.4.4/src/uipp/dxuilib/Network.C:3087:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(file,NetExtension);
data/dx-4.4.4/src/uipp/dxuilib/Network.C:3107:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(file, filename);
data/dx-4.4.4/src/uipp/dxuilib/Network.C:3135:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(file,CfgExtension);
data/dx-4.4.4/src/uipp/dxuilib/Network.C:3176:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(fullName, buf);
data/dx-4.4.4/src/uipp/dxuilib/Network.C:3177:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(fullName, NetExtension);
data/dx-4.4.4/src/uipp/dxuilib/Network.C:3208:13:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
            strcat(buf, this->fileName);
data/dx-4.4.4/src/uipp/dxuilib/Network.C:3461:6:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
	if (fprintf(f, 
data/dx-4.4.4/src/uipp/dxuilib/Network.C:3793:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
					strcpy(types, strings[0]);
data/dx-4.4.4/src/uipp/dxuilib/Network.C:3797:7:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
						strcat(types, strings[j]);
data/dx-4.4.4/src/uipp/dxuilib/Network.C:3856:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
					strcpy(types, strings[0]);
data/dx-4.4.4/src/uipp/dxuilib/Network.C:3860:7:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
						strcat(types, strings[j]);
data/dx-4.4.4/src/uipp/dxuilib/Network.C:5711:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(buf,"%s/bin_%s/dxdecode", 
data/dx-4.4.4/src/uipp/dxuilib/Network.C:5715:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(cmd,"eval \"_$$=%s\";export _$$;%s %s", key, decoder, netfile );
data/dx-4.4.4/src/uipp/dxuilib/Network.C:5718:9:  [4] (shell) popen:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    f = popen (cmd, "r");
data/dx-4.4.4/src/uipp/dxuilib/Network.C:5886:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(nf,"%s.c",filename);
data/dx-4.4.4/src/uipp/dxuilib/Network.C:6223:4:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
			sprintf (buf, " %s group:", mgr_name);
data/dx-4.4.4/src/uipp/dxuilib/Network.C:6457:3:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
		strcat(s,s2);
data/dx-4.4.4/src/uipp/dxuilib/Network.C:6586:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf (msg, 
data/dx-4.4.4/src/uipp/dxuilib/Network.C:6598:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf (new_name, "%s_xcvr", tn->getLabelString());
data/dx-4.4.4/src/uipp/dxuilib/Network.C:6601:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf (msg, "Transmitter \"%s\" in macro %s was\n"
data/dx-4.4.4/src/uipp/dxuilib/Network.C:6605:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(msg, 
data/dx-4.4.4/src/uipp/dxuilib/Network.C:6609:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf (tbuf, "\n   \"%s\" is now \"%s\"", tn->getLabelString(), new_name);
data/dx-4.4.4/src/uipp/dxuilib/Network.C:6610:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy (&msg[offs], tbuf);
data/dx-4.4.4/src/uipp/dxuilib/Network.C:6790:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf (newname, "%s_%ld_%s", src->getNameString(), 
data/dx-4.4.4/src/uipp/dxuilib/OpenNetworkDialog.C:128:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(pc, p);
data/dx-4.4.4/src/uipp/dxuilib/PacketIF.C:251:7:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
	if ((fprintf
data/dx-4.4.4/src/uipp/dxuilib/PacketIF.C:265:6:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	l = sprintf
data/dx-4.4.4/src/uipp/dxuilib/PacketIF.C:284:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(echo_string, "%d [%s]: ", packetId, PacketIF::PacketTypes[type]);
data/dx-4.4.4/src/uipp/dxuilib/PacketIF.C:822:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(newString, string);
data/dx-4.4.4/src/uipp/dxuilib/PacketIF.C:1015:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(s, "Received %s:%d: %s\n",
data/dx-4.4.4/src/uipp/dxuilib/PacketIF.C:1171:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		strcpy(buffer,this->line);
data/dx-4.4.4/src/uipp/dxuilib/PacketIF.C:1207:3:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
		strcat(this->line, string);
data/dx-4.4.4/src/uipp/dxuilib/PageSelector.C:814:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf (errMsg, "Page name %s is already in use.", new_name);
data/dx-4.4.4/src/uipp/dxuilib/PanelAccessManager.C:154:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy(gname,name);
data/dx-4.4.4/src/uipp/dxuilib/PanelAccessManager.C:297:5:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
    sscanf(comment, "%*s %s", name);
data/dx-4.4.4/src/uipp/dxuilib/PanelGroupManager.C:236:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(name,c);
data/dx-4.4.4/src/uipp/dxuilib/Parameter.C:398:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(code,"%sfloat %s_tmp1[] = { ",indent, tag);
data/dx-4.4.4/src/uipp/dxuilib/Parameter.C:408:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(code,"%sint %s_tmp1[] = { ",indent, tag);
data/dx-4.4.4/src/uipp/dxuilib/Parameter.C:438:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(code,"%sfloat %s_tmp1[] = { ",indent, tag);
data/dx-4.4.4/src/uipp/dxuilib/Parameter.C:448:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(code,"%sint %s_tmp1[] = { ",indent, tag);
data/dx-4.4.4/src/uipp/dxuilib/Parameter.C:527:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(code,
data/dx-4.4.4/src/uipp/dxuilib/Parameter.C:533:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(code,"%s%s = NULL;\n",indent,lvalue);
data/dx-4.4.4/src/uipp/dxuilib/Parameter.C:541:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(code,
data/dx-4.4.4/src/uipp/dxuilib/ParameterCDB.C:413:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(s, types[i]);
data/dx-4.4.4/src/uipp/dxuilib/ParameterCDB.C:417:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(s, types[i]);
data/dx-4.4.4/src/uipp/dxuilib/ParameterCDB.C:475:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(s, types[i]);
data/dx-4.4.4/src/uipp/dxuilib/ParameterCDB.C:479:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(s, types[i]);
data/dx-4.4.4/src/uipp/dxuilib/ParameterCDB.C:541:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf (tbuf, " %s ", options[i]);
data/dx-4.4.4/src/uipp/dxuilib/ParameterCDB.C:542:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy (&oval[len], tbuf);
data/dx-4.4.4/src/uipp/dxuilib/ParameterCDB.C:751:3:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
		strcat(newValue, value);
data/dx-4.4.4/src/uipp/dxuilib/ParseMDF.C:1727:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(pathname, "%s/lib/dx.mdf", root);
data/dx-4.4.4/src/uipp/dxuilib/ParseMDF.C:1735:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(pathname, "%s/ui/ui.mdf", root);
data/dx-4.4.4/src/uipp/dxuilib/PostScriptImageFormat.C:168:2:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	sprintf (tbuf, PAGE_SIZE_FMT, 
data/dx-4.4.4/src/uipp/dxuilib/PostScriptImageFormat.C:171:2:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	sprintf (tbuf, PAGE_SIZE_FMT, this->page_width, this->page_height);
data/dx-4.4.4/src/uipp/dxuilib/PostScriptImageFormat.C:563:2:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	sprintf (tbuf, PAGE_SIZE_FMT, this->page_width * CM_PER_INCH,
data/dx-4.4.4/src/uipp/dxuilib/PostScriptImageFormat.C:566:2:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	sprintf (tbuf, PAGE_SIZE_FMT, this->page_width, this->page_height);
data/dx-4.4.4/src/uipp/dxuilib/PostScriptImageFormat.C:661:25:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
	    int items_parsed = sscanf (cp, "%s", psize);
data/dx-4.4.4/src/uipp/dxuilib/PostScriptImageFormat.C:707:2:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	sprintf (tbuf, PAGE_SIZE_FMT, 
data/dx-4.4.4/src/uipp/dxuilib/PostScriptImageFormat.C:710:2:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	sprintf (tbuf, PAGE_SIZE_FMT, this->page_width, this->page_height);
data/dx-4.4.4/src/uipp/dxuilib/PostScriptImageFormat.C:906:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf (msg, 
data/dx-4.4.4/src/uipp/dxuilib/PostScriptImageFormat.C:1022:6:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	    sprintf (tbuf, PAGE_SIZE_FMT, 
data/dx-4.4.4/src/uipp/dxuilib/PostScriptImageFormat.C:1025:6:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	    sprintf (tbuf, PAGE_SIZE_FMT, this->page_width, this->page_height);
data/dx-4.4.4/src/uipp/dxuilib/PostScriptImageFormat.C:1067:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy (&formstr[totlen], cp);
data/dx-4.4.4/src/uipp/dxuilib/PostScriptImageFormat.C:1073:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy (&formstr[totlen], tbuf);
data/dx-4.4.4/src/uipp/dxuilib/PostScriptImageFormat.C:1080:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy (&formstr[totlen], tbuf);
data/dx-4.4.4/src/uipp/dxuilib/PostScriptImageFormat.C:1094:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy (&formstr[totlen], tbuf);
data/dx-4.4.4/src/uipp/dxuilib/PostScriptImageFormat.C:1102:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf (tbuf, "page=%s", cp);
data/dx-4.4.4/src/uipp/dxuilib/PostScriptImageFormat.C:1103:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy (&formstr[totlen], tbuf);
data/dx-4.4.4/src/uipp/dxuilib/PostScriptImageFormat.C:1112:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy (&formstr[totlen], tbuf);
data/dx-4.4.4/src/uipp/dxuilib/PostScriptImageFormat.C:1161:6:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	    sprintf (tbuf, SIZE_FMT, width * CM_PER_INCH, height * CM_PER_INCH);
data/dx-4.4.4/src/uipp/dxuilib/PostScriptImageFormat.C:1163:6:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	    sprintf (tbuf, SIZE_FMT, width, height);
data/dx-4.4.4/src/uipp/dxuilib/PrintImageDialog.C:141:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(cmd, "!%s", this->command_str);
data/dx-4.4.4/src/uipp/dxuilib/PrintProgramDialog.C:270:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(fileB, "%s.ps",fileA);
data/dx-4.4.4/src/uipp/dxuilib/PrintProgramDialog.C:343:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf(p,"%s.ps",filename);
data/dx-4.4.4/src/uipp/dxuilib/PrintProgramDialog.C:380:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(cmd,"(lpr -P%s %s; rm -f %s) &", printer, filename, filename);
data/dx-4.4.4/src/uipp/dxuilib/PrintProgramDialog.C:381:2:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
	system(cmd);
data/dx-4.4.4/src/uipp/dxuilib/ProcessGroupManager.C:371:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
				strcat(grouplist, group);
data/dx-4.4.4/src/uipp/dxuilib/ProcessGroupManager.C:499:18:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                 strcpy(grouplist, group);
data/dx-4.4.4/src/uipp/dxuilib/ProcessGroupManager.C:505:21:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
                    strcat(grouplist, group);
data/dx-4.4.4/src/uipp/dxuilib/ProcessGroupManager.C:544:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(cmd, "Executive(\"group detach\",{\"%s\"});\n", group);
data/dx-4.4.4/src/uipp/dxuilib/ProcessGroupManager.C:566:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    	sprintf(cmd, "Executive(\"group attach\", {\"%s: %s %s\"});\n", 
data/dx-4.4.4/src/uipp/dxuilib/ProcessGroupManager.C:569:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    	sprintf(cmd, "Executive(\"group attach\", {\"%s: %s\"});\n", 
data/dx-4.4.4/src/uipp/dxuilib/ProcessGroupManager.C:729:21:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
                    strcpy(grouplist, group);
data/dx-4.4.4/src/uipp/dxuilib/ProcessGroupManager.C:735:21:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
                    strcat(grouplist, group);
data/dx-4.4.4/src/uipp/dxuilib/ProcessGroupOptionsDialog.C:88:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(newS, s+cs->endPos);
data/dx-4.4.4/src/uipp/dxuilib/ProcessGroupOptionsDialog.C:130:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(args, exec);
data/dx-4.4.4/src/uipp/dxuilib/ProcessGroupOptionsDialog.C:138:7:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    	strcat(args, cwd);
data/dx-4.4.4/src/uipp/dxuilib/ProcessGroupOptionsDialog.C:141:10:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	        strcat(args, cwd);
data/dx-4.4.4/src/uipp/dxuilib/ProcessGroupOptionsDialog.C:148:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(args, sMem);
data/dx-4.4.4/src/uipp/dxuilib/ProcessGroupOptionsDialog.C:153:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(args, options);
data/dx-4.4.4/src/uipp/dxuilib/ProcessGroupOptionsDialog.C:388:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(other, argv[i]);
data/dx-4.4.4/src/uipp/dxuilib/QueuedPackets.C:17:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy (this->data, data);
data/dx-4.4.4/src/uipp/dxuilib/ResourceManager.C:155:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy (&spec[os], str);
data/dx-4.4.4/src/uipp/dxuilib/ResourceManager.C:178:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy (result, str);
data/dx-4.4.4/src/uipp/dxuilib/ResourceManager.C:207:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf (rspec, "%s*%s", class_name,keyStr);
data/dx-4.4.4/src/uipp/dxuilib/ResourceManager.C:235:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf (rspec, "%s*%s", class_name,keyStr);
data/dx-4.4.4/src/uipp/dxuilib/SaveCFGDialog.C:74:4:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
   strcpy (file, netname);
data/dx-4.4.4/src/uipp/dxuilib/SaveImageDialog.C:205:23:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	if (fname[0] == '"') strcpy (full_filename, &fname[1]);
data/dx-4.4.4/src/uipp/dxuilib/SaveImageDialog.C:206:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	else strcpy (full_filename, fname);
data/dx-4.4.4/src/uipp/dxuilib/SaveImageDialog.C:210:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat (full_filename, ext);
data/dx-4.4.4/src/uipp/dxuilib/ScalarInstance.C:141:9:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
        strcat(s, comp_val);
data/dx-4.4.4/src/uipp/dxuilib/SelectionAttrDialog.C:108:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(value, item);
data/dx-4.4.4/src/uipp/dxuilib/SelectionAttrDialog.C:112:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    label = strcpy(label, p + 3);
data/dx-4.4.4/src/uipp/dxuilib/SelectionAttrDialog.C:296:6:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	    sprintf(buffer, VALUE_LABEL_SPRINTF_FORMAT, nvalue2, label);
data/dx-4.4.4/src/uipp/dxuilib/SelectionAttrDialog.C:345:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(vallist,value); 
data/dx-4.4.4/src/uipp/dxuilib/SelectionAttrDialog.C:346:28:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(strlist,"\""); strcat(strlist,label); strcat(strlist,"\""); 
data/dx-4.4.4/src/uipp/dxuilib/SelectionAttrDialog.C:396:6:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	    sprintf(strings[i], VALUE_LABEL_SPRINTF_FORMAT, value, name);
data/dx-4.4.4/src/uipp/dxuilib/SelectionInstance.C:70:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(title,"Set %s Attributes...",name);
data/dx-4.4.4/src/uipp/dxuilib/SeparatorDecorator.C:282:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf (svar, "%s_sep_%d", var_name, instance_no);
data/dx-4.4.4/src/uipp/dxuilib/SetDecoratorTextDialog.C:540:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy (btn_name, btn_names[i]);
data/dx-4.4.4/src/uipp/dxuilib/SetDecoratorTextDialog.C:542:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy (color_value, color_values[i]);
data/dx-4.4.4/src/uipp/dxuilib/SetDecoratorTextDialog.C:1190:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy (&newsrc[totlen], this->kern_lines[i]);
data/dx-4.4.4/src/uipp/dxuilib/SetDecoratorTextDialog.C:1299:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		strcpy (&label_buf[os], text);
data/dx-4.4.4/src/uipp/dxuilib/SetPanelCommentDialog.C:63:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(dialogTitle,"%s Comment...",title);
data/dx-4.4.4/src/uipp/dxuilib/SetScalarAttrDialog.C:1025:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(message, warning->message);
data/dx-4.4.4/src/uipp/dxuilib/SetScalarAttrDialog.C:1033:9:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
        strcat(message, colon);
data/dx-4.4.4/src/uipp/dxuilib/SetSeparatorAttrDlg.C:339:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy (btn_name, btn_names[i]);
data/dx-4.4.4/src/uipp/dxuilib/SetSeparatorAttrDlg.C:341:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy (color_value, color_values[i]);
data/dx-4.4.4/src/uipp/dxuilib/StandIn.C:573:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(str1, "%s", p->getNameString());
data/dx-4.4.4/src/uipp/dxuilib/StandIn.C:574:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(str2, "%s", this->node->getNameString());
data/dx-4.4.4/src/uipp/dxuilib/StandIn.C:579:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(str1, "%s", this->node->getNameString());
data/dx-4.4.4/src/uipp/dxuilib/StandIn.C:580:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(str2, "%s", p->getNameString());
data/dx-4.4.4/src/uipp/dxuilib/StandIn.C:1893:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(buffer,"%s:%d",label,this->node->getInstanceNumber());
data/dx-4.4.4/src/uipp/dxuilib/StandIn.C:2927:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		    strcpy(buf, tnode->getInputNameString(i));
data/dx-4.4.4/src/uipp/dxuilib/StandIn.C:2941:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
				strcpy(dup_val,val);
data/dx-4.4.4/src/uipp/dxuilib/StandIn.C:2962:4:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
			strcpy(dup_val,val);
data/dx-4.4.4/src/uipp/dxuilib/StandIn.C:2970:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		    sprintf(buf,"%s = %s", 
data/dx-4.4.4/src/uipp/dxuilib/StandIn.C:3072:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		strcpy (esc_label, extra_text);
data/dx-4.4.4/src/uipp/dxuilib/StartOptionsDialog.C:87:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(newS, s+cs->endPos);
data/dx-4.4.4/src/uipp/dxuilib/TickLabelList.C:455:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy (&buf[bufLen], cp); bufLen+= len;
data/dx-4.4.4/src/uipp/dxuilib/UndoDeletion.C:146:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy (directory, tmpdir);
data/dx-4.4.4/src/uipp/dxuilib/UndoDeletion.C:153:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(net_file_name, "%s.net", tmpFile, getpid());
data/dx-4.4.4/src/uipp/dxuilib/UndoDeletion.C:154:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(cfg_file_name, "%s.cfg", tmpFile, getpid());
data/dx-4.4.4/src/uipp/dxuilib/UndoDeletion.C:170:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf (msg, "Undo failed (fopen): %s", strerror(errno));
data/dx-4.4.4/src/uipp/dxuilib/VPEPostIt.C:237:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy (this->font, font);
data/dx-4.4.4/src/uipp/dxuilib/netyacc.c:818:21:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#  define YYFPRINTF fprintf
data/dx-4.4.4/src/uipp/java/server/DXLink.c:86:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy (dupmsg, msg);
data/dx-4.4.4/src/uipp/java/server/DXLink.c:119:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf (cmdstr, "dx %s", dxargs);
data/dx-4.4.4/src/uipp/java/server/DXLink.c:121:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy (cmdstr, cmd);
data/dx-4.4.4/src/uipp/java/server/DXLink.c:163:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy (tmpbuf, macro);
data/dx-4.4.4/src/uipp/java/server/DXLink.c:253:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy (str, net_file);
data/dx-4.4.4/src/uipp/mb/ConfirmedQCommand.C:68:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(dialogQuestion,"Do you really want to quit %s?",
data/dx-4.4.4/src/uipp/mb/MBGenerate.C:71:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(fnamecopy, filename);
data/dx-4.4.4/src/uipp/mb/MBGenerate.C:152:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buf, "%s.make", basename);
data/dx-4.4.4/src/uipp/mb/MBGenerate.C:354:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buf, "%s.mdf", basename);
data/dx-4.4.4/src/uipp/mb/MBGenerate.C:531:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buf, "%s.c", basename);
data/dx-4.4.4/src/uipp/mb/MBGenerate.C:1879:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy((dst), (src));					\
data/dx-4.4.4/src/uipp/mb/MBGenerate.C:1909:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buf, "%s.mb", basename);
data/dx-4.4.4/src/uipp/mb/MBGenerate.C:2055:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buf, "%s.mb", basename);
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:2829:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(file, filenm);
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:2836:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(file,MBExtension);
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:2850:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(title, file);
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:3352:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(title, filenm);
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:3867:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(new_string, this->comment_text);
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:3873:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(new_string, &line[ndx]);
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:4010:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(build_name,"%s/%s", theIBMApplication->getTmpDirectory(), fname);
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:4017:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(title, saved_fname ? saved_fname : "");
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:4038:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(title, saved_fname ? saved_fname : "");
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:4047:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(dest_file,"%s/%s.c", path, fname);
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:4053:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(exists_msg, (const char *)dest_file);
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:4054:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(exists_msg, (const char *)"\n");
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:4071:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(dest_file,"%s/%s.mdf", path, fname);
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:4077:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(exists_msg, (const char *)dest_file);
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:4078:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(exists_msg, (const char *)"\n");
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:4095:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(dest_file,"%s/%s.make", path, fname);
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:4101:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(exists_msg, (const char *)dest_file);
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:4102:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(exists_msg, (const char *)"\n");
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:4170:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(command,"%s/%s", theIBMApplication->getTmpDirectory(), fname);
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:4186:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(system_command, "mv \"%s/%s.c\" \"%s/%s.c\"", tmpdir, fname, path, fname);
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:4187:2:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
	system(system_command);
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:4188:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(&gen_msg[STRLEN(gen_msg)], " %s/%s.c\n", path, fname);
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:4192:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(system_command, "mv \"%s/%s.mdf\" \"%s/%s.mdf\"", tmpdir, fname, path, fname);
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:4193:2:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
	system(system_command);
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:4194:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(&gen_msg[STRLEN(gen_msg)], " %s/%s.mdf\n", path, fname);
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:4198:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(system_command, "mv \"%s/%s.make\" \"%s/%s.make\"",tmpdir,fname,path,fname);
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:4199:2:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
	system(system_command);
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:4200:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(&gen_msg[STRLEN(gen_msg)], "%s/%s.make", path, fname);
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:4204:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(system_command, "rm \"%s/%s.mb\"", tmpdir, fname);
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:4205:5:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    system(system_command);
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:4213:8:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
       sprintf(system_command,"make -f %s.make &", fname);
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:4215:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
       system(system_command);
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:4222:8:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
       sprintf(system_command,"make -f %s.make run &", fname);
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:4224:8:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
       system(system_command);
data/dx-4.4.4/src/uipp/prompter/Browser.C:1357:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(title, filenm);
data/dx-4.4.4/src/uipp/prompter/CommandTextPopup.C:70:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf (help_msg, "The raw data file. (DXDATA in use: %s...)", 
data/dx-4.4.4/src/uipp/prompter/CommandTextPopup.C:74:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf (help_msg, "The raw data file. (DXDATA in use: %s)", dxd);
data/dx-4.4.4/src/uipp/prompter/CommandTextPopup.C:113:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(sampDat, uiroot);
data/dx-4.4.4/src/uipp/prompter/ConfirmedQCommand.C:63:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(dialogQuestion,"Do you really want to quit %s?",
data/dx-4.4.4/src/uipp/prompter/DataFileDialog.C:50:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(str, string);
data/dx-4.4.4/src/uipp/prompter/FileContents.C:127:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf (junk_file, "%s/foo.bar", tmpdir);
data/dx-4.4.4/src/uipp/prompter/FileContents.C:132:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf (this->out_file_name, "%s%s", this->sans_extension,ext);
data/dx-4.4.4/src/uipp/prompter/FileContents.C:137:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf (this->out_file_name, "%s%s", this->sans_extension,ext);
data/dx-4.4.4/src/uipp/prompter/FileContents.C:249:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy (&new_contents[next], cling->replacement);
data/dx-4.4.4/src/uipp/prompter/GARApplication.C:577:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf (tmpstr, "%s%s", fname, ext);
data/dx-4.4.4/src/uipp/prompter/GARApplication.C:579:6:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	    sprintf (tmpstr, "%s.%s", fname, ext);
data/dx-4.4.4/src/uipp/prompter/GARApplication.C:611:6:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	    strcpy(newstr, dirname);
data/dx-4.4.4/src/uipp/prompter/GARApplication.C:613:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(newstr, str); 
data/dx-4.4.4/src/uipp/prompter/GARApplication.C:630:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(newstr, datadir);
data/dx-4.4.4/src/uipp/prompter/GARApplication.C:635:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(newstr, str);
data/dx-4.4.4/src/uipp/prompter/GARChooserWindow.C:690:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy (ext, &cp[i]);
data/dx-4.4.4/src/uipp/prompter/GARChooserWindow.C:711:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy (tbuf, cp);
data/dx-4.4.4/src/uipp/prompter/GARChooserWindow.C:753:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(dirspec, this->file_search_dir);
data/dx-4.4.4/src/uipp/prompter/GARChooserWindow.C:763:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(dirspec, ext);
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:2502:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(str, &line[ndx]);
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:2517:7:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
		    strcat(str, line);
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:2992:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(name, "%s cmp %d and %d", field->getName(), 
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:3009:10:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
         sprintf(name, "%s and %s", prevfield->getName(), 
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:3039:15:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
              sprintf(name, "%s cmp %d and %d", prevfield->getName(), 
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:3047:10:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
         sprintf(name, "%s and %s", prevfield->getName(), 
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:3055:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(name, "%s cmp %d and %d", field->getName(), 
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:3134:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(name, "%s cmp %d and %d", field->getName(), 
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:3169:10:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
         sprintf(name, "%s and %s", prevfield->getName(), 
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:3216:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(name, "%s cmp %d and %d", prevfield->getName(), 
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:3240:10:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
         sprintf(name, "%s and %s", prevfield->getName(), 
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:3265:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(name, "%s cmp %d and %d", field->getName(), 
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:4321:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy (tmpbuf, cp);
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:4716:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(filter, path);
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:5679:13:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
            strcpy (tmpbuf, cp);
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:5735:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy (cp, XtName(w));
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:6122:7:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
      strcat(title, file);
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:6863:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(title, filenm);
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:7031:11:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
    dim = sscanf(&line[ndx],"%s %s %s %s", 
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:7053:11:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
    dim = sscanf(&line[ndx],"%s %s %s %s", 
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:7199:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(final_str, str);
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:7206:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(final_str, str);
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:7490:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(str, &line[ndx]);
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:7504:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(str, line);
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:7636:9:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	       strcat(posstr, tmpstr);
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:7653:12:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
           strcat(posstr, tmpstr);
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:7820:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(new_string, this->comment_text);
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:7826:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(new_string, &line[ndx]);
data/dx-4.4.4/src/uipp/prompter/GridChoice.C:652:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf (net_file, "%s/ui/decision.net", net_dir);
data/dx-4.4.4/src/uipp/prompter/GridChoice.C:691:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf (net_file, "%s/ui/%s", net_dir, this->net_to_run);
data/dx-4.4.4/src/uipp/prompter/ImageChoice.C:173:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf (net_file, "%s/ui/ReadImage.net", net_dir);
data/dx-4.4.4/src/uipp/prompter/ImportableChoice.C:55:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf (msg, "The import module can read %s files.", 
data/dx-4.4.4/src/uipp/prompter/SADialog.C:71:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(file, string);
data/dx-4.4.4/src/uipp/prompter/SADialog.C:78:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(file,GenExtension);
data/dx-4.4.4/src/uipp/prompter/SpreadSheetChoice.C:394:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf (net_file, "%s/ui/testssheet.net", net_dir);
data/dx-4.4.4/src/uipp/prompter/SpreadSheetChoice.C:523:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf (net_file, "%s/ui/ImportSpreadsheetTable.net", net_dir);
data/dx-4.4.4/src/uipp/prompter/SpreadSheetChoice.C:525:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf (net_file, "%s/ui/ImportSpreadsheetMatrix.net", net_dir);
data/dx-4.4.4/src/uipp/prompter/TypeChoice.C:526:4:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
			sprintf (newe, "%s %s", exec, cp);
data/dx-4.4.4/src/uipp/prompter/TypeChoice.C:647:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf (net_file, "%s/ui/decision.net", net_dir);
data/dx-4.4.4/src/uipp/prompter/TypeChoice.C:681:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf (net_file, "%s/ui/%s", net_dir, this->net_to_run);
data/dx-4.4.4/src/uipp/startup/StartupWindow.C:621:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(path, "%s/bin_%s/prompter", theIBMApplication->getUIRoot(), DXD_ARCHNAME);
data/dx-4.4.4/src/uipp/startup/StartupWindow.C:626:6:  [4] (shell) execl:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
	    execl (path, path, "-limited", NUL(char*));
data/dx-4.4.4/src/uipp/startup/StartupWindow.C:629:2:  [4] (shell) execl:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
	execl (path, path, NUL(char*));
data/dx-4.4.4/src/uipp/startup/StartupWindow.C:682:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(url, theIBMApplication->getUIRoot());
data/dx-4.4.4/src/uipp/startup/StartupWindow.C:699:30:  [4] (shell) popen:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
		StartupWindow::TutorConn = popen(cmdstr, "r");
data/dx-4.4.4/src/uipp/startup/StartupWindow.C:742:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf (dirspec, "%s%s", uir, ext);
data/dx-4.4.4/src/uipp/startup/StartupWindow.C:790:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(helpfile, "%s/ui/help.txt", dxroot);  
data/dx-4.4.4/src/uipp/startup/StartupWindow.C:839:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf (cmdstr, "(%s ", cmd);
data/dx-4.4.4/src/uipp/startup/StartupWindow.C:841:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf (cmdstr, "%s ", cmd);
data/dx-4.4.4/src/uipp/startup/StartupWindow.C:845:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy (&cmdstr[totlen], args[i]);
data/dx-4.4.4/src/uipp/startup/StartupWindow.C:853:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy (&cmdstr[totlen], cp);
data/dx-4.4.4/src/uipp/tutor/TutorApplication.C:364:5:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    fprintf(stderr, mesg, event->request_code);
data/dx-4.4.4/src/uipp/tutor/TutorApplication.C:374:5:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    fprintf(stderr, mesg, event->minor_code);
data/dx-4.4.4/src/uipp/tutor/TutorApplication.C:384:5:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    fprintf(stderr, mesg, event->resourceid);
data/dx-4.4.4/src/uipp/tutor/TutorApplication.C:388:5:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    fprintf(stderr, mesg, event->serial);
data/dx-4.4.4/src/uipp/tutor/TutorApplication.C:395:5:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    fprintf(stderr, mesg, display->request);
data/dx-4.4.4/src/uipp/tutor/TutorApplication.C:411:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(buf,"%s/help",root);
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:1768:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(message, filename);
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:1799:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(message, filename);
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:1811:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(message, filename);
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:1851:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(message, filename);
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:1865:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(message, filename);
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:1877:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(message, filename);
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:1889:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(message, filename);
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:1901:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(message, filename);
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:1913:6:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	    strcat(message, filename);
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:1968:3:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
		strcat(message, filename);
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:1981:3:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
		strcat(message, filename);
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:1994:3:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
		strcat(message, filename);
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:2007:3:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
		strcat(message, filename);
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:2020:3:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
		strcat(message, filename);
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:2048:7:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
      strcat(message, filename);
data/dx-4.4.4/src/uipp/widgets/MultiText.c:738:2:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	sprintf (buf, MSG1, CURSOR_COUNT);
data/dx-4.4.4/src/uipp/widgets/MultiText.c:818:2:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	sprintf(buf, MSG1, CURSOR_COUNT);
data/dx-4.4.4/src/uipp/widgets/MultiText.c:1069:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
  sprintf(buf, "%s-%d", data, ++cnt);
data/dx-4.4.4/src/uipp/widgets/MultiText.c:1118:3:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
		strcat(mondoBuffer, wp->chars);
data/dx-4.4.4/src/uipp/widgets/MultiText.c:1119:35:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
		if (cw->multiText.smartSpacing) strcat(mondoBuffer, space);
data/dx-4.4.4/src/uipp/widgets/MultiText.c:1123:24:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	  if (foundSomething) strcat(mondoBuffer, cr);
data/dx-4.4.4/src/uipp/widgets/MultiText.c:1400:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(buf + strlen(buf), " %s", wpStart->chars);
data/dx-4.4.4/src/uipp/widgets/MultiText.c:1402:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(buf, wpStart->chars);
data/dx-4.4.4/src/uipp/widgets/MultiText.c:2413:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
      sprintf(newWord, "%s%c", wp->chars, ch);
data/dx-4.4.4/src/uipp/widgets/MultiText.c:2449:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(retStr, str);
data/dx-4.4.4/src/uipp/widgets/MultiText.c:3078:7:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
      sprintf(buf, MSG4, name, DEFAULT_FONT_NAME);
data/dx-4.4.4/src/uipp/widgets/MultiText.c:3084:4:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	  sprintf(buf, MSG5, DEFAULT_FONT_NAME);
data/dx-4.4.4/src/uipp/widgets/Number.c:1053:11:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    (void)strcpy(nw->editor.string, edit.string);
data/dx-4.4.4/src/uipp/widgets/NumberOutput.c:314:8:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	(void)sprintf(string, format, (long)(ival - 0.5));
data/dx-4.4.4/src/uipp/widgets/NumberOutput.c:316:8:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	(void)sprintf(string, format, (long)(ival + 0.5));
data/dx-4.4.4/src/uipp/widgets/NumberOutput.c:370:11:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
    (void)sprintf(string, format, fval);
data/dx-4.4.4/src/uipp/widgets/NumberOutput.c:416:12:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	    (void)sprintf(string, format, gval);
data/dx-4.4.4/src/uipp/widgets/NumberOutput.c:445:9:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
		(void)sprintf(string, eform[nw->number.decimal_places], gval);
data/dx-4.4.4/src/uipp/widgets/NumberOutput.c:471:10:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
			(void)sprintf(string, eform[width-4], gval);
data/dx-4.4.4/src/uipp/widgets/NumberOutput.c:477:10:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
			(void)sprintf(string, eform[width-5], gval);
data/dx-4.4.4/src/uipp/widgets/NumberOutput.c:484:13:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
		    (void)sprintf(string, eform[width-5], gval);
data/dx-4.4.4/src/uipp/widgets/NumberOutput.c:490:13:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
		    (void)sprintf(string, eform[width-6], gval);
data/dx-4.4.4/src/uipp/widgets/NumberOutput.c:497:9:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
		(void)sprintf(string, fform[nw->number.decimal_places], gval);
data/dx-4.4.4/src/uipp/widgets/NumberOutput.c:516:9:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
		(void)sprintf(string, fform[width], gval);
data/dx-4.4.4/src/uipp/widgets/NumberOutput.c:526:9:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
		(void)sprintf(string, eform[nw->number.decimal_places], gval);
data/dx-4.4.4/src/uipp/widgets/NumberOutput.c:552:10:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
			(void)sprintf(string, eform[width-6], gval);
data/dx-4.4.4/src/uipp/widgets/NumberOutput.c:558:10:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
			(void)sprintf(string, eform[width-5], gval);
data/dx-4.4.4/src/uipp/widgets/NumberOutput.c:568:10:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
			(void)sprintf(string, eform[width-6], gval);
data/dx-4.4.4/src/uipp/widgets/NumberOutput.c:574:10:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
			(void)sprintf(string, eform[width-5], gval);
data/dx-4.4.4/src/uipp/widgets/NumberOutput.c:581:13:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
		    (void)sprintf(string, eform[width-6], gval);
data/dx-4.4.4/src/uipp/widgets/NumberOutput.c:587:13:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
		    (void)sprintf(string, eform[width-7], gval);
data/dx-4.4.4/src/uipp/widgets/NumberOutput.c:594:9:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
		(void)sprintf(string, fform[nw->number.decimal_places], gval);
data/dx-4.4.4/src/uipp/widgets/NumberOutput.c:613:9:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
		(void)sprintf(string, fform[width], gval);
data/dx-4.4.4/src/uipp/widgets/NumericList.c:501:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(e_format[i], tmp);
data/dx-4.4.4/src/uipp/widgets/NumericList.c:507:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(f_format[i], tmp);
data/dx-4.4.4/src/uipp/widgets/NumericList.c:519:6:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	    sprintf(string, e_format[i], 
data/dx-4.4.4/src/uipp/widgets/NumericList.c:525:6:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	    sprintf(string, f_format[i], 
data/dx-4.4.4/src/uipp/widgets/NumericList.c:531:6:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	    sprintf(string, e_format[i], 
data/dx-4.4.4/src/uipp/widgets/NumericList.c:932:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(e_format[i], tmp);
data/dx-4.4.4/src/uipp/widgets/NumericList.c:938:2:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
	strcat(f_format[i], tmp);
data/dx-4.4.4/src/uipp/widgets/NumericList.c:956:3:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
		sprintf(string, e_format[j], 
data/dx-4.4.4/src/uipp/widgets/NumericList.c:962:3:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
		sprintf(string, f_format[j], 
data/dx-4.4.4/src/uipp/widgets/NumericList.c:968:3:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
		sprintf(string, e_format[j], 
data/dx-4.4.4/src/uipp/widgets/NumericList.c:1326:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(s, name);
data/dx-4.4.4/src/uipp/widgets/WorkspaceW.c:3930:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
 	sprintf (msg,
data/dx-4.4.4/include/dx/arch.h:87:9:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
#define random rand
data/dx-4.4.4/include/dx/arch.h:93:9:  [3] (random) srandom:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
#define srandom srand
data/dx-4.4.4/include/dx/arch.h:93:17:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
#define srandom srand
data/dx-4.4.4/include/dx/arch.h:659:5:  [3] (buffer) getopt:
  Some older implementations do not protect against internal buffer overflows
  (CWE-120, CWE-20). Check implementation on installation, or limit the size
  of all string inputs.
int getopt(int,char**,char*);
data/dx-4.4.4/src/exec/dpexec/command.c:963:17:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	env = (char *) getenv (c);
data/dx-4.4.4/src/exec/dpexec/command.c:1524:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(NULL));
data/dx-4.4.4/src/exec/dpexec/dxThreadMain.cpp:438:19:  [3] (buffer) getopt:
  Some older implementations do not protect against internal buffer overflows
  (CWE-120, CWE-20). Check implementation on installation, or limit the size
  of all string inputs.
    while ((opt = getopt (largc, largv, VALID_ARGS)) != EOF) {
data/dx-4.4.4/src/exec/dpexec/dxThreadMain.cpp:628:28:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
        if ((mm = (char *) getenv ("EXMARKMASK")) != NULL)
data/dx-4.4.4/src/exec/dpexec/dxmain.c:832:19:  [3] (buffer) getopt:
  Some older implementations do not protect against internal buffer overflows
  (CWE-120, CWE-20). Check implementation on installation, or limit the size
  of all string inputs.
    while ((opt = getopt (argc, argv, VALID_ARGS)) != EOF) {
data/dx-4.4.4/src/exec/dpexec/dxmain.c:1242:28:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
        if ((mm = (char *) getenv ("EXMARKMASK")) != NULL)
data/dx-4.4.4/src/exec/dpexec/dxpfsmgr.c:58:21:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if ((partname = getenv("PFSDRIVE")) == NULL)
data/dx-4.4.4/src/exec/dpexec/license.c:156:18:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    char *root = getenv ("DXEXECROOT");
data/dx-4.4.4/src/exec/dpexec/license.c:158:9:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	root = getenv ("DXROOT");
data/dx-4.4.4/src/exec/dpexec/license.c:223:6:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	if (getenv("DXSHADOW")) 
data/dx-4.4.4/src/exec/dpexec/license.c:224:21:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	    strcpy(remname,getenv("DXSHADOW"));
data/dx-4.4.4/src/exec/dpexec/license.c:438:10:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    cp = getenv("DXSTARTUP");
data/dx-4.4.4/src/exec/dpexec/license.c:442:7:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
  if (getenv("DXTRIALKEY")) {
data/dx-4.4.4/src/exec/dpexec/license.c:443:19:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
        char *k = getenv("DXTRIALKEY");
data/dx-4.4.4/src/exec/dpexec/license.c:449:15:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
      fname = getenv("DXTRIALKEYFILE");
data/dx-4.4.4/src/exec/dpexec/license.c:651:26:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	for (i=0, device=(char*)getenv("DXKEYDEVICE"); dflt_devices[i]; i++) {
data/dx-4.4.4/src/exec/dpexec/loader.c:608:13:  [3] (misc) LoadLibrary:
  Ensure that the full path to the library is specified, or current directory
  may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
  find library path, if you aren't already.
    hinst = LoadLibrary(foundname);
data/dx-4.4.4/src/exec/dpexec/loader.c:964:23:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    datadir = (char *)getenv(environment);
data/dx-4.4.4/src/exec/dpexec/optarg.c:82:5:  [3] (buffer) getopt:
  Some older implementations do not protect against internal buffer overflows
  (CWE-120, CWE-20). Check implementation on installation, or limit the size
  of all string inputs.
int getopt(int argc, char *argv[], char *opstring)
data/dx-4.4.4/src/exec/dpexec/remote.c:176:21:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    local_rsh_cmd = getenv( "DXRSH" );
data/dx-4.4.4/src/exec/dpexec/remote.c:323:21:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
        rsh_noenv = getenv( "DXRSH_NOENV" ) != NULL; /*  Set $DISPLAY only?  */
data/dx-4.4.4/src/exec/dpexec/remote.c:577:10:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	spath = getenv ("DXMODULES");
data/dx-4.4.4/src/exec/dpexec/socket.c:69:11:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    char *getenv();
data/dx-4.4.4/src/exec/dpexec/socket.c:77:11:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    env = getenv("DXHOST");
data/dx-4.4.4/src/exec/dpexec/socket.c:345:12:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	char *s = getenv("DX_SOCKET_BUFSIZE");
data/dx-4.4.4/src/exec/dpexec/status.c:189:17:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if ((name = getenv ("DISPLAY_S")) == (char *) NULL)
data/dx-4.4.4/src/exec/dpexec/status.c:190:14:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	if ((name = getenv ("DISPLAY")) == (char *) NULL)
data/dx-4.4.4/src/exec/dpexec/swap.c:102:15:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if ((cp = getenv("DX_RECLAIM_FACTOR")) != NULL) {
data/dx-4.4.4/src/exec/dpexec/userinter.c:25:26:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    char *path = (char *)getenv("DXUSERINTERACTORS");
data/dx-4.4.4/src/exec/dpexec/userinter.c:40:26:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if ((fname = (char *)getenv("DX_USER_INTERACTOR_FILE")) != NULL)
data/dx-4.4.4/src/exec/dpexec/yuiif.c:396:26:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if ((root = (char *) getenv ("DXROOT")) != NULL)
data/dx-4.4.4/src/exec/dpexec/yuiif.c:522:18:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	tmp1 = (char *) getenv ("DXINCLUDE");
data/dx-4.4.4/src/exec/dpexec/yuiif.c:523:25:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
        tmp2 = (char *) getenv ("DXMACROS");
data/dx-4.4.4/src/exec/dpexec/yuiif.c:586:25:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if (fptr == NULL && getenv("DXROOT"))
data/dx-4.4.4/src/exec/dpexec/yuiif.c:589:30:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	sprintf(buf, "%s\\lib\\%s", getenv("DXROOT"), name);
data/dx-4.4.4/src/exec/dpexec/yuiif.c:591:28:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	sprintf(buf, "%s/lib/%s", getenv("DXROOT"), name);
data/dx-4.4.4/src/exec/dxmods/_compoper.c:3230:5:  [3] (random) srandom:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srandom(seed);
data/dx-4.4.4/src/exec/dxmods/_compoper.c:3232:21:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
	rands[i] = ((float)random()/RAND_MAX);
data/dx-4.4.4/src/exec/dxmods/_compoper.c:3241:27:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
	    index = (int)((float)random()/RAND_MAX)*RANDSORTBINS;
data/dx-4.4.4/src/exec/dxmods/_compoper.c:3243:29:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
	    rands[index] = ((float)random()/RAND_MAX);
data/dx-4.4.4/src/exec/dxmods/_newtri.c:461:6:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	if (getenv("DX_SIMPLE_LOOPS"))
data/dx-4.4.4/src/exec/dxmods/_plot.c:1701:25:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
      cstring = (char *)getenv("DXAXESMAXWIDTH");
data/dx-4.4.4/src/exec/dxmods/_plot.c:1800:25:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
      cstring = (char *)getenv("DXAXESMAXWIDTH");
data/dx-4.4.4/src/exec/dxmods/import.c:750:23:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    datadir = (char *)getenv("DXDATA");
data/dx-4.4.4/src/exec/dxmods/import_cdf.c:887:21:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
  datadir = (char *)getenv("DXDATA");
data/dx-4.4.4/src/exec/dxmods/import_hdf.c:323:19:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    dir = (char *)getenv("DXDATA");
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:362:23:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    datadir = (char *)getenv("DXDATA");
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:486:23:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    datadir = (char *)getenv("DXDATA");
data/dx-4.4.4/src/exec/dxmods/overlay.c:381:11:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if (! getenv("DXPIXELTYPE") || !strcmp(getenv("DXPIXELTYPE"), "DXFloat"))
data/dx-4.4.4/src/exec/dxmods/overlay.c:381:44:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if (! getenv("DXPIXELTYPE") || !strcmp(getenv("DXPIXELTYPE"), "DXFloat"))
data/dx-4.4.4/src/exec/dxmods/readimage.c:173:37:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    else if (NULL != (str = (char *)getenv("DXDELAYEDCOLORS")))
data/dx-4.4.4/src/exec/dxmods/readimage.c:202:37:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    else if (NULL != (str = (char *)getenv("DXPIXELTYPE")))
data/dx-4.4.4/src/exec/dxmods/readimage.c:247:29:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    envstr_DXDATA = (char *)getenv("DXDATA");
data/dx-4.4.4/src/exec/dxmods/showposition.c:63:17:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
            j = random() % validcount;
data/dx-4.4.4/src/exec/dxmods/showposition.c:72:17:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
            j = random() % validcount;
data/dx-4.4.4/src/exec/dxmods/superwin.c:68:47:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    else if (NULL == (displayString = (char *)getenv("DISPLAY")))
data/dx-4.4.4/src/exec/dxmods/superwin.c:213:14:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    else if (getenv("DX_WINDOW_DEPTH"))
data/dx-4.4.4/src/exec/dxmods/superwin.c:214:15:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	depth = atoi(getenv("DX_WINDOW_DEPTH"));
data/dx-4.4.4/src/exec/dxmods/tracevisual.c:586:17:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if ((name = getenv ("DISPLAY_M")) == (char *) NULL)
data/dx-4.4.4/src/exec/dxmods/tracevisual.c:587:14:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	if ((name = getenv ("DISPLAY")) == (char *) NULL)
data/dx-4.4.4/src/exec/hwrender/gl/hwLoad.c:113:7:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
  if (getenv("DXEXECROOT")){
data/dx-4.4.4/src/exec/hwrender/gl/hwLoad.c:115:19:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    strcpy(HWpath,getenv("DXEXECROOT"));
data/dx-4.4.4/src/exec/hwrender/gl/hwLoad.c:118:14:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
  } else if (getenv("DXROOT")){
data/dx-4.4.4/src/exec/hwrender/gl/hwLoad.c:120:19:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    strcpy(HWpath,getenv("DXROOT"));
data/dx-4.4.4/src/exec/hwrender/gl/hwLoad.c:129:7:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
  if (getenv("DXHWMOD")) {
data/dx-4.4.4/src/exec/hwrender/gl/hwLoad.c:130:19:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    strcpy(HWname,getenv("DXHWMOD"));
data/dx-4.4.4/src/exec/hwrender/gl/hwLoad.c:191:8:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
   if (getenv("DXHWMOD")) {
data/dx-4.4.4/src/exec/hwrender/gl/hwLoad.c:192:43:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
     PRINT(("DXHWMOD = %s, using OpenGL.",getenv("DXHWMOD")));
data/dx-4.4.4/src/exec/hwrender/hwClientMessage.c:428:21:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
  DEBUG_CALL ( if (!getenv("DXHW_DEBUG_DETAIL")) DEBUG_OFF(); );
data/dx-4.4.4/src/exec/hwrender/hwCursorInteractor.c:1692:10:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
      if(getenv("DX_FORCE_Z_PLUS"))
data/dx-4.4.4/src/exec/hwrender/hwCursorInteractor.c:1698:10:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
      if(getenv("DX_FORCE_Z_MINUS"))
data/dx-4.4.4/src/exec/hwrender/hwDebug.h:50:27:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if (!debug_enabled && getenv("DXHW_DEBUG")) {\
data/dx-4.4.4/src/exec/hwrender/hwDebug.h:51:21:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
      DXEnableDebug(getenv("DXHW_DEBUG"),1); \
data/dx-4.4.4/src/exec/hwrender/hwDebug.h:58:9:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if (getenv("DXHW_DEBUG")) {\
data/dx-4.4.4/src/exec/hwrender/hwDebug.h:59:29:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
      DXEnableDebug((char *)getenv("DXHW_DEBUG"),0); \
data/dx-4.4.4/src/exec/hwrender/hwDebug.h:66:9:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if (getenv("DXHW_DEBUG")) {\
data/dx-4.4.4/src/exec/hwrender/hwDebug.h:67:29:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
      DXEnableDebug((char *)getenv("DXHW_DEBUG"),1); \
data/dx-4.4.4/src/exec/hwrender/hwDebug.h:158:7:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
  if (getenv(#x)) {
data/dx-4.4.4/src/exec/hwrender/hwDebug.h:161:8:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
  if (!getenv(#x)) {
data/dx-4.4.4/src/exec/hwrender/hwPaint.c:224:21:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
  DEBUG_CALL ( if (!getenv("DXHW_DEBUG_DETAIL")) DEBUG_OFF(); );
data/dx-4.4.4/src/exec/hwrender/hwRender.c:157:12:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
        if(getenv("DXHWMOD")) {
data/dx-4.4.4/src/exec/hwrender/hwRender.c:158:40:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
            if(0 == strcmp("DXhwdd.o", getenv("DXHWMOD")))
data/dx-4.4.4/src/exec/hwrender/hwRender.c:675:12:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
        if(getenv("DXFLING"))
data/dx-4.4.4/src/exec/hwrender/hwRender.c:682:12:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
        if(getenv("DXHW_VERBOSE")) {
data/dx-4.4.4/src/exec/hwrender/hwRender.c:695:12:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
        if(getenv("DXNO_BACKING_STORE"))
data/dx-4.4.4/src/exec/hwrender/hwRender.c:937:31:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
        if(!(env_dis = (char*)getenv("DISPLAY"))) {
data/dx-4.4.4/src/exec/hwrender/hwRender.c:1104:32:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
        char* env_dis = (char*)getenv("DISPLAY");
data/dx-4.4.4/src/exec/hwrender/hwStereo.c:70:26:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if ((fname = (char *)getenv("DX_STEREO_SYSTEM_FILE")) != NULL)
data/dx-4.4.4/src/exec/hwrender/hwStereo.c:226:26:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if ((fname = (char *)getenv("DX_STEREO_CAMERA_FILE")) != NULL)
data/dx-4.4.4/src/exec/hwrender/hwStereoSys.c:277:17:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    char *cmd = getenv("DX_INIT_STEREO_COMMAND");
data/dx-4.4.4/src/exec/hwrender/hwStereoSys.c:292:17:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    char *cmd = getenv("DX_EXIT_STEREO_COMMAND");
data/dx-4.4.4/src/exec/hwrender/hwStereoSys.c:388:8:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	cmd = getenv("DX_USE_GL_STEREO");
data/dx-4.4.4/src/exec/hwrender/hwTmesh.c:449:27:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
  tmesh_or_sens = (char *)getenv("DX_HW_TMESH_ORIENT_SENSITIVE");
data/dx-4.4.4/src/exec/hwrender/hwXfield.c:951:31:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
      if ( (gammaStr = (char*)getenv("DXHWGAMMA")) ) {
data/dx-4.4.4/src/exec/hwrender/opengl/hwLoadOGL.c:225:12:  [3] (misc) LoadLibrary:
  Ensure that the full path to the library is specified, or current directory
  may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
  find library path, if you aren't already.
  handle = LoadLibrary(buff);
data/dx-4.4.4/src/exec/hwrender/opengl/hwLoadOGL.c:287:6:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
  if(getenv("DXEXECROOT"))
data/dx-4.4.4/src/exec/hwrender/opengl/hwLoadOGL.c:289:20:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
     strcpy(HWpath,getenv("DXEXECROOT"));
data/dx-4.4.4/src/exec/hwrender/opengl/hwLoadOGL.c:294:6:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
  if(getenv("DXROOT"))
data/dx-4.4.4/src/exec/hwrender/opengl/hwLoadOGL.c:296:20:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
     strcpy(HWpath,getenv("DXROOT"));
data/dx-4.4.4/src/exec/hwrender/opengl/hwLoadOGL.c:306:6:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
  if(getenv("DXHWMOD")) /* Force Lib */
data/dx-4.4.4/src/exec/hwrender/opengl/hwLoadOGL.c:308:20:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
     strcpy(HWname,getenv("DXHWMOD"));
data/dx-4.4.4/src/exec/hwrender/opengl/hwPortOGL.c:230:17:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
  if ((gammaStr=getenv("DXHWGAMMA")))
data/dx-4.4.4/src/exec/hwrender/opengl/hwPortOGL.c:285:21:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
		if ((doGLStereo = getenv("DX_USE_GL_STEREO")) != NULL)
data/dx-4.4.4/src/exec/hwrender/opengl/hwPortOGL.c:323:22:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
		if (NULL != (str = getenv("DX_USE_DISPLAYLISTS")))
data/dx-4.4.4/src/exec/hwrender/opengl/hwPortOGL.c:518:41:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
  PRINT (("getenv('DISPLAY') = \"%s\"", getenv("DISPLAY")));
data/dx-4.4.4/src/exec/hwrender/opengl/hwPortOGL.c:527:7:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
  if(!getenv("IGNORE_GLXWAITX"))
data/dx-4.4.4/src/exec/hwrender/opengl/hwPortOGL.c:547:7:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
  if(!getenv("IGNORE_GLXWAITX"))
data/dx-4.4.4/src/exec/hwrender/opengl/hwPortOGL.c:562:7:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
  if(!getenv("IGNORE_GLXWAITX"))
data/dx-4.4.4/src/exec/hwrender/opengl/hwPortOGL.c:590:24:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if (NULL != (str = getenv("DX_USE_DISPLAYLISTS")))
data/dx-4.4.4/src/exec/hwrender/opengl/hwPortOGL.c:713:11:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
      if(!getenv("DX_PXG_TRANSPARENCY"))
data/dx-4.4.4/src/exec/hwrender/opengl/hwPortOGL.c:963:7:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
  if(!getenv("IGNORE_GLXWAITX"))
data/dx-4.4.4/src/exec/hwrender/opengl/hwPortOGL.c:968:7:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
  if(!getenv("IGNORE_GLXWAITX"))
data/dx-4.4.4/src/exec/hwrender/opengl/hwPortUtilOGL.c:2000:7:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
  if (getenv("DX_WRITE_VIEWPERF_FILE")) {
data/dx-4.4.4/src/exec/hwrender/starbase/hwLoad.c:56:9:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if (getenv("DXHWMOD"))
data/dx-4.4.4/src/exec/hwrender/starbase/hwLoad.c:57:21:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
      strcpy(HWname,getenv("DXHWMOD"));
data/dx-4.4.4/src/exec/hwrender/starbase/hwLoad.c:63:10:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
     if (getenv("DXEXECROOT")){
data/dx-4.4.4/src/exec/hwrender/starbase/hwLoad.c:64:16:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	strcpy(HWpath,getenv("DXEXECROOT"));
data/dx-4.4.4/src/exec/hwrender/starbase/hwLoad.c:71:9:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if (getenv("DXROOT")){
data/dx-4.4.4/src/exec/hwrender/starbase/hwLoad.c:72:16:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	strcpy(HWpath,getenv("DXROOT"));
data/dx-4.4.4/src/exec/hwrender/xgl/hwLoad.c:89:9:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if (getenv("DXHWMOD"))
data/dx-4.4.4/src/exec/hwrender/xgl/hwLoad.c:90:21:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
      strcpy(HWname,getenv("DXHWMOD"));
data/dx-4.4.4/src/exec/hwrender/xgl/hwLoad.c:95:10:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
     if (getenv("DXEXECROOT")){
data/dx-4.4.4/src/exec/hwrender/xgl/hwLoad.c:96:16:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	strcpy(HWpath,getenv("DXEXECROOT"));
data/dx-4.4.4/src/exec/hwrender/xgl/hwLoad.c:105:9:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if (getenv("DXROOT")){
data/dx-4.4.4/src/exec/hwrender/xgl/hwLoad.c:106:16:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	strcpy(HWpath,getenv("DXROOT"));
data/dx-4.4.4/src/exec/hwrender/xgl/hwPortXGL.c:585:7:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
   if(getenv("DX_SINGLE_BUFFER_SUN"))
data/dx-4.4.4/src/exec/libdx/axes.c:834:23:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    cstring = (char *)getenv("DXAXESMAXWIDTH");
data/dx-4.4.4/src/exec/libdx/axes.c:1770:23:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    cstring = (char *)getenv("DXAXESMAXWIDTH");
data/dx-4.4.4/src/exec/libdx/binSort.c:464:18:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    int i, j, k, random;
data/dx-4.4.4/src/exec/libdx/binSort.c:497:6:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
	if (random)
data/dx-4.4.4/src/exec/libdx/displayfb.c:238:14:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    fb->nb = getenv("NOFBNB")? 0 : 1;
data/dx-4.4.4/src/exec/libdx/displayutil.c:272:13:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	    arg1 = getenv("DISPLAY");
data/dx-4.4.4/src/exec/libdx/displayx.c:2416:9:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	host = getenv("DISPLAY");
data/dx-4.4.4/src/exec/libdx/displayx.c:3442:16:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	str = (char *)getenv("DXVISUAL");
data/dx-4.4.4/src/exec/libdx/displayx.c:3742:25:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
        where = (char *)getenv("DISPLAY");
data/dx-4.4.4/src/exec/libdx/displayx.c:3953:17:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	case 8:  str = getenv("DXGAMMA_8BIT");  break;
data/dx-4.4.4/src/exec/libdx/displayx.c:3954:17:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	case 12: str = getenv("DXGAMMA_12BIT"); break;
data/dx-4.4.4/src/exec/libdx/displayx.c:3955:17:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	case 15: str = getenv("DXGAMMA_15BIT"); break;
data/dx-4.4.4/src/exec/libdx/displayx.c:3956:17:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	case 16: str = getenv("DXGAMMA_16BIT"); break;
data/dx-4.4.4/src/exec/libdx/displayx.c:3957:17:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	case 24: str = getenv("DXGAMMA_24BIT"); break;
data/dx-4.4.4/src/exec/libdx/displayx.c:3958:17:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	case 32: str = getenv("DXGAMMA_32BIT"); break;
data/dx-4.4.4/src/exec/libdx/displayx.c:3961:28:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if (str == NULL) str = getenv("DXGAMMA");
data/dx-4.4.4/src/exec/libdx/displayx.c:4573:11:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    str = getenv("DX8BITCMAP");
data/dx-4.4.4/src/exec/libdx/displayx.c:6443:9:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	host = getenv("DISPLAY");
data/dx-4.4.4/src/exec/libdx/edfio.c:633:23:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    datadir = (char *)getenv("DXDATA");
data/dx-4.4.4/src/exec/libdx/image.c:43:11:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	format = getenv("DXPIXELTYPE");
data/dx-4.4.4/src/exec/libdx/lbcolor.c:148:23:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	rootstring = (char *)getenv("DXCOLORS");
data/dx-4.4.4/src/exec/libdx/lbcolor.c:155:23:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	rootstring = (char *)getenv("DXEXECROOT");
data/dx-4.4.4/src/exec/libdx/lbcolor.c:162:23:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	rootstring = (char *)getenv("DXROOT");
data/dx-4.4.4/src/exec/libdx/lbmessage.c:82:12:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    file = getenv("DXMESSAGES");
data/dx-4.4.4/src/exec/libdx/lbmessage.c:86:15:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	char *root = getenv("DXEXECROOT");
data/dx-4.4.4/src/exec/libdx/lbmessage.c:87:20:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	if (!root) root = getenv("DXROOT");
data/dx-4.4.4/src/exec/libdx/lbpartition.c:132:13:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    histo = getenv("HISTO")? 1 : 0;
data/dx-4.4.4/src/exec/libdx/lbtext.c:65:22:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    dir = ( char * ) getenv( "DXFONTS" );
data/dx-4.4.4/src/exec/libdx/lbtext.c:68:26:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
        dir = ( char * ) getenv( "DXEXECROOT" );
data/dx-4.4.4/src/exec/libdx/lbtext.c:71:26:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
        dir = ( char * ) getenv( "DXROOT" );
data/dx-4.4.4/src/exec/libdx/lock.c:41:25:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if ( (force_locks = getenv( "DX_FORCE_LOCKS" )) != NULL ) {
data/dx-4.4.4/src/exec/libdx/mem.c:255:15:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if ((cp = getenv("DXSHMEM")) != NULL) {
data/dx-4.4.4/src/exec/libdx/mem.c:353:15:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if ((cp = getenv("DXSHMEMSEGMAX")) != NULL) {
data/dx-4.4.4/src/exec/libdx/memory.c:1302:18:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    extern char *getenv(GETENV_ARG);
data/dx-4.4.4/src/exec/libdx/memory.c:1312:18:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    s = (char *) getenv("FIND_ME");
data/dx-4.4.4/src/exec/libdx/memory.c:1533:6:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	if (getenv("DX_DEBUG_MEMORY_INIT")) {
data/dx-4.4.4/src/exec/libdx/memory.c:1582:6:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	if (getenv("DX_DEBUG_MEMORY_INIT")) {
data/dx-4.4.4/src/exec/libdx/memory.c:1643:14:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if ((s = getenv("DX_SMALL_ARENA_FACTOR")) != NULL) {
data/dx-4.4.4/src/exec/libdx/plock.c:309:13:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
        s = getenv("PLOCK_DEBUG");
data/dx-4.4.4/src/exec/libdx/tile.c:448:12:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	nosplit = getenv("SPLIT")? 0 : 1;
data/dx-4.4.4/src/exec/libdx/timing.c:92:9:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	fast = getenv("SLOW")? 0 : 1;
data/dx-4.4.4/src/exec/libdx/timing.c:189:8:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	svs = getenv("GENERICI860")? 0 : 1;
data/dx-4.4.4/src/misc/utils.c:95:9:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    s = getenv(name);
data/dx-4.4.4/src/uipp/base/Application.C:581:25:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    char* home = (char*)getenv("HOME");
data/dx-4.4.4/src/uipp/base/HelpWin.C:102:19:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
   char *webApp = getenv("DX_WEB_BROWSER");
data/dx-4.4.4/src/uipp/base/IBMApplication.C:394:12:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	char *s = getenv("DXROOT");
data/dx-4.4.4/src/uipp/base/IBMApplication.C:857:6:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	p = getenv("TEMP");	//	2nd Pref
data/dx-4.4.4/src/uipp/base/IBMApplication.C:864:6:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	p = getenv("TMP");	//	1st Pref.
data/dx-4.4.4/src/uipp/base/IBMApplication.C:885:6:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	p = getenv("TMP");	//	2nd Pref
data/dx-4.4.4/src/uipp/base/IBMApplication.C:892:6:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	p = getenv("TMPDIR");	//	1st Pref
data/dx-4.4.4/src/uipp/base/IBMApplication.C:917:25:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    char* home = (char*)getenv("XAPPLRESDIR");
data/dx-4.4.4/src/uipp/base/License.C:237:15:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
      if (s = getenv("DXSHADOW"))
data/dx-4.4.4/src/uipp/base/License.C:559:26:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	for (i=0, device=(char*)getenv("DXKEYDEVICE"); dflt_devices[i]; i++) {
data/dx-4.4.4/src/uipp/base/License.C:593:7:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
  if (getenv("DXTRIALKEY")) {
data/dx-4.4.4/src/uipp/base/License.C:594:12:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	char *k = getenv("DXTRIALKEY");
data/dx-4.4.4/src/uipp/base/License.C:601:15:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
      fname = getenv("DXTRIALKEYFILE");
data/dx-4.4.4/src/uipp/base/StartWebBrowser.C:71:22:  [3] (shell) CreateProcess:
  This causes a new process to execute and is difficult to use safely
  (CWE-78). Specify the application path in the first argument, NOT as part
  of the second, or embedded spaces could allow an attacker to force a
  different program to run.
    processStarted = CreateProcess(NULL,cmd,NULL,NULL,0,
data/dx-4.4.4/src/uipp/base/StartWebBrowser.C:71:22:  [3] (shell) CreateProcess:
  This causes a new process to execute and is difficult to use safely
  (CWE-78). Specify the application path in the first argument, NOT as part
  of the second, or embedded spaces could allow an attacker to force a
  different program to run.
    processStarted = CreateProcess(NULL,cmd,NULL,NULL,0,
data/dx-4.4.4/src/uipp/base/StartWebBrowser.C:88:20:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    char *webApp = getenv("DX_WEB_BROWSER");
data/dx-4.4.4/src/uipp/base/StartWebBrowser.C:125:49:  [3] (tmpfile) tmpnam:
  Temporary file race condition (CWE-377).
        sprintf(fname + strlen(fname), "%s.%s", tmpnam(NULL), ".htm");
data/dx-4.4.4/src/uipp/base/Strings.C:255:20:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
            home = getenv("HOME");
data/dx-4.4.4/src/uipp/base/TemporaryLicense.C:202:9:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if (getenv("DXTRIALKEY")) {
data/dx-4.4.4/src/uipp/base/TemporaryLicense.C:228:41:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	if ((func_lic == DeveloperLicense) && (getenv("DXTEST_RUNTIME") == NUL(char*)) &&
data/dx-4.4.4/src/uipp/base/TemporaryLicense.C:321:33:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
		for (found=i=0, device=(char*)getenv("DXKEYDEVICE"); dflt_devices[i]; i++) {
data/dx-4.4.4/src/uipp/base/help.c:711:7:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
  int random;
data/dx-4.4.4/src/uipp/base/help.c:734:17:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
                srand(inttime);
data/dx-4.4.4/src/uipp/base/help.c:736:38:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
                sprintf(numbuff,"%d",random);
data/dx-4.4.4/src/uipp/dxl/conn.c:198:24:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if (NULL != (str = getenv("DXLINK_TIMEOUT")))
data/dx-4.4.4/src/uipp/dxl/conn.c:313:6:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	if (getenv("DXHOST")) {
data/dx-4.4.4/src/uipp/dxl/conn.c:319:11:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	if ((s = getenv("DXARGS")) && strstr(s,"-host")) {
data/dx-4.4.4/src/uipp/dxl/conn.c:445:28:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    conn->synchronous    = getenv("DXLSYNCHRONOUS") != NULL;
data/dx-4.4.4/src/uipp/dxl/conn.c:487:19:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if (!host && !getenv("DX_TEST_HOST") ) {
data/dx-4.4.4/src/uipp/dxl/conn.c:499:9:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	host = getenv("DX_TEST_HOST");
data/dx-4.4.4/src/uipp/dxl/conn.c:652:21:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    local_rsh_cmd = getenv( "DXRSH" );
data/dx-4.4.4/src/uipp/dxl/conn.c:1135:10:  [3] (shell) CreateProcess:
  This causes a new process to execute and is difficult to use safely
  (CWE-78). Specify the application path in the first argument, NOT as part
  of the second, or embedded spaces could allow an attacker to force a
  different program to run.
    rc = CreateProcess(NULL,
data/dx-4.4.4/src/uipp/dxl/conn.c:1135:10:  [3] (shell) CreateProcess:
  This causes a new process to execute and is difficult to use safely
  (CWE-78). Specify the application path in the first argument, NOT as part
  of the second, or embedded spaces could allow an attacker to force a
  different program to run.
    rc = CreateProcess(NULL,
data/dx-4.4.4/src/uipp/dxl/socket.c:171:34:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if ((nConnection++ == 0) && (getenv("DX_NOSIGNALS") == NULL))
data/dx-4.4.4/src/uipp/dxl/socket.c:315:9:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if (getenv("DXLTRACE")) {
data/dx-4.4.4/src/uipp/dxui/Main.C:84:26:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    char *pdir = (char *)getenv ("PROFDIR");
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:2228:10:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if (!getenv ("DXUINOCATCHERROR")) {
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:2323:13:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
		char *s = getenv("DXMDF");
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:2330:13:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
		char *s = getenv("DXMACROS");
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:2337:13:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
		char *s = getenv("DXHOST");
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:2351:13:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
		char *s = getenv("DXNETPATH");
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:2358:13:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
		char *s = getenv("DXCRYPTKEY");
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:2639:13:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
		if ( (s = getenv("DXVIEWERNET")) ) {
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:4932:15:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    dirs[0] = getenv("TMP");
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:5150:9:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if (getenv("TCHK_BAIL_OUT")) return ;
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:5168:22:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    const char *od = getenv("DATEMSK");
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:5174:44:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    const char *cp = /*this->getUIRoot();*/getenv("DXROOT");
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:282:21:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    local_rsh_cmd = getenv( "DXRSH" );
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:710:16:  [3] (shell) CreateProcess:
  This causes a new process to execute and is difficult to use safely
  (CWE-78). Specify the application path in the first argument, NOT as part
  of the second, or embedded spaces could allow an attacker to force a
  different program to run.
    pid = rc = CreateProcess(NULL,
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:710:16:  [3] (shell) CreateProcess:
  This causes a new process to execute and is difficult to use safely
  (CWE-78). Specify the application path in the first argument, NOT as part
  of the second, or embedded spaces could allow an attacker to force a
  different program to run.
    pid = rc = CreateProcess(NULL,
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:1588:8:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if(getenv("DEBUG_EXEC_MESSAGES"))
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:618:9:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if (getenv("DX_STALL") != NULL)
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:641:9:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if (getenv("DX_STALL") != NULL)
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:653:9:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if (getenv("DX_STALL") != NULL)
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:668:9:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if (getenv("DX_STALL") != NULL)
data/dx-4.4.4/src/uipp/dxuilib/GraphLayout.C:270:14:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    debug = (getenv("DEBUG_PLACEMENT") ? TRUE : FALSE);
data/dx-4.4.4/src/uipp/dxuilib/Network.C:3744:7:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
		if (getenv("DXINLINE"))
data/dx-4.4.4/src/uipp/dxuilib/Network.C:5709:15:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    decoder = getenv("DXDECODER");
data/dx-4.4.4/src/uipp/dxuilib/PacketIF.C:1377:12:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	char *s = getenv("DX_SOCKET_BUFSIZE");
data/dx-4.4.4/src/uipp/java/server/DXLink.c:116:27:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    dxargs = (const char*)getenv("DXARGS");
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:4211:12:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
       if(!getenv("DXARCH")) setenv("DXARCH", DXD_ARCHNAME,1);
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:4220:12:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
       if(!getenv("DXARCH")) setenv("DXARCH", DXD_ARCHNAME,1);
data/dx-4.4.4/src/uipp/prompter/CommandTextPopup.C:64:31:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    const char *dxd = (char *)getenv("DXDATA");
data/dx-4.4.4/src/uipp/prompter/CommandTextPopup.C:108:19:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	uiroot = (char *)getenv("DXROOT");
data/dx-4.4.4/src/uipp/prompter/GARApplication.C:190:10:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if (!getenv ("DXUINOCATCHERROR")) {
data/dx-4.4.4/src/uipp/prompter/GARApplication.C:363:9:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if (getenv("DXSTARTUP")) startup_flag = TRUE;
data/dx-4.4.4/src/uipp/prompter/GARApplication.C:367:28:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if ((startup_flag) && (getenv("DXTRIALKEY"))) {
data/dx-4.4.4/src/uipp/prompter/GARApplication.C:623:29:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    char *datadir = (char *)getenv("DXDATA");
data/dx-4.4.4/src/uipp/prompter/GARApplication.C:697:9:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    if (getenv("DXROOT"))
data/dx-4.4.4/src/uipp/prompter/GARApplication.C:698:9:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	return getenv("DXROOT");
data/dx-4.4.4/src/uipp/tutor/TutorApplication.C:266:19:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
        char *s = getenv("DXROOT");
data/dx-4.4.4/src/uipp/widgets/Image.c:521:16:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	str = (char *)getenv("DXVISUAL");
data/dx-4.4.4/include/dx/arch.h:466:9:  [2] (buffer) bcopy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define bcopy(s,d,n)	memcpy((void *)(d),(void *)(s),(int)(n))
data/dx-4.4.4/include/dx/arch.h:466:22:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define bcopy(s,d,n)	memcpy((void *)(d),(void *)(s),(int)(n))
data/dx-4.4.4/include/dx/arch.h:667:9:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
#define fopen(file,mode) _dxf_nu_fopen(file,mode"O_BINARY")
data/dx-4.4.4/include/dx/arch.h:668:9:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
#define open(path,oflag)  _open(path,oflag|O_BINARY&(~O_CREAT),0,mode"O_BINARY")
data/dx-4.4.4/include/dx/arch.h:677:9:  [2] (buffer) bcopy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define bcopy(s,d,n)	memcpy((void *)(d),(void *)(s),(int)(n))
data/dx-4.4.4/include/dx/arch.h:677:22:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define bcopy(s,d,n)	memcpy((void *)(d),(void *)(s),(int)(n))
data/dx-4.4.4/lib/outboard.c:50:40:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    dxfd = DXConnectToServer (argv[1], atoi(argv[2]));
data/dx-4.4.4/lib/outboard.c:53:4:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		 atoi(argv[2]), argv[1]);
data/dx-4.4.4/src/exec/dpexec/cache.c:88:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char	 stringKey[8+3];
data/dx-4.4.4/src/exec/dpexec/cache.c:118:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char stringKey[8+3];
data/dx-4.4.4/src/exec/dpexec/cache.c:148:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char stringKey[8+3];
data/dx-4.4.4/src/exec/dpexec/cache.c:170:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char stringKey[8+3];
data/dx-4.4.4/src/exec/dpexec/cache.c:190:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char stringKey[8+3];
data/dx-4.4.4/src/exec/dpexec/cache.c:218:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char	 stringKey[8+3];
data/dx-4.4.4/src/exec/dpexec/cache.c:355:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char	 tag[8+3];
data/dx-4.4.4/src/exec/dpexec/cache.c:422:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char	 tag[8+3];
data/dx-4.4.4/src/exec/dpexec/cachegraph.c:296:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char mod_cache_str[ MAX_PATH_STR_LEN ], *mod;
data/dx-4.4.4/src/exec/dpexec/ccm.c:154:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(userver.sun_path, "/tmp/.DX-unix/DX%d", port);
data/dx-4.4.4/src/exec/dpexec/command.c:62:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char _dxd_LicenseKey[5];
data/dx-4.4.4/src/exec/dpexec/command.c:330:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char savehost[MAXHOSTNAMELEN];
data/dx-4.4.4/src/exec/dpexec/command.c:713:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char	buf[1024];
data/dx-4.4.4/src/exec/dpexec/command.c:785:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char		help[1024];
data/dx-4.4.4/src/exec/dpexec/command.c:1326:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char	*argv[1024];
data/dx-4.4.4/src/exec/dpexec/command.c:1342:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy (buf, c, len);
data/dx-4.4.4/src/exec/dpexec/command.c:1411:27:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    _dxf_ExReclaimMemory (atol (c));
data/dx-4.4.4/src/exec/dpexec/command.c:1437:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char keybuf[14];
data/dx-4.4.4/src/exec/dpexec/command.c:1438:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char typebuf[5];
data/dx-4.4.4/src/exec/dpexec/command.c:1439:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char key[9];
data/dx-4.4.4/src/exec/dpexec/command.c:1440:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char salt[3];
data/dx-4.4.4/src/exec/dpexec/command.c:1528:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(_dxd_LicenseKey, "%x\n", i);
data/dx-4.4.4/src/exec/dpexec/command.c:1546:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char	buf[256];
data/dx-4.4.4/src/exec/dpexec/command.c:1562:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    n = sprintf (buf,
data/dx-4.4.4/src/exec/dpexec/command.c:1567:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf (buf,
data/dx-4.4.4/src/exec/dpexec/context.c:17:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(to, from, sizeof(Context));
data/dx-4.4.4/src/exec/dpexec/distconnect.c:154:17:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
                strcpy(av[0], "dx");
data/dx-4.4.4/src/exec/dpexec/distp.h:196:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char 		data[MSG_BUFLEN];
data/dx-4.4.4/src/exec/dpexec/distp.h:203:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char		data[MAX_UI_PACKET];
data/dx-4.4.4/src/exec/dpexec/distpacket.c:275:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy (argp->data, data, size);
data/dx-4.4.4/src/exec/dpexec/dpparse.c:24:24:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define	MEMCPY(d,s,n)		memcpy (d, s, n)
data/dx-4.4.4/src/exec/dpexec/dpparse.c:29:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy (d, s, n);\
data/dx-4.4.4/src/exec/dpexec/dpparse.c:545:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy(str, "MacroStart");
data/dx-4.4.4/src/exec/dpexec/dpparse.c:549:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy(str, "cache");
data/dx-4.4.4/src/exec/dpexec/dpparse.c:627:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy(str, "MacroEnd");
data/dx-4.4.4/src/exec/dpexec/dpparse.c:631:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy(str, "cache");
data/dx-4.4.4/src/exec/dpexec/dxThreadMain.cpp:202:47:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
extern Error ExHostToFQDN( const char host[], char fqdn[MAXHOSTNAMELEN] );
data/dx-4.4.4/src/exec/dpexec/dxThreadMain.cpp:288:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	largv = (char **) new char*[argc];
data/dx-4.4.4/src/exec/dpexec/dxThreadMain.cpp:444:26:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            extestport = atoi(optarg);
data/dx-4.4.4/src/exec/dpexec/dxThreadMain.cpp:450:38:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            _dxd_exErrorPrintLevel = atoi (optarg);
data/dx-4.4.4/src/exec/dpexec/dxThreadMain.cpp:469:34:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                    (maxMemory = atoi (optarg)) == 0) {
data/dx-4.4.4/src/exec/dpexec/dxThreadMain.cpp:536:21:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
						SetNumThreads(atoi(optarg));
data/dx-4.4.4/src/exec/dpexec/dxThreadMain.cpp:1465:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char		name[1024];
data/dx-4.4.4/src/exec/dpexec/dxThreadMain.cpp:1735:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[128];
data/dx-4.4.4/src/exec/dpexec/dxThreadMain.cpp:1749:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(buf, ", threaded version ");
data/dx-4.4.4/src/exec/dpexec/dxThreadMain.cpp:1815:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[1024];
data/dx-4.4.4/src/exec/dpexec/dxThreadMain.h:67:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char *mdffiles[MDF_MAX];
data/dx-4.4.4/src/exec/dpexec/dxThreadMain.h:68:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char extesthost[256];
data/dx-4.4.4/src/exec/dpexec/dxmain.c:166:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char extesthost[80];
data/dx-4.4.4/src/exec/dpexec/dxmain.c:178:47:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
extern Error ExHostToFQDN( const char host[], char fqdn[MAXHOSTNAMELEN] );
data/dx-4.4.4/src/exec/dpexec/dxmain.c:267:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char     *mdffiles[MDF_MAX];
data/dx-4.4.4/src/exec/dpexec/dxmain.c:795:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[1024];
data/dx-4.4.4/src/exec/dpexec/dxmain.c:838:26:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            extestport = atoi(optarg);
data/dx-4.4.4/src/exec/dpexec/dxmain.c:844:38:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            _dxd_exErrorPrintLevel = atoi (optarg);
data/dx-4.4.4/src/exec/dpexec/dxmain.c:886:34:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                    (maxMemory = atoi (optarg)) == 0) {
data/dx-4.4.4/src/exec/dpexec/dxmain.c:959:31:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                    (nprocs = atoi (optarg)) == 0) {
data/dx-4.4.4/src/exec/dpexec/dxmain.c:1079:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[128];
data/dx-4.4.4/src/exec/dpexec/dxmain.c:1093:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(buf, ", version ");
data/dx-4.4.4/src/exec/dpexec/dxmain.c:1680:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char buffer[256];
data/dx-4.4.4/src/exec/dpexec/dxmain.c:1682:17:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
                sprintf(buffer, "%d:  MP_MUSTRUN failed", _dxd_exMyPID);
data/dx-4.4.4/src/exec/dpexec/dxmain.c:1901:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char		name[1024];
data/dx-4.4.4/src/exec/dpexec/dxpfsmgr.c:113:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dname[PFS_NAME_LEN];
data/dx-4.4.4/src/exec/dpexec/dxpfsmgr.c:155:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[PFS_NAME_LEN];
data/dx-4.4.4/src/exec/dpexec/evalgraph.c:771:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char            pbuf[64];
data/dx-4.4.4/src/exec/dpexec/evalgraph.c:973:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		    sprintf(pbuf, "frame %12d %12d", frame, nframe);
data/dx-4.4.4/src/exec/dpexec/evalgraph.c:998:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(bell, "begin ");
data/dx-4.4.4/src/exec/dpexec/evalgraph.c:1051:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char            bell[512];
data/dx-4.4.4/src/exec/dpexec/evalgraph.c:1053:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char            buf[33];
data/dx-4.4.4/src/exec/dpexec/evalgraph.c:1625:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char            buf[2048];
data/dx-4.4.4/src/exec/dpexec/evalgraph.c:1694:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    char bell[512];
data/dx-4.4.4/src/exec/dpexec/function.c:26:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
typedef	char	EXC_4[4];
data/dx-4.4.4/src/exec/dpexec/function.c:85:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char		led[4];
data/dx-4.4.4/src/exec/dpexec/function.c:482:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   char formatstr[MAX_ATTRLEN+3];
data/dx-4.4.4/src/exec/dpexec/function.c:486:8:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
       strcat (formatstr, ":%d");
data/dx-4.4.4/src/exec/dpexec/function.c:494:8:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
       strcat (formatstr, ":%d");
data/dx-4.4.4/src/exec/dpexec/function.c:502:8:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
       strcat (formatstr, ":%d");
data/dx-4.4.4/src/exec/dpexec/graph.c:376:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char        s[100];
data/dx-4.4.4/src/exec/dpexec/graph.c:377:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy (s, ">GfDel ");
data/dx-4.4.4/src/exec/dpexec/graph.c:823:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char	buf[64];
data/dx-4.4.4/src/exec/dpexec/graph.c:830:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf (buf, "$%d", loc);
data/dx-4.4.4/src/exec/dpexec/graph.c:2697:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char localstr[10];
data/dx-4.4.4/src/exec/dpexec/graph.c:2706:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(tail, "%d", instance);
data/dx-4.4.4/src/exec/dpexec/graph.c:2780:10:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  static char str[ MAX_PATH_STR_LEN ];
data/dx-4.4.4/src/exec/dpexec/graph.c:2893:10:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  static char str[ MAX_PATH_STR_LEN ];
data/dx-4.4.4/src/exec/dpexec/graph.c:2902:10:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  static char str[ MAX_PATH_STR_LEN ];
data/dx-4.4.4/src/exec/dpexec/graph.c:2903:10:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  static char tmp[ MAX_PATH_STR_LEN ];
data/dx-4.4.4/src/exec/dpexec/graph.c:2927:26:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      p = int16tohex( p, atoi(colon+1));
data/dx-4.4.4/src/exec/dpexec/graph.c:3050:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy( dest, src, sizeof( *dest ) );
data/dx-4.4.4/src/exec/dpexec/graph2.c:37:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char	*_macro_stack[MACRO_DEPTH];
data/dx-4.4.4/src/exec/dpexec/graph2.c:81:24:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
#define	ADDARROW(_bp)	{strcpy (_bp, " -> "); ADVANCE (_bp);}
data/dx-4.4.4/src/exec/dpexec/help.c:26:24:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
#define	ADDCOMMA(_bp)	{strcpy (_bp, ", "); ADVANCE (_bp);}
data/dx-4.4.4/src/exec/dpexec/help.c:32:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char		buffer[8192];
data/dx-4.4.4/src/exec/dpexec/help.c:79:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy (bufp, " = ");
data/dx-4.4.4/src/exec/dpexec/help.c:85:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy (bufp, " (");
data/dx-4.4.4/src/exec/dpexec/help.c:97:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy (bufp, ");");
data/dx-4.4.4/src/exec/dpexec/help.c:100:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy (bufp, "\n\n");
data/dx-4.4.4/src/exec/dpexec/lex.c:158:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char	yysbuf[4];
data/dx-4.4.4/src/exec/dpexec/lex.c:282:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char	buffer[2048];
data/dx-4.4.4/src/exec/dpexec/lex.c:492:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char	yytext[YYLMAX];
data/dx-4.4.4/src/exec/dpexec/lex.c:496:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char	dbg[2048];
data/dx-4.4.4/src/exec/dpexec/license.c:81:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char messagebuf[1024];
data/dx-4.4.4/src/exec/dpexec/license.c:147:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char remname[256];
data/dx-4.4.4/src/exec/dpexec/license.c:148:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char auth_msg[AUTH_MSG_LEN];
data/dx-4.4.4/src/exec/dpexec/license.c:149:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char ckey[9];
data/dx-4.4.4/src/exec/dpexec/license.c:150:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char c_buf[32],p_buf[32];	/* hold crypted msgs for comaparison */
data/dx-4.4.4/src/exec/dpexec/license.c:151:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char envbuf[32];	/* static 'cause it goes into the env */
data/dx-4.4.4/src/exec/dpexec/license.c:152:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char salt[3];
data/dx-4.4.4/src/exec/dpexec/license.c:189:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(envbuf,"_DX_%d=", getpid());
data/dx-4.4.4/src/exec/dpexec/license.c:190:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(c_buf,"%x", timenow);
data/dx-4.4.4/src/exec/dpexec/license.c:199:11:  [2] (race) vfork:
  On some old systems, vfork() permits race conditions, and it's very
  difficult to use correctly (CWE-362). Use fork() instead.
    pid = vfork();
data/dx-4.4.4/src/exec/dpexec/license.c:206:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char arg1[32], arg3[32];
data/dx-4.4.4/src/exec/dpexec/license.c:229:18:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	    case MPLIC:	strcpy(arg1,"-mp");	break;
data/dx-4.4.4/src/exec/dpexec/license.c:230:18:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	    case DXLIC:	strcpy(arg1,"-dev");	break;
data/dx-4.4.4/src/exec/dpexec/license.c:231:18:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	    case RTLIC:	strcpy(arg1,"-rt");	break;
data/dx-4.4.4/src/exec/dpexec/license.c:232:21:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	    case RTLIBLIC:	strcpy(arg1,"-rtlib");	break;
data/dx-4.4.4/src/exec/dpexec/license.c:233:18:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    default:    sprintf(arg1,"%d",ltype); break;
data/dx-4.4.4/src/exec/dpexec/license.c:236:6:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	    strcat(arg1,"only");
data/dx-4.4.4/src/exec/dpexec/license.c:238:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(arg3,"%d.%d.%d", DXD_VERSION, DXD_RELEASE, DXD_MODIFICATION);
data/dx-4.4.4/src/exec/dpexec/license.c:270:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(ckey+4, "%x", child);
data/dx-4.4.4/src/exec/dpexec/license.c:410:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   key[KEY_LEN];
data/dx-4.4.4/src/exec/dpexec/license.c:411:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   cryptHost[HOST_LEN];
data/dx-4.4.4/src/exec/dpexec/license.c:412:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   cryptTime[HOST_LEN];
data/dx-4.4.4/src/exec/dpexec/license.c:413:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   host[HOST_LEN];
data/dx-4.4.4/src/exec/dpexec/license.c:419:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   fileName[HOST_LEN];
data/dx-4.4.4/src/exec/dpexec/license.c:420:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char  *key_location, key_location_buf[1024];
data/dx-4.4.4/src/exec/dpexec/license.c:439:16:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    if (cp && (atoi(cp) == 1))
data/dx-4.4.4/src/exec/dpexec/license.c:454:11:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      f = fopen(fname, "r");
data/dx-4.4.4/src/exec/dpexec/license.c:467:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	  char buf[1024];
data/dx-4.4.4/src/exec/dpexec/license.c:482:4:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	  strcat(messagebuf,"You are running an expired Trial version of Data Explorer.\n");
data/dx-4.4.4/src/exec/dpexec/license.c:502:6:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	    strcat(messagebuf,"You are running an Expired trial version of Data Explorer.\n");
data/dx-4.4.4/src/exec/dpexec/license.c:507:6:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	    strcat(messagebuf,"Single processor trial key found, MP will not be enabled.\n");
data/dx-4.4.4/src/exec/dpexec/license.c:526:4:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	  strcat(messagebuf,
data/dx-4.4.4/src/exec/dpexec/license.c:546:4:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	  strcat(messagebuf,
data/dx-4.4.4/src/exec/dpexec/license.c:621:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(host, "%d", name);
data/dx-4.4.4/src/exec/dpexec/license.c:627:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(host, "%x", name);
data/dx-4.4.4/src/exec/dpexec/license.c:636:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(host, "%x", atol(host));
data/dx-4.4.4/src/exec/dpexec/license.c:636:25:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    sprintf(host, "%x", atol(host));
data/dx-4.4.4/src/exec/dpexec/license.c:653:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char *dev, buf[32];
data/dx-4.4.4/src/exec/dpexec/license.c:662:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		    sprintf(buf,"%x", devea.default_pa[i] );
data/dx-4.4.4/src/exec/dpexec/loader.c:575:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char  szName[128], szStr[128];
data/dx-4.4.4/src/exec/dpexec/loader.c:615:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(szStr, "DXEntry");
data/dx-4.4.4/src/exec/dpexec/loader.c:894:6:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	    strcpy(*outname, "./");
data/dx-4.4.4/src/exec/dpexec/loader.c:900:6:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	    strcpy(*outname, "./");
data/dx-4.4.4/src/exec/dpexec/loader.c:933:6:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	    strcpy(*outname, "./");
data/dx-4.4.4/src/exec/dpexec/loader.c:939:6:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	    strcpy(*outname, "./");
data/dx-4.4.4/src/exec/dpexec/loader.c:993:6:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	    strcpy(*outname, "./");
data/dx-4.4.4/src/exec/dpexec/loader.c:999:6:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	    strcpy(*outname, "./");
data/dx-4.4.4/src/exec/dpexec/log.c:84:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char	*who, whobuf[512];
data/dx-4.4.4/src/exec/dpexec/log.c:157:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	n = sprintf (buf, "%2d:  ", DXProcessorId ());
data/dx-4.4.4/src/exec/dpexec/log.c:160:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf (buf, "%2d:  ", DXProcessorId ());
data/dx-4.4.4/src/exec/dpexec/nodereadb.c:23:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char rbuffer[PTBUFSIZE];
data/dx-4.4.4/src/exec/dpexec/nodereadb.c:53:9:  [2] (buffer) bcopy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        bcopy(rbuffer, &bytesleft, sizeof(int));
data/dx-4.4.4/src/exec/dpexec/nodereadb.c:60:5:  [2] (buffer) bcopy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    bcopy(ptr, Buffer, nbytes);
data/dx-4.4.4/src/exec/dpexec/nodewriteb.c:22:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char wbuffer[PTBUFSIZE];
data/dx-4.4.4/src/exec/dpexec/nodewriteb.c:37:9:  [2] (buffer) bcopy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        bcopy(&bytestowrite, wbuffer, sizeof(int));
data/dx-4.4.4/src/exec/dpexec/nodewriteb.c:47:13:  [2] (buffer) bcopy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            bcopy(Buffer, ptr, size);
data/dx-4.4.4/src/exec/dpexec/packet.c:138:7:  [2] (buffer) bcopy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		    bcopy(*tmpbuffer + sts, *tmpbuffer, *tmpbufferused);
data/dx-4.4.4/src/exec/dpexec/packet.c:164:3:  [2] (buffer) bcopy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		bcopy(packet, *tmpbuffer + *tmpbufferused, length);
data/dx-4.4.4/src/exec/dpexec/parse.h:119:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char			led[4];		/* 3 character led code	*/
data/dx-4.4.4/src/exec/dpexec/parse.h:234:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char			ldata [LOCAL_DATA];
data/dx-4.4.4/src/exec/dpexec/parsemdf.c:984:17:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	    repcount = atoi(nextc);
data/dx-4.4.4/src/exec/dpexec/parsemdf.c:1054:10:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    fd = open(foundname, O_RDONLY);
data/dx-4.4.4/src/exec/dpexec/path.c:28:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char localPath[EX_MAXPATH];
data/dx-4.4.4/src/exec/dpexec/path.c:42:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(tail, "%d", instance);
data/dx-4.4.4/src/exec/dpexec/queue.c:206:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char		buf[4096];
data/dx-4.4.4/src/exec/dpexec/queue.c:217:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf (buf, "[%4d] %p <%p %p> ", i, e, e->prev, e->next);
data/dx-4.4.4/src/exec/dpexec/queue.c:243:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    return (sprintf (buf, "0x%08lx", (long)val));
data/dx-4.4.4/src/exec/dpexec/remote.c:103:40:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
Error ExHostToFQDN( const char host[], char fqdn[MAXHOSTNAMELEN] )
data/dx-4.4.4/src/exec/dpexec/remote.c:144:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   char s[BUFSIZ];
data/dx-4.4.4/src/exec/dpexec/remote.c:145:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char script_name[500],cmd[1000];
data/dx-4.4.4/src/exec/dpexec/remote.c:146:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char localhost[MAXHOSTNAMELEN];
data/dx-4.4.4/src/exec/dpexec/remote.c:150:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *fargv[MAX_STARTUP_ARGS];
data/dx-4.4.4/src/exec/dpexec/remote.c:350:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char evar[256], c;
data/dx-4.4.4/src/exec/dpexec/remote.c:351:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char eval[1024];
data/dx-4.4.4/src/exec/dpexec/remote.c:406:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char cmdpvs[1000];
data/dx-4.4.4/src/exec/dpexec/remote.c:426:21:  [2] (race) vfork:
  On some old systems, vfork() permits race conditions, and it's very
  difficult to use correctly (CWE-362). Use fork() instead.
        pid_t pid = vfork();
data/dx-4.4.4/src/exec/dpexec/remote.c:459:13:  [2] (race) vfork:
  On some old systems, vfork() permits race conditions, and it's very
  difficult to use correctly (CWE-362). Use fork() instead.
    child = vfork();
data/dx-4.4.4/src/exec/dpexec/remote.c:524:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[512];
data/dx-4.4.4/src/exec/dpexec/remote.c:548:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char                myhost[MAXHOSTNAMELEN];
data/dx-4.4.4/src/exec/dpexec/remote.c:549:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char		cwd[MAXPATHLEN];
data/dx-4.4.4/src/exec/dpexec/remote.c:617:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(nargv[r_argc+1], "%4d", dxport);
data/dx-4.4.4/src/exec/dpexec/remote.c:628:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(nargv[r_argc], "-connect");
data/dx-4.4.4/src/exec/dpexec/remote.c:637:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(nargv[r_argc+1]+strlen(myhost), ":%4d", dxport);
data/dx-4.4.4/src/exec/dpexec/remote.c:776:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char	buff[BUFLEN];
data/dx-4.4.4/src/exec/dpexec/remote.c:777:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char	host[MAXHOSTNAMELEN];
data/dx-4.4.4/src/exec/dpexec/remote.c:784:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char        *av[2];
data/dx-4.4.4/src/exec/dpexec/remote.c:788:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char	cachetag[32];
data/dx-4.4.4/src/exec/dpexec/remote.c:873:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(cachetag, "RemoteConnect%d", instance);
data/dx-4.4.4/src/exec/dpexec/remote.c:1107:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char	cachetag[32];
data/dx-4.4.4/src/exec/dpexec/remote.c:1129:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(cachetag, "RemoteConnect%d", instance);
data/dx-4.4.4/src/exec/dpexec/sfile.c:61:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char                buffer[BUFSIZ+1];
data/dx-4.4.4/src/exec/dpexec/sfile.c:179:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(buf, ssf->nextchar, a);
data/dx-4.4.4/src/exec/dpexec/socket.c:95:17:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        *port = atoi(p);
data/dx-4.4.4/src/exec/dpexec/socket.c:203:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(userver.sun_path, "/tmp/.DX-unix/DX%d", port);
data/dx-4.4.4/src/exec/dpexec/socket.c:351:17:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	    rq_bufsz = atoi(s);
data/dx-4.4.4/src/exec/dpexec/socket.c:427:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(userver.sun_path, "/tmp/.DX-unix/DX%d", port);
data/dx-4.4.4/src/exec/dpexec/socket.c:457:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    memcpy(&server.sin_addr, hp->h_addr, hp->h_length);
data/dx-4.4.4/src/exec/dpexec/socket.c:482:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[1000];
data/dx-4.4.4/src/exec/dpexec/socket.c:496:28:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	fd = init_client(argv[1], atol(argv[2]));
data/dx-4.4.4/src/exec/dpexec/task.c:618:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char	lbuf[L_ERROR];
data/dx-4.4.4/src/exec/dpexec/task.c:1026:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy (job->arg, arg, size);
data/dx-4.4.4/src/exec/dpexec/task.h:41:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char       data[EX_TASK_DATA];     /* local data storage   */
data/dx-4.4.4/src/exec/dpexec/tmainUtil.cpp:57:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char s[MAXENV];
data/dx-4.4.4/src/exec/dpexec/tmainUtil.cpp:182:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char cwd[512];
data/dx-4.4.4/src/exec/dpexec/tmainUtil.cpp:186:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char path[MAXENV];
data/dx-4.4.4/src/exec/dpexec/tmainUtil.cpp:202:3:  [2] (buffer) TCHAR:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		TCHAR path[512];
data/dx-4.4.4/src/exec/dpexec/utils.c:23:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy (new, old, n);
data/dx-4.4.4/src/exec/dpexec/utils.c:38:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy (new, old, n);
data/dx-4.4.4/src/exec/dpexec/utils.c:54:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy (new, old, n);
data/dx-4.4.4/src/exec/dpexec/utils.c:70:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy (new, old, n);
data/dx-4.4.4/src/exec/dpexec/utils.h:47:23:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define ExCopy(d,s,n)	memcpy ((void *) (d), (const void *) s, (size_t) (n))
data/dx-4.4.4/src/exec/dpexec/yuiif.c:323:15:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ((fp = fopen (f, "r")) != NULL)
data/dx-4.4.4/src/exec/dpexec/yuiif.c:339:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char		buf [1024];
data/dx-4.4.4/src/exec/dpexec/yuiif.c:510:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char		buf[4096];
data/dx-4.4.4/src/exec/dpexec/yuiif.c:570:12:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    fptr = fopen (name, "r");
data/dx-4.4.4/src/exec/dpexec/yuiif.c:583:9:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	fptr = fopen (buf, "r");
data/dx-4.4.4/src/exec/dpexec/yuiif.c:593:9:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	fptr = fopen (buf, "r");
data/dx-4.4.4/src/exec/dpexec/yuiif.c:3297:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char prevfile[256];
data/dx-4.4.4/src/exec/dpexec/yuiif.c:3301:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char	buf[8192];
data/dx-4.4.4/src/exec/dxmods/_color.c:28:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char component[30];
data/dx-4.4.4/src/exec/dxmods/_complex.c:74:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char _dxfcctext[MAXTOKEN];
data/dx-4.4.4/src/exec/dxmods/_complex.c:167:17:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	    lvalp->i = atoi(_dxfcctext);
data/dx-4.4.4/src/exec/dxmods/_compoper.c:252:5:  [2] (buffer) bcopy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    bcopy (&pt->u, ((char*)result), size);
data/dx-4.4.4/src/exec/dxmods/_compoper.c:298:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(result, left, size);
data/dx-4.4.4/src/exec/dxmods/_compoper.c:457:2:  [2] (buffer) bcopy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	bcopy (data, result, pt->metaType.items * size);
data/dx-4.4.4/src/exec/dxmods/_compoper.c:491:6:  [2] (buffer) bcopy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    bcopy (data, result, size);
data/dx-4.4.4/src/exec/dxmods/_compoper.c:494:3:  [2] (buffer) bcopy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		bcopy (data, ((char*)result) + i * size, size);
data/dx-4.4.4/src/exec/dxmods/_compoper.c:516:6:  [2] (buffer) bcopy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    bcopy (data, ((char*)result) + i * size, size);
data/dx-4.4.4/src/exec/dxmods/_compoper.c:573:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char invalidName[1000];
data/dx-4.4.4/src/exec/dxmods/_compoper.c:654:7:  [2] (buffer) bcopy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		    bcopy ((Pointer)((char *)inputs[j]),
data/dx-4.4.4/src/exec/dxmods/_compoper.c:654:25:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		    bcopy ((Pointer)((char *)inputs[j]),
data/dx-4.4.4/src/exec/dxmods/_compoper.c:658:7:  [2] (buffer) bcopy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		    bcopy ((Pointer)(((char *)inputs[j]) + (i * subSize)),
data/dx-4.4.4/src/exec/dxmods/_compoper.c:658:26:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		    bcopy ((Pointer)(((char *)inputs[j]) + (i * subSize)),
data/dx-4.4.4/src/exec/dxmods/_compoper.c:788:28:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    selector = *(int *)(((char *)inputs[1]) + k * sizeof (int));
data/dx-4.4.4/src/exec/dxmods/_compoper.c:790:3:  [2] (buffer) bcopy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		bcopy ((Pointer)(((char *)inputs[0]) + 
data/dx-4.4.4/src/exec/dxmods/_compoper.c:790:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		bcopy ((Pointer)(((char *)inputs[0]) + 
data/dx-4.4.4/src/exec/dxmods/_compoper.c:860:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    register char *in0 = (char *) inputs[0];
data/dx-4.4.4/src/exec/dxmods/_compoper.c:861:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    register char *in1 = (char *) inputs[1];
data/dx-4.4.4/src/exec/dxmods/_compoper.c:895:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    register char *in0 = (char *) inputs[0];
data/dx-4.4.4/src/exec/dxmods/_compoper.c:896:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    register char *in1 = (char *) inputs[1];
data/dx-4.4.4/src/exec/dxmods/_compoper.c:937:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    register char *in0 = (char *) inputs[0];
data/dx-4.4.4/src/exec/dxmods/_compoper.c:938:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    register char *in1 = (char *) inputs[1];
data/dx-4.4.4/src/exec/dxmods/_compoper.c:972:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    register char *in0 = (char *) inputs[0];
data/dx-4.4.4/src/exec/dxmods/_compoper.c:973:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    register char *in1 = (char *) inputs[1];
data/dx-4.4.4/src/exec/dxmods/_compoper.c:1028:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    register char *in0 = (char *) inputs[0];
data/dx-4.4.4/src/exec/dxmods/_compoper.c:1101:7:  [2] (buffer) bcopy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		    bcopy ((Pointer)(((char *)inputs[1]) + k * tsize),
data/dx-4.4.4/src/exec/dxmods/_compoper.c:1101:26:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		    bcopy ((Pointer)(((char *)inputs[1]) + k * tsize),
data/dx-4.4.4/src/exec/dxmods/_compoper.c:1106:7:  [2] (buffer) bcopy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		    bcopy ((Pointer)(((char *)inputs[2]) + l * esize),
data/dx-4.4.4/src/exec/dxmods/_compoper.c:1106:26:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		    bcopy ((Pointer)(((char *)inputs[2]) + l * esize),
data/dx-4.4.4/src/exec/dxmods/_compoper.c:1328:6:  [2] (buffer) bcopy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    bcopy((char*)value, (char*)symbolTable[i].value, size);
data/dx-4.4.4/src/exec/dxmods/_compoper.c:1958:6:  [2] (buffer) bcopy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    bcopy (inputs[0], ((char*)result) + i * size, size);
data/dx-4.4.4/src/exec/dxmods/_compoper.c:1960:2:  [2] (buffer) bcopy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	bcopy (inputs[0], result, size * pt->metaType.items);
data/dx-4.4.4/src/exec/dxmods/_compoper2.c:302:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    out[i] = !bcmp (((char *)inputs[0]) + j * size, 
data/dx-4.4.4/src/exec/dxmods/_compoper2.c:303:10:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
			    ((char *)inputs[1]) + k * size, size);
data/dx-4.4.4/src/exec/dxmods/_compoper2.c:344:29:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    out[i] = (0 != bcmp (((char *)inputs[0]) + j * size, 
data/dx-4.4.4/src/exec/dxmods/_compoper2.c:345:10:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
			    ((char *)inputs[1]) + k * size, size));
data/dx-4.4.4/src/exec/dxmods/_compparse.c:185:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char s[MAX_PARSE_STRING_SIZE];
data/dx-4.4.4/src/exec/dxmods/_compparse.h:122:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char s[MAX_PARSE_STRING_SIZE];
data/dx-4.4.4/src/exec/dxmods/_compute.h:73:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char	s[MAX_CA_STRING];
data/dx-4.4.4/src/exec/dxmods/_connectgrids.c:102:21:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                    memcpy(&holder[shape[0]*n], &holder[shape[0]*(n-1)], \
data/dx-4.4.4/src/exec/dxmods/_connectgrids.c:106:19:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                  memcpy(&holder[shape[0]*m], tmpdata,            \
data/dx-4.4.4/src/exec/dxmods/_connectgrids.c:113:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy(&holder[0], tmpdata, DXGetItemSize(newcomponent)); \
data/dx-4.4.4/src/exec/dxmods/_connectgrids.c:760:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
       (char *)DXAllocateLocal(numnearest*DXGetItemSize(newcomponent)*shape[0]);
data/dx-4.4.4/src/exec/dxmods/_connectvor.c:485:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(tmp, old_pos_ptr, numpos*2*sizeof(float));
data/dx-4.4.4/src/exec/dxmods/_construct.c:491:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char str[64];
data/dx-4.4.4/src/exec/dxmods/_construct.c:493:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(str, "cubes%dD", dim);
data/dx-4.4.4/src/exec/dxmods/_construct.c:815:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char str[64];
data/dx-4.4.4/src/exec/dxmods/_construct.c:817:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(str, "cubes%dD", dim);
data/dx-4.4.4/src/exec/dxmods/_getfield.c:1306:11:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
         !memcpy ( (char*)out, (char*)returned, d->itemsize ) )
data/dx-4.4.4/src/exec/dxmods/_glyph.c:67:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char type[30];
data/dx-4.4.4/src/exec/dxmods/_glyph.c:84:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char font[100];
data/dx-4.4.4/src/exec/dxmods/_glyph.c:93:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char font[100];
data/dx-4.4.4/src/exec/dxmods/_glyph.c:128:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   char glyph_rank[30]; 
data/dx-4.4.4/src/exec/dxmods/_glyph.c:133:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   char string[100], *string1, *attr, *font;
data/dx-4.4.4/src/exec/dxmods/_glyph.c:265:6:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
     strcpy(glyph_rank,"scalar");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:267:6:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
     strcpy(glyph_rank,"scalar");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:269:6:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
     strcpy(glyph_rank,"2-vector");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:271:6:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
     strcpy(glyph_rank,"3-vector");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:273:6:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
     strcpy(glyph_rank,"matrix");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:275:6:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
     strcpy(glyph_rank,"matrix2");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:330:6:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
     strcpy(glyph_rank,"string");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:508:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	 sprintf(string, "%g", s);
data/dx-4.4.4/src/exec/dxmods/_glyph.c:579:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	 sprintf(string, "[%g %g]", v.x, v.y);
data/dx-4.4.4/src/exec/dxmods/_glyph.c:658:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	 sprintf(string, "[%g %g %g]", v.x, v.y, v.z);
data/dx-4.4.4/src/exec/dxmods/_glyph.c:785:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	 sprintf(string, "[%g %g %g][%g %g %g][%g %g %g]", 
data/dx-4.4.4/src/exec/dxmods/_glyph.c:1266:21:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                    memcpy(dstPtr, srcPtr, itemSize);
data/dx-4.4.4/src/exec/dxmods/_glyph.c:1319:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char *given_type_string, glyph_rank[10], type_string[30];
data/dx-4.4.4/src/exec/dxmods/_glyph.c:1320:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char connectiontype[30];
data/dx-4.4.4/src/exec/dxmods/_glyph.c:1321:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char overridetype_string[30];
data/dx-4.4.4/src/exec/dxmods/_glyph.c:1394:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(glyph_rank,"scalar");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:1412:7:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
      strcpy(glyph_rank,"scalar");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:1416:7:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
      strcpy(glyph_rank,"scalar");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:1420:7:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
      strcpy(glyph_rank,"2-vector");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:1424:7:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
      strcpy(glyph_rank,"3-vector");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:1428:7:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
      strcpy(glyph_rank,"matrix");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:1432:7:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
      strcpy(glyph_rank,"matrix2");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:1645:4:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	  strcpy(overridetype_string,"sphere62");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:1647:4:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	  strcpy(overridetype_string,"circle10");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:1677:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy(overridetype_string,"point");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:3487:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(connectiontype,"lines");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:3493:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(connectiontype,"triangles");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:3499:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(connectiontype,"triangles");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:3505:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(connectiontype,"triangles");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:3511:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(connectiontype,"triangles");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:3517:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(connectiontype,"triangles");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:3523:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(connectiontype,"triangles");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:3529:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(connectiontype,"triangles");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:3535:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(connectiontype,"triangles");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:3541:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(connectiontype,"triangles");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:3547:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(connectiontype,"triangles");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:3553:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(connectiontype,"triangles");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:3559:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(connectiontype,"triangles");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:3565:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(connectiontype,"triangles");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:3571:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(connectiontype,"triangles");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:3577:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(connectiontype,"triangles");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:3583:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(connectiontype,"triangles");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:3589:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(connectiontype,"triangles");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:3595:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(connectiontype,"triangles");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:3601:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(connectiontype,"triangles");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:3607:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(connectiontype,"triangles");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:3613:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(connectiontype,"triangles");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:3619:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(connectiontype,"triangles");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:3625:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(connectiontype,"triangles");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:3631:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(connectiontype,"lines");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:3637:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(connectiontype,"lines");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:3643:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(connectiontype,"lines");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:3649:8:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
       strcpy(connectiontype,"lines");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:3775:7:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
      strcpy(conntype,"triangles");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:3784:7:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
      strcpy(conntype,"lines");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4171:4:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	  strcpy(type_string,"sphere266");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4173:4:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	  strcpy(type_string,"rocket20");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4174:4:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	  strcpy(overridetype_string,"sphere146");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4179:4:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	  strcpy(type_string,"diamond");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4181:4:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	  strcpy(type_string,"needle");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4182:4:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	  strcpy(overridetype_string,"point");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4187:4:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	  strcpy(type_string,"sphere62");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4189:4:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	  strcpy(type_string,"rocket6");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4190:4:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	  strcpy(overridetype_string,"sphere62");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4195:4:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	  strcpy(type_string,"circle40");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4205:4:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	  strcpy(type_string,"sphere266");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4214:4:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	  strcpy(type_string,"cube");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4223:4:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	  strcpy(type_string,"diamond");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4232:4:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	  strcpy(type_string,"square");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4241:4:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	  strcpy(type_string,"circle4");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4255:4:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	  strcpy(type_string,"rocket20");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4256:4:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	  strcpy(overridetype_string,"sphere146");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4266:4:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	  strcpy(type_string,"rocket2d");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4267:4:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	  strcpy(overridetype_string,"circle20");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4277:4:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	  strcpy(type_string,"arrow");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4278:4:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	  strcpy(overridetype_string,"point");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4288:4:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	  strcpy(type_string,"arrow2d");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4289:4:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	  strcpy(overridetype_string,"point");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4299:4:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	  strcpy(type_string,"needle");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4300:4:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	  strcpy(overridetype_string,"point");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4310:4:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	  strcpy(type_string,"needle2d");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4311:4:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	  strcpy(overridetype_string,"point");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4316:4:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	  strcpy(type_string,"rocket20");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4317:4:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	  strcpy(overridetype_string,"sphere146");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4320:4:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	  strcpy(type_string,"rocket20");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4321:4:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	  strcpy(overridetype_string,"sphere146");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4340:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"diamond");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4342:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"needle");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4343:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(overridetype_string,"point");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4348:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"sphere14");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4350:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"arrow");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4351:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(overridetype_string,"point");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4356:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"sphere26");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4358:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"rocket3");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4359:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(overridetype_string,"sphere26");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4364:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"sphere42");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4366:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"rocket4");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4367:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(overridetype_string,"sphere42");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4372:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"sphere62");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4374:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"rocket6");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4375:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(overridetype_string,"sphere62");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4380:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"sphere114");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4382:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"rocket8");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4383:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(overridetype_string,"sphere114");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4388:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"sphere114");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4390:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"rocket12");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4391:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(overridetype_string,"sphere114");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4396:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"sphere146");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4398:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"rocket20");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4399:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(overridetype_string,"sphere146");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4404:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"sphere266");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4406:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"rocket20");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4407:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(overridetype_string,"sphere146");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4418:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"circle40");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4420:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"rocket2d");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4421:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(overridetype_string,"circle40");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4426:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"circle4");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4428:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"needle2d");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4429:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(overridetype_string,"point");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4434:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"circle10");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4436:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"rocket2d");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4437:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(overridetype_string,"circle10");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4442:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"circle40");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4452:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"square");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4462:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"cube");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4474:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"sphere146");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4486:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"diamond");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4497:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"circle4");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4511:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"rocket2d");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4512:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(overridetype_string,"circle40");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4522:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"rocket20");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4523:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(overridetype_string,"sphere146");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4535:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"arrow2d");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4536:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(overridetype_string,"point");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4546:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"arrow");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4547:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(overridetype_string,"point");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4559:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"needle2d");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4560:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(overridetype_string,"point");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4570:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"needle");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4571:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(overridetype_string,"point");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4578:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"rocket2d");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4579:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(overridetype_string,"circle20");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4582:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"rocket2d");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4583:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(overridetype_string,"circle20");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4602:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"circle4");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4604:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"needle2d");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4605:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(overridetype_string,"point");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4610:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"circle6");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4612:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"arrow2d");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4613:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(overridetype_string,"point");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4618:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"circle6");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4620:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"rocket2d");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4621:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(overridetype_string,"circle10");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4626:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"circle8");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4628:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"rocket2d");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4629:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(overridetype_string,"circle8");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4634:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"circle10");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4636:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"rocket2d");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4637:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(overridetype_string,"circle10");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4642:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"circle20");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4644:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"rocket2d");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4645:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(overridetype_string,"circle20");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4650:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"circle40");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4652:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(type_string,"rocket2d");
data/dx-4.4.4/src/exec/dxmods/_glyph.c:4653:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(overridetype_string,"circle40");
data/dx-4.4.4/src/exec/dxmods/_helper_jea.c:1292:23:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                if ( !memcpy ( (char *)deltas, (char *)Delta, sizeof(Delta) ) )
data/dx-4.4.4/src/exec/dxmods/_im_image.c:199:14:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	if((miff_fp=fopen(miff_filename,"r"))) {
data/dx-4.4.4/src/exec/dxmods/_im_image.c:284:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(p2,p1,linesize);
data/dx-4.4.4/src/exec/dxmods/_im_image.c:300:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char gam[7];
data/dx-4.4.4/src/exec/dxmods/_im_image.c:301:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		sprintf(gam, "%2.4f", iargs->gamma);
data/dx-4.4.4/src/exec/dxmods/_im_image.c:354:14:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	existFile = fopen(image_info->filename, "ab");
data/dx-4.4.4/src/exec/dxmods/_im_image.c:355:17:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	newFrameFile = fopen(new_frame_info->filename, "rb");
data/dx-4.4.4/src/exec/dxmods/_im_image.c:432:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(p2,p1,linesize);
data/dx-4.4.4/src/exec/dxmods/_im_image.c:454:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
			char gam[7];
data/dx-4.4.4/src/exec/dxmods/_im_image.c:455:4:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
			sprintf(gam, "%2.4f", iargs->gamma);
data/dx-4.4.4/src/exec/dxmods/_im_image.c:524:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char framestr[16];
data/dx-4.4.4/src/exec/dxmods/_im_image.c:541:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf(framestr,".%d",framenum);
data/dx-4.4.4/src/exec/dxmods/_im_image.c:551:26:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        if ( 0 <= ( fd = open ( buf, O_RDONLY ) ) )
data/dx-4.4.4/src/exec/dxmods/_im_image.c:558:14:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        fd = open ( buf, O_RDONLY );
data/dx-4.4.4/src/exec/dxmods/_im_image.c:629:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char           user_basename [ MAX_IMAGE_NAMELEN ];
data/dx-4.4.4/src/exec/dxmods/_im_image.c:630:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char           newname[ MAX_IMAGE_NAMELEN ];
data/dx-4.4.4/src/exec/dxmods/_im_image.c:631:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char           extension[40];
data/dx-4.4.4/src/exec/dxmods/_im_image.c:679:24:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
            if ( (fh = open ( newname, O_RDONLY )) < 0 )
data/dx-4.4.4/src/exec/dxmods/_im_image.c:991:25:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                        memcpy( pptr, indexes, width );
data/dx-4.4.4/src/exec/dxmods/_isosurface.c:231:15:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        if ( !memcpy ( location,
data/dx-4.4.4/src/exec/dxmods/_isosurface.c:2804:12:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
         ! memcpy ( (char *)(&value2_ptr[1]), (char *)vp,
data/dx-4.4.4/src/exec/dxmods/_isosurface.c:6352:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char    *growl[100];
data/dx-4.4.4/src/exec/dxmods/_isosurface.c:6842:24:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                     ! memcpy ( (char *)call_arg.parent,
data/dx-4.4.4/src/exec/dxmods/_isosurface.c:6846:24:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                     ! memcpy ( (char *)call_arg.isovals,
data/dx-4.4.4/src/exec/dxmods/_isosurface.c:7231:24:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                     ! memcpy ( (char *)copy_isovals,
data/dx-4.4.4/src/exec/dxmods/_maptoplane.c:3634:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    memcpy(dst, src, size);
data/dx-4.4.4/src/exec/dxmods/_newtri.c:335:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(dstPtr, srcPtr, itemSize);
data/dx-4.4.4/src/exec/dxmods/_newtri.c:588:10:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    fd = fopen("dump.out", "w");
data/dx-4.4.4/src/exec/dxmods/_newtri.c:883:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[32];
data/dx-4.4.4/src/exec/dxmods/_newtri.c:886:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf, "bad%d.dx", nShow++);
data/dx-4.4.4/src/exec/dxmods/_newtri.c:888:11:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    foo = fopen(buf, "w");
data/dx-4.4.4/src/exec/dxmods/_newtri.c:1426:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
				memcpy(newloops, loops, nloops*sizeof(Loop));
data/dx-4.4.4/src/exec/dxmods/_newtri.c:1949:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(&e0, &v0, sizeof(Point2));
data/dx-4.4.4/src/exec/dxmods/_newtri.c:1950:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(&e1, &v1, sizeof(Point2));
data/dx-4.4.4/src/exec/dxmods/_newtri.c:1961:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(&e0, &v1, sizeof(Point2));
data/dx-4.4.4/src/exec/dxmods/_newtri.c:1962:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(&e1, &v2, sizeof(Point2));
data/dx-4.4.4/src/exec/dxmods/_newtri.c:1973:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
       	memcpy(&e0, &v2, sizeof(Point2));
data/dx-4.4.4/src/exec/dxmods/_newtri.c:1974:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(&e1, &v0, sizeof(Point2));
data/dx-4.4.4/src/exec/dxmods/_newtri.c:2268:14:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	FILE *foo = fopen("bad.dx", "w");
data/dx-4.4.4/src/exec/dxmods/_newtri.c:2469:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
				memcpy(newloops, loops, nloops*sizeof(Loop));
data/dx-4.4.4/src/exec/dxmods/_plot.c:208:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buf[100];		/* the label */
data/dx-4.4.4/src/exec/dxmods/_plot.c:580:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buf[100];		/* the label */
data/dx-4.4.4/src/exec/dxmods/_plot.c:846:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char fmtx[20], fmty[20];
data/dx-4.4.4/src/exec/dxmods/_plot.c:1703:22:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          maxwidth = atoi(cstring);
data/dx-4.4.4/src/exec/dxmods/_plot.c:1707:11:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
          sprintf(fmt, "%%%d.%df", width, precision);
data/dx-4.4.4/src/exec/dxmods/_plot.c:1709:11:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
          sprintf(fmt, "%%%d.%de", 2, precision);
data/dx-4.4.4/src/exec/dxmods/_plot.c:1778:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(fmt, "%%%d.%df", width, precision);
data/dx-4.4.4/src/exec/dxmods/_plot.c:1786:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    { char tbuf[32], *cp;
data/dx-4.4.4/src/exec/dxmods/_plot.c:1802:20:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        maxwidth = atoi(cstring);
data/dx-4.4.4/src/exec/dxmods/_plot.c:1814:11:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
          sprintf(tbuf, "%.*e", prec, val);
data/dx-4.4.4/src/exec/dxmods/_plot.c:1822:15:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
              sprintf(fmt, "%%.%de", prec);
data/dx-4.4.4/src/exec/dxmods/_plot.c:1828:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(fmt, "%%.%de", minprec);
data/dx-4.4.4/src/exec/dxmods/_post.c:64:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char  *compNames[2];
data/dx-4.4.4/src/exec/dxmods/_post.c:251:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char	*compStrings[32];
data/dx-4.4.4/src/exec/dxmods/_post.c:326:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *compStrings[32], **c;
data/dx-4.4.4/src/exec/dxmods/_post.c:367:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char  	*originalDeleteList[100];
data/dx-4.4.4/src/exec/dxmods/_postscript.c:164:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char     imagefilename[MAX_IMAGE_NAMELEN];
data/dx-4.4.4/src/exec/dxmods/_postscript.c:231:20:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        if ( (fp = fopen (imagefilename, "w" )) == 0 )
data/dx-4.4.4/src/exec/dxmods/_postscript.c:235:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(imagefilename,"stdout");
data/dx-4.4.4/src/exec/dxmods/_postscript.c:645:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
#define CMP(A,B)       (((char *)(A))[0] == ((char *)(B))[0] && \
data/dx-4.4.4/src/exec/dxmods/_postscript.c:645:47:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
#define CMP(A,B)       (((char *)(A))[0] == ((char *)(B))[0] && \
data/dx-4.4.4/src/exec/dxmods/_postscript.c:646:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                        ((char *)(A))[1] == ((char *)(B))[1] && \
data/dx-4.4.4/src/exec/dxmods/_postscript.c:646:47:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                        ((char *)(A))[1] == ((char *)(B))[1] && \
data/dx-4.4.4/src/exec/dxmods/_postscript.c:647:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                        ((char *)(A))[2] == ((char *)(B))[2]) 
data/dx-4.4.4/src/exec/dxmods/_postscript.c:647:47:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                        ((char *)(A))[2] == ((char *)(B))[2]) 
data/dx-4.4.4/src/exec/dxmods/_postscript.c:648:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
#define ASGN(A,B)      (((char *)(A))[0] =  ((char *)(B))[0], \
data/dx-4.4.4/src/exec/dxmods/_postscript.c:648:47:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
#define ASGN(A,B)      (((char *)(A))[0] =  ((char *)(B))[0], \
data/dx-4.4.4/src/exec/dxmods/_postscript.c:649:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                        ((char *)(A))[1] =  ((char *)(B))[1], \
data/dx-4.4.4/src/exec/dxmods/_postscript.c:649:47:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                        ((char *)(A))[1] =  ((char *)(B))[1], \
data/dx-4.4.4/src/exec/dxmods/_postscript.c:650:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                        ((char *)(A))[2] =  ((char *)(B))[2], \
data/dx-4.4.4/src/exec/dxmods/_postscript.c:650:47:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                        ((char *)(A))[2] =  ((char *)(B))[2], \
data/dx-4.4.4/src/exec/dxmods/_postscript.c:651:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                        ((char *)(A))[3] =  ((char *)(B))[3])
data/dx-4.4.4/src/exec/dxmods/_postscript.c:651:47:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                        ((char *)(A))[3] =  ((char *)(B))[3])
data/dx-4.4.4/src/exec/dxmods/_postscript.c:1482:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char format[1024];
data/dx-4.4.4/src/exec/dxmods/_postscript.c:1762:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[BUFFSIZE]; 
data/dx-4.4.4/src/exec/dxmods/_postscript.c:1763:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char token[128], value[128];
data/dx-4.4.4/src/exec/dxmods/_postscript.c:1843:24:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if (NULL == (fin = fopen(name, "r")))
data/dx-4.4.4/src/exec/dxmods/_postscript.c:1976:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char     imagefilename[MAX_IMAGE_NAMELEN];
data/dx-4.4.4/src/exec/dxmods/_postscript.c:1987:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char     buff[BUFFSIZE];
data/dx-4.4.4/src/exec/dxmods/_postscript.c:2033:10:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	if ((fp=fopen(imagefilename, "r+"))) {
data/dx-4.4.4/src/exec/dxmods/_postscript.c:2051:17:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	    if ( (fp = fopen (imagefilename, "w+" )) == 0 )
data/dx-4.4.4/src/exec/dxmods/_postscript.c:2055:17:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	    if ( (fp = fopen (imagefilename, "r+" )) == 0 )
data/dx-4.4.4/src/exec/dxmods/_postscript.c:2062:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(imagefilename,"stdout");
data/dx-4.4.4/src/exec/dxmods/_postscript.c:2204:21:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	if (NULL == (*fh = fopen(name, "r")))
data/dx-4.4.4/src/exec/dxmods/_postscript.c:2222:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    memcpy(pixptr, rle_entry.rgb, sizeof(rle_entry.rgb));
data/dx-4.4.4/src/exec/dxmods/_refineirr.c:1405:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *rmv[64];
data/dx-4.4.4/src/exec/dxmods/_refineirr.c:1724:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(outPtr, inPtr, itemSize);
data/dx-4.4.4/src/exec/dxmods/_refinereg.c:345:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *ibase[32], *obase[32];
data/dx-4.4.4/src/exec/dxmods/_refinereg.c:439:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(oPtr, inBase, itemSize);
data/dx-4.4.4/src/exec/dxmods/_refinereg.c:508:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *ibase[32], *obase[32];
data/dx-4.4.4/src/exec/dxmods/_refinereg.c:1577:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy((char *)ptr, DXGetSegListSegmentPointer(segment), 
data/dx-4.4.4/src/exec/dxmods/_refinetopo.c:510:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(dataOut, dataIn, size);
data/dx-4.4.4/src/exec/dxmods/_refinetopo.c:590:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(dOut, dIn, dSize); 			\
data/dx-4.4.4/src/exec/dxmods/_refinetopo.c:986:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		    memcpy(dataOut, dataIn, size);
data/dx-4.4.4/src/exec/dxmods/_refinetopo.c:988:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		    memcpy(dataOut, dataIn, size);
data/dx-4.4.4/src/exec/dxmods/_refinetopo.c:1172:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		    memcpy(dataOut, dataIn, dataSize);
data/dx-4.4.4/src/exec/dxmods/_refinetopo.c:1174:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		    memcpy(dataOut, dataIn, dataSize);
data/dx-4.4.4/src/exec/dxmods/_refinetopo.c:1337:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		    memcpy(outData, inData, size);
data/dx-4.4.4/src/exec/dxmods/_regstream.c:423:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy((float *)m.A, p->dels, 9*sizeof(float));
data/dx-4.4.4/src/exec/dxmods/_regstream.c:424:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy((float *)m.b, p->org, 3*sizeof(float));
data/dx-4.4.4/src/exec/dxmods/_rgb_image.c:112:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   imagefilename[MAX_IMAGE_NAMELEN];
data/dx-4.4.4/src/exec/dxmods/_rgb_image.c:113:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   sizefilename[MAX_IMAGE_NAMELEN];
data/dx-4.4.4/src/exec/dxmods/_rgb_image.c:146:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat(sizefilename,".size");
data/dx-4.4.4/src/exec/dxmods/_rgb_image.c:253:28:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
            if ( ( fh[i] = open
data/dx-4.4.4/src/exec/dxmods/_rgb_image.c:530:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char record[128];
data/dx-4.4.4/src/exec/dxmods/_rgb_image.c:536:17:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ( ( fh = open ( name, O_RDONLY ) ) < 0 ) 
data/dx-4.4.4/src/exec/dxmods/_rgb_image.c:598:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char record[128];
data/dx-4.4.4/src/exec/dxmods/_rgb_image.c:608:17:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ( ( fh = open ( name, ( O_CREAT | O_RDWR ), 0666 ) ) < 0 )
data/dx-4.4.4/src/exec/dxmods/_rgb_image.c:620:10:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    if ( sprintf ( record, "%dx%dx%d\n",
data/dx-4.4.4/src/exec/dxmods/_rubbersheet.c:862:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char	  *toDelete[100];
data/dx-4.4.4/src/exec/dxmods/_rubbersheet.c:1264:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(dst, src+e[k]*itemSize, itemSize);
data/dx-4.4.4/src/exec/dxmods/_rubbersheet.c:1266:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(dst, src+e[k]*itemSize, itemSize);
data/dx-4.4.4/src/exec/dxmods/_rubbersheet.c:1299:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(dst, src, itemSize);
data/dx-4.4.4/src/exec/dxmods/_rw_image.c:323:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char cpy[256], buf[256], *p1, *p2;
data/dx-4.4.4/src/exec/dxmods/_rw_image.c:457:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char extension[MAX_EXTENSION_LEN], framestr[16];
data/dx-4.4.4/src/exec/dxmods/_rw_image.c:484:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(framestr,".%d",framenum);
data/dx-4.4.4/src/exec/dxmods/_sample.c:443:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char *names[256];
data/dx-4.4.4/src/exec/dxmods/_sample.c:453:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char *toDelete[256];
data/dx-4.4.4/src/exec/dxmods/_sample.c:521:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(nPtr, oPtr, size);
data/dx-4.4.4/src/exec/dxmods/_sample.c:954:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char    *name, *toDelete[100];
data/dx-4.4.4/src/exec/dxmods/_sample.c:1188:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		    memcpy(dst, src+(cList[s]*itemSize), itemSize);
data/dx-4.4.4/src/exec/dxmods/_sample.c:2082:20:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    grid_status = (char *)DXAllocateZero(gCounts[0]*gCounts[1]*sizeof(char));
data/dx-4.4.4/src/exec/dxmods/_sample.c:2825:8:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			    memcpy(&iptr->weights[0], weights,
data/dx-4.4.4/src/exec/dxmods/_sample.c:4111:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char           *name, *toDelete[100];
data/dx-4.4.4/src/exec/dxmods/_sample.c:4219:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		    memcpy(dst, src+(iPtr->index*itemSize), itemSize);
data/dx-4.4.4/src/exec/dxmods/_sample.c:4261:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(dptr, DXGetSegListSegmentPointer(slist), size);
data/dx-4.4.4/src/exec/dxmods/_sample.c:4306:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char           *name, *toDelete[100];
data/dx-4.4.4/src/exec/dxmods/_sample.c:4401:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		    memcpy(dst, DXGetArrayEntry(ah, iPtr->index, buf0), itemSize);
data/dx-4.4.4/src/exec/dxmods/_sample.c:4447:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(dptr, DXGetSegListSegmentPointer(slist), size);
data/dx-4.4.4/src/exec/dxmods/_sample.c:6056:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char           *name, *toDelete[100];
data/dx-4.4.4/src/exec/dxmods/_sample.c:6138:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		    memcpy(dst, DXGetArrayEntry(ah, iPtr->index, buf0), itemSize);
data/dx-4.4.4/src/exec/dxmods/_sample.c:6184:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(dptr, DXGetSegListSegmentPointer(slist), size);
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:343:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		  memcpy(edge_array+nE, the_edge, sizeof(EdgeS));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:692:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(new_v + 3 * new_t[i], *v + 3 * t[i], sizeof (Vertex));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:711:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(t, new_t, nT3 * sizeof (int));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:857:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		  memcpy(edges+nE, the_edge, sizeof(EdgeS));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:961:8:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	      memcpy(new_tris + 3 * (*new_nT), t1, trisize);
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:1062:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(new_v + (*new_nV)*3, v + i1, 3 * sizeof (float));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:1505:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(array, data, size);
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:1637:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(simp_data->old_face_areas, simp_data->area, simp_data->nT * sizeof (float));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:1681:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(simp_data->err_volume, old_error_volume, simp_data->nV * sizeof (float));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:1727:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(simp_data->vx_data + i * simp_data->data_dim, 
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:2164:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(v1,x1,sizeof(Vertex));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:2293:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(v1,x1,sizeof(VertexD));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:2860:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(v + 3 * j,simp_data->vert[i],sizeof(Vertex));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:2865:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(*new_vertex_data   + j * simp_data->data_dim,
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:2885:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(*new_v, v, *new_nV * sizeof (Vertex));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:2932:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(*face_normals + 3 * j, simp_data->normal+i, sizeof(Vertex));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:2952:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(*new_t, t, *new_nT * sizeof (Face));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:3294:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(link,        link0, val0 * sizeof (int));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:3295:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(link + val0, link1, val1 * sizeof (int));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:3541:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(simp_data->simplified_vertex, simp_data->vert[v0], sizeof (Vertex));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:3570:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(v_zero, simp_data->vert[v0], sizeof (Vertex));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:3571:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(v_one,  simp_data->vert[v1], sizeof (Vertex));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:3573:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(vl, simp_data->vert[vstar0[val0-1]], sizeof (Vertex));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:3574:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(vr, simp_data->vert[vstar1[val1-1]], sizeof (Vertex));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:3607:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	  memcpy(ve, vm, sizeof(Vertex));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:3697:8:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	      memcpy(vm, v_zero, sizeof(Vertex));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:3703:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		  memcpy(vm, v_one, sizeof(Vertex));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:3980:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(faceVert[0], simp_data->simplified_vertex, sizeof (Vertex));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:3986:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	  memcpy(faceVert[2], simp_data->vert[vstar0[i]], sizeof (Vertex));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:3987:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	  memcpy(faceVert[1], simp_data->vert[vstar0[i+1]], sizeof (Vertex));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:3992:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	  memcpy(faceVert[1], simp_data->vert[vstar0[i]], sizeof (Vertex));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:3993:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	  memcpy(faceVert[2], simp_data->vert[vstar0[i+1]], sizeof (Vertex));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:5016:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(simp_data->vert[v0], simp_data->simplified_vertex, sizeof(Vertex));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:5032:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(simp_data->normal[star0[i]], s_normal0[i], sizeof(Vertex));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:5040:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(simp_data->normal[star1[i]], s_normal1[i], sizeof(Vertex));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:5384:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(&link[i], link1+2, (val1 -3) * sizeof (int));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:5454:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(faceVert[0], simp_data->simplified_vertex, sizeof (Vertex));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:5455:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(faceVert[1], simp_data->vert[vstar0[i]], sizeof (Vertex));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:5456:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(faceVert[2], simp_data->vert[vstar0[i+1]], sizeof (Vertex));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:5659:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	  memcpy(wp, tri[2], sizeof(Vertex));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:5667:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	  memcpy(wp, tri[1], sizeof(Vertex));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:5675:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	  memcpy(wp, tri[0], sizeof(Vertex));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:5767:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(vs[0], simp_data->simplified_vertex, sizeof (Vertex));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:5772:31:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      if (simp_data->vx_data) memcpy(simp_data->vx_data_potential_values, 
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:5779:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(triangle[0], vs[0], sizeof (Vertex));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:5797:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	  memcpy(triangle[1], simp_data->vert[vstar1[i]],   sizeof(Vertex));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:5798:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	  memcpy(triangle[2], simp_data->vert[vstar1[i+1]], sizeof(Vertex));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:6086:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(simp_data->normal[star1[i]], s_normal1[i], sizeof(Vertex));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:6178:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	  memcpy(simp_data->simplified_vertex, simp_data->vert[v0], sizeof (Vertex));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:6494:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(vert[i], surfvert[vstar0[i1]], sizeof(Vertex));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:6495:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(vert[val01], surfvert[v0], sizeof(Vertex));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:6498:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(vert[val0], surfvert[v1], sizeof(Vertex));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:6582:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(star_vert[i], s->vert[vstar0[i1]], sizeof(Vertex));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:6584:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(star_vert[val01], s->vert[v0], sizeof(Vertex));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:6589:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(star_vert[i], s->vert[vstar1[i1]], sizeof(Vertex)); 
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:6591:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(star_vert[val013], s->vert[v1], sizeof(Vertex));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:6669:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(plane[i], t_normal[star0[i1]], sizeof(Vertex));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:6674:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(plane[val01], t_normal[star0[0]], sizeof(Vertex));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:6680:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(plane[i], t_normal[star1[i1]], sizeof(Vertex));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:6988:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(s->simplified_vertex, star_vert[val0-1], sizeof(Vertex));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:7032:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(star_plane_sav, star_plane, size_planes);
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:7049:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(star_plane, star_plane_sav, size_planes);
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:7262:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(vs[0], simp_data->simplified_vertex, sizeof (Vertex));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:7268:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(a_triangle[0], simp_data->vert[vstar0[0]], sizeof (Vertex));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:7286:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(a_triangle[0], simp_data->vert[vstar1[0]], sizeof (Vertex));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:7352:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	  memcpy(a_triangle[0], vs[0], sizeof(Vertex));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:7772:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(nor[star[i]], new_nor[i1], sizeof(Vertex));
data/dx-4.4.4/src/exec/dxmods/_simplesurf.c:7917:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(simp_data->vert[v0], simp_data->simplified_vertex, sizeof(Vertex));
data/dx-4.4.4/src/exec/dxmods/_tiff.c:267:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char c[4];
data/dx-4.4.4/src/exec/dxmods/_tiff.c:309:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char c[2];
data/dx-4.4.4/src/exec/dxmods/_tiff.c:348:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char c[4];
data/dx-4.4.4/src/exec/dxmods/_tiff.c:360:16:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    ((unsigned char *)val)[3] = c[0];
data/dx-4.4.4/src/exec/dxmods/_tiff.c:361:16:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    ((unsigned char *)val)[2] = c[1];
data/dx-4.4.4/src/exec/dxmods/_tiff.c:362:16:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    ((unsigned char *)val)[1] = c[2];
data/dx-4.4.4/src/exec/dxmods/_tiff.c:363:16:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    ((unsigned char *)val)[0] = c[3];
data/dx-4.4.4/src/exec/dxmods/_tiff.c:389:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char c[2];
data/dx-4.4.4/src/exec/dxmods/_tiff.c:401:16:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    ((unsigned char *)val)[1] = c[0];
data/dx-4.4.4/src/exec/dxmods/_tiff.c:402:16:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    ((unsigned char *)val)[0] = c[1];
data/dx-4.4.4/src/exec/dxmods/_tiff.c:421:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char     imagefilename[MAX_IMAGE_NAMELEN];
data/dx-4.4.4/src/exec/dxmods/_tiff.c:1146:26:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        if ( 0 <= ( fd = open ( buf, O_RDONLY ) ) ) 
data/dx-4.4.4/src/exec/dxmods/_tiff.c:1157:14:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        fd = open ( buf, O_RDONLY ); 
data/dx-4.4.4/src/exec/dxmods/_tiff.c:1451:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char       copyname [ MAX_IMAGE_NAMELEN ];
data/dx-4.4.4/src/exec/dxmods/_tiff.c:1467:21:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ( 0 > ( fh = open ( name, O_RDONLY ) ) ) 
data/dx-4.4.4/src/exec/dxmods/_tiff.c:1546:25:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    while ( 0 <= ( fh = open ( copyname, O_RDONLY ) ) )
data/dx-4.4.4/src/exec/dxmods/_tiff.c:1691:21:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ( 0 > ( fh = open ( name, O_RDONLY ) ) ) 
data/dx-4.4.4/src/exec/dxmods/_tiff.c:2355:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    memcpy(DXGetArrayData(colorMap), map, 256*3*sizeof(float));
data/dx-4.4.4/src/exec/dxmods/_tube.c:208:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy((char *)(normals + i), (char *)normal, sizeof(normal));
data/dx-4.4.4/src/exec/dxmods/_tube.c:588:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *name, *toDelete[100];
data/dx-4.4.4/src/exec/dxmods/_tube.c:652:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(dPtr, sPtr, nPoints*size);
data/dx-4.4.4/src/exec/dxmods/_tube.c:678:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(dPtr, sPtr, (nPoints-1)*size);
data/dx-4.4.4/src/exec/dxmods/_tube.c:1185:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy((char *)(normals + i), (char *)normal, sizeof(normal));
data/dx-4.4.4/src/exec/dxmods/_tube.c:1562:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(dPtr, sPtr, clist[i].size);
data/dx-4.4.4/src/exec/dxmods/_tube.c:1568:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(dPtr, dst, nu*clist[i].size);
data/dx-4.4.4/src/exec/dxmods/_tube.c:1594:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(dPtr, sPtr, clist[i].size);
data/dx-4.4.4/src/exec/dxmods/_tube.c:1600:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(dPtr, dst, (np-1)*clist[i].size);
data/dx-4.4.4/src/exec/dxmods/_tube.c:1619:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *name, *toDelete[100];
data/dx-4.4.4/src/exec/dxmods/_tube.c:1713:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    memcpy(dPtr, sPtr, size);
data/dx-4.4.4/src/exec/dxmods/_tube.c:2012:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *names[100];
data/dx-4.4.4/src/exec/dxmods/_tube.c:2224:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy((char *)(normals + i), (char *)normal, sizeof(normal));
data/dx-4.4.4/src/exec/dxmods/autocolor.c:59:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *colorstr, newstring[21];
data/dx-4.4.4/src/exec/dxmods/autoglyph.c:33:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char type[30];
data/dx-4.4.4/src/exec/dxmods/autoglyph.c:50:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char font[100];
data/dx-4.4.4/src/exec/dxmods/autoglyph.c:59:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char font[100];
data/dx-4.4.4/src/exec/dxmods/autoglyph.c:68:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char type_string[100], *type;
data/dx-4.4.4/src/exec/dxmods/autoglyph.c:79:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char font[100];
data/dx-4.4.4/src/exec/dxmods/autoglyph.c:81:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
  strcpy(font,"fixed");
data/dx-4.4.4/src/exec/dxmods/autoglyph.c:107:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
  strcpy(type_string,"standard");
data/dx-4.4.4/src/exec/dxmods/autoglyph.c:160:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(type_string,"standard");
data/dx-4.4.4/src/exec/dxmods/autogray.c:58:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *colorstr, newstring[21];
data/dx-4.4.4/src/exec/dxmods/camera.c:731:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dbuf[MAXDIR], *cp;
data/dx-4.4.4/src/exec/dxmods/caption.c:192:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char *s[100], *f, tmpstring[1000], buf[1000], *s1[100], *newstring;
data/dx-4.4.4/src/exec/dxmods/categorize.c:30:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *s_list[ MAX_NUM_COMPS ];
data/dx-4.4.4/src/exec/dxmods/categorize.c:751:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[ 1024 ];
data/dx-4.4.4/src/exec/dxmods/categorize.c:852:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy( &sorted[ sortlist[ i ].sortindex * size ], sortlist[ i ].ph->p, size );
data/dx-4.4.4/src/exec/dxmods/categorize.c:912:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy( invalid, "invalid " );
data/dx-4.4.4/src/exec/dxmods/catstats.c:213:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char name_str[256];
data/dx-4.4.4/src/exec/dxmods/catstats.c:671:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(invalid, "invalid ");
data/dx-4.4.4/src/exec/dxmods/color.c:56:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   component[30], *tmpcomponent, *colorstr;
data/dx-4.4.4/src/exec/dxmods/color.c:57:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   newstring[30];
data/dx-4.4.4/src/exec/dxmods/color.c:206:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy(component,"colors");
data/dx-4.4.4/src/exec/dxmods/color.c:234:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
		strcpy(component,"front colors");
data/dx-4.4.4/src/exec/dxmods/color.c:236:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
		strcpy(component,"back colors");
data/dx-4.4.4/src/exec/dxmods/color.c:238:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
		strcpy(component,"colors");
data/dx-4.4.4/src/exec/dxmods/colorbar.c:307:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(extralabel,"%f",minvalue); 
data/dx-4.4.4/src/exec/dxmods/colormap.c:352:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
     sprintf(ei.mp, "min="); while(*ei.mp) ei.mp++;
data/dx-4.4.4/src/exec/dxmods/colormap.c:357:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
     sprintf(ei.mp, "min=NULL"); while(*ei.mp) ei.mp++;
data/dx-4.4.4/src/exec/dxmods/colormap.c:360:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
     sprintf(ei.mp, "max="); while(*ei.mp) ei.mp++;
data/dx-4.4.4/src/exec/dxmods/colormap.c:365:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
     sprintf(ei.mp, " max=NULL"); while(*ei.mp) ei.mp++;
data/dx-4.4.4/src/exec/dxmods/colormap.c:368:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(ei.mp, "histogram="); while(*ei.mp) ei.mp++;
data/dx-4.4.4/src/exec/dxmods/colormap.c:373:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(ei.mp, "histogram=NULL"); while(*ei.mp) ei.mp++;
data/dx-4.4.4/src/exec/dxmods/colormap.c:1171:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(ei.mp, "NULL");
data/dx-4.4.4/src/exec/dxmods/compute2.c:64:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char                s[NAME_SIZE];
data/dx-4.4.4/src/exec/dxmods/compute2.c:68:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char                default_name[4];
data/dx-4.4.4/src/exec/dxmods/connect.c:26:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char newstring[30];
data/dx-4.4.4/src/exec/dxmods/convert.c:55:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char     newstrin[30], newstrout[30];
data/dx-4.4.4/src/exec/dxmods/describe.c:486:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tbuf[32];  /* temp buf */
data/dx-4.4.4/src/exec/dxmods/describe.c:487:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char mbuf[256]; /* message buf */
data/dx-4.4.4/src/exec/dxmods/describe.c:500:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy(mbuf, "Each item data type is ");
data/dx-4.4.4/src/exec/dxmods/describe.c:507:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(tbuf, "%d-vector, ", shape[0]);
data/dx-4.4.4/src/exec/dxmods/describe.c:511:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(tbuf,  "%d by %d matrix, ", shape[0], shape[1]);
data/dx-4.4.4/src/exec/dxmods/describe.c:515:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(tbuf,  "%d ", shape[0]);
data/dx-4.4.4/src/exec/dxmods/describe.c:518:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(tbuf,  "by %d ", shape[i]);
data/dx-4.4.4/src/exec/dxmods/describe.c:521:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat(mbuf,  "tensor, ");
data/dx-4.4.4/src/exec/dxmods/describe.c:529:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat(mbuf,  "complex, "); break;
data/dx-4.4.4/src/exec/dxmods/describe.c:531:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat(mbuf,  "quaternion, "); break;
data/dx-4.4.4/src/exec/dxmods/describe.c:533:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat(mbuf,  "unrecognized, "); break;
data/dx-4.4.4/src/exec/dxmods/describe.c:538:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat(mbuf,  "string (a list of characters).\n"); break;
data/dx-4.4.4/src/exec/dxmods/describe.c:540:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat(mbuf,  "short integer (2-byte or int*2).\n"); break;
data/dx-4.4.4/src/exec/dxmods/describe.c:542:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat(mbuf,  "integer (4-byte or int*4).\n"); break;
data/dx-4.4.4/src/exec/dxmods/describe.c:544:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat(mbuf,  "hyperlong (8-byte or int*8).\n"); break;
data/dx-4.4.4/src/exec/dxmods/describe.c:546:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat(mbuf,  "float (4-byte or real*4).\n"); break;
data/dx-4.4.4/src/exec/dxmods/describe.c:548:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat(mbuf,  "double (8-byte or real*8).\n"); break;
data/dx-4.4.4/src/exec/dxmods/describe.c:550:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat(mbuf,  "unsigned integer (4-byte or int*4).\n"); break;
data/dx-4.4.4/src/exec/dxmods/describe.c:552:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat(mbuf,  "unsigned short (2-byte or int*2).\n"); break;
data/dx-4.4.4/src/exec/dxmods/describe.c:554:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat(mbuf,  "unsigned byte (1-byte or int*1).\n"); break;
data/dx-4.4.4/src/exec/dxmods/describe.c:556:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat(mbuf,  "byte (1-byte or int*1).\n"); break;
data/dx-4.4.4/src/exec/dxmods/describe.c:558:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat(mbuf,  "unrecognized.\n"); break;
data/dx-4.4.4/src/exec/dxmods/describe.c:985:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(invalid, "invalid ");
data/dx-4.4.4/src/exec/dxmods/describe.c:1111:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(invalid, "invalid ");
data/dx-4.4.4/src/exec/dxmods/display.c:66:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *where, copy[201], *s, type[201];
data/dx-4.4.4/src/exec/dxmods/display.c:70:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   cacheid[201];	/* "Display.xxx" */
data/dx-4.4.4/src/exec/dxmods/display.c:380:19:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		window = (HWND) atoi(win); //parse after ## of arg1
data/dx-4.4.4/src/exec/dxmods/display.c:384:5:  [2] (buffer) TCHAR:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
				TCHAR szBuf[80]; 
data/dx-4.4.4/src/exec/dxmods/display.c:432:19:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        x = arg2? atoi(arg2) : 0;
data/dx-4.4.4/src/exec/dxmods/display.c:433:19:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        y = arg3? atoi(arg3) : 0;
data/dx-4.4.4/src/exec/dxmods/echo.c:56:11:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
          sprintf(ep->mp, " <msg too long> ");
data/dx-4.4.4/src/exec/dxmods/echo.c:164:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	if (((char *)value)[offset] == '%')
data/dx-4.4.4/src/exec/dxmods/echo.c:166:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(ep->mp, "%c", ((char *)value)[offset]); break;
data/dx-4.4.4/src/exec/dxmods/echo.c:166:33:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        sprintf(ep->mp, "%c", ((char *)value)[offset]); break;
data/dx-4.4.4/src/exec/dxmods/echo.c:168:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(ep->mp, "%d", ((short *)value)[offset]); break;
data/dx-4.4.4/src/exec/dxmods/echo.c:170:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(ep->mp, "%d", ((int *)value)[offset]); break;
data/dx-4.4.4/src/exec/dxmods/echo.c:172:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(ep->mp, "%g", ((float *)value)[offset]); break;
data/dx-4.4.4/src/exec/dxmods/echo.c:174:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(ep->mp, "%g", ((double *)value)[offset]); break;
data/dx-4.4.4/src/exec/dxmods/echo.c:176:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(ep->mp, "%u", ((uint *)value)[offset]); break;
data/dx-4.4.4/src/exec/dxmods/echo.c:178:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(ep->mp, "%u", ((ushort *)value)[offset]); break;
data/dx-4.4.4/src/exec/dxmods/echo.c:180:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(ep->mp, "%u", ((ubyte *)value)[offset]); break;
data/dx-4.4.4/src/exec/dxmods/echo.c:182:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(ep->mp, "%d", ((byte *)value)[offset]); break;
data/dx-4.4.4/src/exec/dxmods/echo.c:199:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(ep->mp, ", ");     while(*ep->mp) ep->mp++;
data/dx-4.4.4/src/exec/dxmods/echo.c:214:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(ep->mp, ", ");     while(*ep->mp) ep->mp++;
data/dx-4.4.4/src/exec/dxmods/echo.c:218:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(ep->mp, ", ");     while(*ep->mp) ep->mp++;
data/dx-4.4.4/src/exec/dxmods/echo.c:222:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(ep->mp, ", ");     while(*ep->mp) ep->mp++;
data/dx-4.4.4/src/exec/dxmods/echo.c:279:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(ep->mp, "] ");        while(*ep->mp) ep->mp++;
data/dx-4.4.4/src/exec/dxmods/echo.c:352:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(ep->mp, "is rank %d ", rank); while(*ep->mp) ep->mp++;
data/dx-4.4.4/src/exec/dxmods/echo.c:367:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(ep->mp, "{ ");    while(*ep->mp) ep->mp++;
data/dx-4.4.4/src/exec/dxmods/echo.c:378:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(ep->mp, " }");    while(*ep->mp) ep->mp++;
data/dx-4.4.4/src/exec/dxmods/echo.c:424:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(ei.mp, "NULL");
data/dx-4.4.4/src/exec/dxmods/enumerate.c:189:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char cbuf[64];
data/dx-4.4.4/src/exec/dxmods/enumerate.c:555:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char tbuf[512];
data/dx-4.4.4/src/exec/dxmods/enumerate.c:575:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(tbuf, 
data/dx-4.4.4/src/exec/dxmods/enumerate.c:688:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(INCVOID(dp, bytes*i), DXGetArrayData((Array)out), bytes);
data/dx-4.4.4/src/exec/dxmods/equalize.c:707:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char	buf[4096];
data/dx-4.4.4/src/exec/dxmods/equalize.c:901:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy (dst, src, size);
data/dx-4.4.4/src/exec/dxmods/equalize.c:933:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy (idpd, eq->idpd, size);
data/dx-4.4.4/src/exec/dxmods/equalize.c:934:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy (icpd, eq->icpd, size);
data/dx-4.4.4/src/exec/dxmods/equalize.c:937:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    memcpy (odpd, eq->odpd, size);
data/dx-4.4.4/src/exec/dxmods/equalize.c:938:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    memcpy (ocpd, eq->ocpd, size);
data/dx-4.4.4/src/exec/dxmods/exp_gai.c:86:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   char *cp,*lcp,lcasefmt[64];
data/dx-4.4.4/src/exec/dxmods/exp_gai.c:102:12:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
   f.dfp = fopen(filename,"w+");
data/dx-4.4.4/src/exec/dxmods/exp_gai.c:728:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char indent_char[3] = "  ";
data/dx-4.4.4/src/exec/dxmods/filter.c:902:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy (filter->shape, shape, rank * sizeof (int));
data/dx-4.4.4/src/exec/dxmods/filter.c:903:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy (filter->delta, delta, rank * sizeof (int));
data/dx-4.4.4/src/exec/dxmods/filter.c:1382:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy (vals, old->vals, size);
data/dx-4.4.4/src/exec/dxmods/filter.c:1419:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char		buf[256];
data/dx-4.4.4/src/exec/dxmods/filter.c:1472:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy (f->shape, ft->shape, frank * sizeof (int));
data/dx-4.4.4/src/exec/dxmods/filter.c:1473:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy (f->delta,     delta, frank * sizeof (int));
data/dx-4.4.4/src/exec/dxmods/filter.c:1474:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy (vals,     ft->vals,  count * sizeof (float));
data/dx-4.4.4/src/exec/dxmods/filter.c:1584:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char	buf[256];
data/dx-4.4.4/src/exec/dxmods/filter.c:1599:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy (buf, "original ");
data/dx-4.4.4/src/exec/dxmods/filter.c:1890:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy (irrdata.filter, filter->vals, size);
data/dx-4.4.4/src/exec/dxmods/format.c:170:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[BUFFERSIZE];
data/dx-4.4.4/src/exec/dxmods/format.c:173:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char format[256];
data/dx-4.4.4/src/exec/dxmods/genimp.c:147:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
  strcpy(_dxd_gi_var[0]->name, "field");
data/dx-4.4.4/src/exec/dxmods/genimp.h:99:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char marker[MAX_MARKER]; /* marker for header */
data/dx-4.4.4/src/exec/dxmods/genimp.h:103:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char	name[100]; /* field name 				   */
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:56:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static Error extract_fromline(char str[MAX_DSTR],int which);
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:181:10:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  static char infopath[256];	/* Save the path when opening the info file */
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:281:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char *str, r[MAX_DSTR], *op;
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:520:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char *str, r[MAX_DSTR], *op;
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:795:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char *str, r[MAX_DSTR], *op;
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:986:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char *str, r[MAX_DSTR], *op;
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:1187:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char string[80];
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:1298:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char format[5];
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:1381:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(format,"%%%dc",i);
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:1406:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char s[MAX_DSTR];
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:1538:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   char str[MAX_DSTR];
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:1569:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   char str[MAX_DSTR], *pmark;
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:1653:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
extract_fromline(char str[MAX_DSTR],int which)
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:1657:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   char r[MAX_DSTR];
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:1780:15:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
              memcpy((char*)d1 + offset, (char*)data + k, data_size);
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:1797:12:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	          memcpy((char*)d1 + offset, (char*)data + k, data_size);
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:1818:16:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	              memcpy((char*)d1 + offset, (char*)data + k, data_size);
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:35:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char    token[MAX_DSTR];
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:83:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char	name[32];
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:421:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char s[10];
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:449:4:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	  sprintf(s, "field%d", i);
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:536:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char name[MAX_MARKER];
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:613:10:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	int k = atoi(p);
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:621:10:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	int k = atoi(p+7);
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:780:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char signedtype[7];
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:788:33:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        if (!strcmp(*p,"byte")) strcpy(signedtype,"ubyte");
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:789:37:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        else if (!strcmp(*p,"int")) strcpy(signedtype,"uint");
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:790:39:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        else if (!strcmp(*p,"short")) strcpy(signedtype,"ushort");
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:803:12:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
           strcpy(signedtype,"sbyte");
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:913:30:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	  _dxd_gi_var[n]->leading = atoi(p);
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:929:28:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	  _dxd_gi_var[n]->width = atoi( p );
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:1071:17:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
  	head->size = atoi(p);
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:1087:17:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
  	head->size = atoi(p);
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:1185:30:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	  _dxd_gi_var[n]->leading = atoi(p);
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:1201:33:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	    _dxd_gi_var[n]->elements = atoi( p );
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:1217:30:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	    _dxd_gi_var[n]->width = atoi( p );
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:1528:28:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      _dxd_gi_dimsize[0] = atoi( p );
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:1597:30:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        _dxd_gi_dimsize[i] = atoi( p );
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:1690:22:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	   _dxd_gi_series = atoi( p );
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:1731:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
parse_marker(char *p, char marker[MAX_MARKER])
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:1731:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
parse_marker(char *p, char marker[MAX_MARKER])
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:2069:24:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
   fromfile->skip[n] = atoi(*p);	/* get the 'skip' value */
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:2083:25:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
   fromfile->width[n] = atoi( *p );
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:2312:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   char str[MAX_DSTR];
data/dx-4.4.4/src/exec/dxmods/glyph.c:35:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char type[30];
data/dx-4.4.4/src/exec/dxmods/glyph.c:52:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char font[100];
data/dx-4.4.4/src/exec/dxmods/glyph.c:61:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char font[100];
data/dx-4.4.4/src/exec/dxmods/glyph.c:70:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char type_string[100], *type;
data/dx-4.4.4/src/exec/dxmods/glyph.c:82:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char font[100];
data/dx-4.4.4/src/exec/dxmods/glyph.c:84:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
  strcpy(font,"fixed");
data/dx-4.4.4/src/exec/dxmods/glyph.c:109:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
  strcpy(type_string,"standard");
data/dx-4.4.4/src/exec/dxmods/glyph.c:162:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(type_string,"standard");
data/dx-4.4.4/src/exec/dxmods/histogram.c:1735:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(invalid, "invalid ");
data/dx-4.4.4/src/exec/dxmods/histogram.c:1843:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(d_ptr, s_ptr, datasize * len);
data/dx-4.4.4/src/exec/dxmods/histogram.c:1873:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(*d_ptr, s_ptr, datasize * len);
data/dx-4.4.4/src/exec/dxmods/histogram.c:1898:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(p, inval, datasize);
data/dx-4.4.4/src/exec/dxmods/histogram.c:1942:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy((char *)dst, (char *)src, sizeof(struct histinfo));
data/dx-4.4.4/src/exec/dxmods/histogram.c:1954:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(dst->md_bins, src->md_bins, src->dim * sizeof(int));
data/dx-4.4.4/src/exec/dxmods/histogram.c:1960:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(dst->md_min, src->md_min, src->dim * sizeof(float));
data/dx-4.4.4/src/exec/dxmods/histogram.c:1966:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(dst->md_max, src->md_max, src->dim * sizeof(float));
data/dx-4.4.4/src/exec/dxmods/histogram.c:1972:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(dst->md_inoutlo, src->md_inoutlo, src->dim * sizeof(int));
data/dx-4.4.4/src/exec/dxmods/histogram.c:1978:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(dst->md_inouthi, src->md_inouthi, src->dim * sizeof(int));
data/dx-4.4.4/src/exec/dxmods/histogram.c:1984:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(dst->md_median, src->md_median, src->dim * sizeof(float));
data/dx-4.4.4/src/exec/dxmods/imagemessage.c:119:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer0[ MAX_MSGLEN ], buffer1[ MAX_MSGLEN ];
data/dx-4.4.4/src/exec/dxmods/imagemessage.c:157:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char * color, cbuf[ 128 ];
data/dx-4.4.4/src/exec/dxmods/imagemessage.c:168:17:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
                sprintf( cbuf, "[%g %g %g]", vec[ 0 ], vec[ 1 ], vec[ 2 ] );
data/dx-4.4.4/src/exec/dxmods/imagemessage.c:191:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf( buffer1, " throttle=%g", throttle );
data/dx-4.4.4/src/exec/dxmods/imagemessage.c:211:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf( buffer1, " recenable=%d", recenable );
data/dx-4.4.4/src/exec/dxmods/imagemessage.c:268:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf( buffer1, " recresolution=%d;", res );
data/dx-4.4.4/src/exec/dxmods/imagemessage.c:286:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf( buffer1, " recaspect=%g;", aspect );
data/dx-4.4.4/src/exec/dxmods/imagemessage.c:305:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf( buffer1, " aaenabled=%d", aaenable );
data/dx-4.4.4/src/exec/dxmods/imagemessage.c:357:17:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
                sprintf( buffer1, " aaticklist={ %d %d %d }",
data/dx-4.4.4/src/exec/dxmods/imagemessage.c:360:17:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
                sprintf( buffer1, " aatick=%d", tics[ 0 ] );
data/dx-4.4.4/src/exec/dxmods/imagemessage.c:413:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf( buffer1, " aacorners={[%g %g %g] [%g %g %g]};",
data/dx-4.4.4/src/exec/dxmods/imagemessage.c:435:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf( buffer1, " aaframe=%d", aaframe );
data/dx-4.4.4/src/exec/dxmods/imagemessage.c:455:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf( buffer1, " aaadjust=%d", aaadjust );
data/dx-4.4.4/src/exec/dxmods/imagemessage.c:475:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf( buffer1, " aacursor=%g,%g,%g",
data/dx-4.4.4/src/exec/dxmods/imagemessage.c:497:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf( buffer1, " aagrid=%d", aagrid );
data/dx-4.4.4/src/exec/dxmods/imagemessage.c:511:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char * colors[ 32 ];
data/dx-4.4.4/src/exec/dxmods/imagemessage.c:561:25:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
                        sprintf( p, " [ %g %g %g ]", foo[ 0 ], foo[ 1 ], foo[ 2 ] );
data/dx-4.4.4/src/exec/dxmods/imagemessage.c:572:25:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
                        sprintf( p, " [ %d %d %d ]", foo[ 0 ], foo[ 1 ], foo[ 2 ] );
data/dx-4.4.4/src/exec/dxmods/imagemessage.c:598:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char * annot[ 32 ];
data/dx-4.4.4/src/exec/dxmods/imagemessage.c:639:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf( buffer1, " aalabelscale=%g", labelscale );
data/dx-4.4.4/src/exec/dxmods/imagemessage.c:675:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buf2[ 128 ];
data/dx-4.4.4/src/exec/dxmods/imagemessage.c:711:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf( buf2, " aaxticklocs=%g", buf[ 0 ] );
data/dx-4.4.4/src/exec/dxmods/imagemessage.c:715:17:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
                sprintf( buf2, ", %g", buf[ i ] );
data/dx-4.4.4/src/exec/dxmods/imagemessage.c:738:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buf2[ 128 ];
data/dx-4.4.4/src/exec/dxmods/imagemessage.c:775:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf( buf2, " aayticklocs=%g", buf[ 0 ] );
data/dx-4.4.4/src/exec/dxmods/imagemessage.c:779:17:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
                sprintf( buf2, ", %g", buf[ i ] );
data/dx-4.4.4/src/exec/dxmods/imagemessage.c:802:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buf2[ 128 ];
data/dx-4.4.4/src/exec/dxmods/imagemessage.c:839:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf( buf2, " aazticklocs=%g", buf[ 0 ] );
data/dx-4.4.4/src/exec/dxmods/imagemessage.c:843:17:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
                sprintf( buf2, ", %g", buf[ i ] );
data/dx-4.4.4/src/exec/dxmods/imagemessage.c:982:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf( buffer1, " recmode=%d", recmode );
data/dx-4.4.4/src/exec/dxmods/imagemessage.c:1039:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf( buffer1, " buden=%d", buden );
data/dx-4.4.4/src/exec/dxmods/imagemessage.c:1058:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf( buffer1, " bdden=%d", bdden );
data/dx-4.4.4/src/exec/dxmods/impCDF.h:36:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char   name[CDF_VAR_NAME_LEN+1];
data/dx-4.4.4/src/exec/dxmods/impCDF.h:37:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char   conn[CDF_VAR_NAME_LEN+1];
data/dx-4.4.4/src/exec/dxmods/import.c:384:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dataset_name[512], numbuf[16];
data/dx-4.4.4/src/exec/dxmods/import.c:468:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char *fieldptr[2];
data/dx-4.4.4/src/exec/dxmods/import.c:471:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(numbuf, ".%d", frno);
data/dx-4.4.4/src/exec/dxmods/import.c:555:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dataset_name[512], numbuf[16];
data/dx-4.4.4/src/exec/dxmods/import.c:556:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char skip[16];
data/dx-4.4.4/src/exec/dxmods/import.c:620:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	   sprintf(skip,"%d",i);
data/dx-4.4.4/src/exec/dxmods/import.c:623:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	   sprintf(skip,"%d",j);
data/dx-4.4.4/src/exec/dxmods/import.c:638:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		sprintf(numbuf, ".%d", frno);
data/dx-4.4.4/src/exec/dxmods/import.c:757:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(tryname, ".dx");
data/dx-4.4.4/src/exec/dxmods/import.c:771:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat(tryname, ".dx");
data/dx-4.4.4/src/exec/dxmods/import.h:60:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *formatlist[10];
data/dx-4.4.4/src/exec/dxmods/import_cdf.c:352:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char msg[CDF_ERRTEXT_LEN+1];
data/dx-4.4.4/src/exec/dxmods/import_cdf.c:557:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char msg[CDF_ERRTEXT_LEN+1];
data/dx-4.4.4/src/exec/dxmods/import_cdf.c:804:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char msg[CDF_ERRTEXT_LEN+1];
data/dx-4.4.4/src/exec/dxmods/import_cdf.c:826:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy((char *)datacm,(char *)data,(vp->size * vp->numbytes));
data/dx-4.4.4/src/exec/dxmods/import_cdf.c:831:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	  memcpy((char *)data+off1+i, (char *)datacm+off1, vp->numbytes);
data/dx-4.4.4/src/exec/dxmods/import_cdf.c:856:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char msg[CDF_ERRTEXT_LEN+1], *datadir = NULL, *cp; 
data/dx-4.4.4/src/exec/dxmods/import_cdf.c:972:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy((char*)des, (char*)src, vpdata->size*vpdata->numbytes);
data/dx-4.4.4/src/exec/dxmods/import_cdf.c:981:15:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
              memcpy((char*)des + offset, (char*)src + k, vpdata->numbytes);
data/dx-4.4.4/src/exec/dxmods/import_cdf.c:999:12:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	          memcpy((char*)des + offset, (char*)src + k, 
data/dx-4.4.4/src/exec/dxmods/import_cdf.c:1021:16:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	              memcpy((char*)des + offset, (char*)src + k, 
data/dx-4.4.4/src/exec/dxmods/import_cdf.c:1064:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	  memcpy((char*)tmparr, (char*)data, vpdata->size*vpdata->numbytes);
data/dx-4.4.4/src/exec/dxmods/import_cdf.c:1067:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	  memcpy((char*)data, (char*)tmparr+off1, off2);
data/dx-4.4.4/src/exec/dxmods/import_cdf.c:1068:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	  memcpy((char*)data+off2, (char*)tmparr, off1);
data/dx-4.4.4/src/exec/dxmods/import_cdf.c:1078:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	  memcpy((char*)tmparr, (char*)data, vpdata->size*vpdata->numbytes);
data/dx-4.4.4/src/exec/dxmods/import_cdf.c:1082:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	  memcpy((char*)data, (char*)tmparr+off1, off2);
data/dx-4.4.4/src/exec/dxmods/import_cdf.c:1083:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	  memcpy((char*)data+off2, (char*)tmparr, off1);
data/dx-4.4.4/src/exec/dxmods/import_cdf.c:1090:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	  memcpy((char*)tmparr, (char*)data, vpdata->size*vpdata->numbytes);
data/dx-4.4.4/src/exec/dxmods/import_cdf.c:1097:8:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	      memcpy((char*)data+tempi1, (char*)tmparr+off1+tempi1, off2);
data/dx-4.4.4/src/exec/dxmods/import_cdf.c:1098:8:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	      memcpy((char*)data+off2+tempi1, (char*)tmparr+tempi1, off1);
data/dx-4.4.4/src/exec/dxmods/import_cdf.c:1110:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	  memcpy((char*)tmparr, (char*)data, vpdata->size*vpdata->numbytes);
data/dx-4.4.4/src/exec/dxmods/import_cdf.c:1115:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	  memcpy((char*)data, (char*)tmparr+off1, off2);
data/dx-4.4.4/src/exec/dxmods/import_cdf.c:1116:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	  memcpy((char*)data+off2, (char*)tmparr, off1);
data/dx-4.4.4/src/exec/dxmods/import_cdf.c:1123:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	  memcpy((char*)tmparr, (char*)data, vpdata->size*vpdata->numbytes);
data/dx-4.4.4/src/exec/dxmods/import_cdf.c:1131:8:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	      memcpy((char*)data+tempi1, (char*)tmparr+off1+tempi1, off2);
data/dx-4.4.4/src/exec/dxmods/import_cdf.c:1132:8:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	      memcpy((char*)data+off2+tempi1, (char*)tmparr+tempi1, off1);
data/dx-4.4.4/src/exec/dxmods/import_cdf.c:1141:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	  memcpy((char*)tmparr, (char*)data, vpdata->size*vpdata->numbytes);
data/dx-4.4.4/src/exec/dxmods/import_cdf.c:1150:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		  memcpy((char*)data+tempi1, (char*)tmparr+off1+tempi1, off2);
data/dx-4.4.4/src/exec/dxmods/import_cdf.c:1151:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		  memcpy((char*)data+off2+tempi1, (char*)tmparr+tempi1, off1);
data/dx-4.4.4/src/exec/dxmods/import_cdf.c:1181:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   char msg[CDF_ERRTEXT_LEN+1],aname[CDF_ATTR_NAME_LEN+1];
data/dx-4.4.4/src/exec/dxmods/import_cdf.c:1577:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy((char*)mydata2, (char*)mydata, sizeof(float)*size);
data/dx-4.4.4/src/exec/dxmods/import_cdf.c:1580:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy((char*)mydata, (char*)mydata2+off1, off2);
data/dx-4.4.4/src/exec/dxmods/import_cdf.c:1581:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy((char*)mydata+off2, (char*)mydata2, off1);
data/dx-4.4.4/src/exec/dxmods/import_cdf.c:1638:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char msg[CDF_ERRTEXT_LEN+1];
data/dx-4.4.4/src/exec/dxmods/import_cdf.c:1791:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char msg[CDF_ERRTEXT_LEN+1];
data/dx-4.4.4/src/exec/dxmods/import_hdf.c:112:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy(str, "points");
data/dx-4.4.4/src/exec/dxmods/import_hdf.c:115:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy(str, "lines");
data/dx-4.4.4/src/exec/dxmods/import_hdf.c:118:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy(str, "quads");
data/dx-4.4.4/src/exec/dxmods/import_hdf.c:121:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy(str, "cubes");
data/dx-4.4.4/src/exec/dxmods/import_hdf.c:124:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(str, "cubes%dD", num);
data/dx-4.4.4/src/exec/dxmods/import_hdf.c:138:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char et[32];
data/dx-4.4.4/src/exec/dxmods/import_hdf.c:139:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char pathname[MAXLEN];
data/dx-4.4.4/src/exec/dxmods/import_hdf.c:142:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char label[MAXLEN]="", unit[MAXLEN], format[MAXLEN], coordsys[MAXLEN];
data/dx-4.4.4/src/exec/dxmods/import_hdf.c:161:9:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	skip = atoi(fieldname);
data/dx-4.4.4/src/exec/dxmods/import_hdf.c:283:48:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	       "can't skip %d datasets in this file", atoi(fieldname));
data/dx-4.4.4/src/exec/dxmods/import_hdf.c:433:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char pathname[MAXLEN];
data/dx-4.4.4/src/exec/dxmods/import_hdf.c:446:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char pathname[MAXLEN];
data/dx-4.4.4/src/exec/dxmods/import_hdf.c:462:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char pathname[MAXLEN];
data/dx-4.4.4/src/exec/dxmods/import_hdf.c:463:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char label[MAXLEN]="", unit[MAXLEN], format[MAXLEN], coordsys[MAXLEN];
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:103:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char name[MAXCOMPNAME];
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:105:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char cdfname[MAX_FILENAME_LEN];
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:125:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char stringattr[MAXNAME];
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:382:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat(fname, ".nc");
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:417:6:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	    strcat(fname, ".nc");
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:496:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(fname, ".nc");
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:513:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat(fname, ".nc");
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:542:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char stringattr[MAXNAME], *cp, *s[MAXATTRSTR], **lp, *attrtext=NULL;
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:543:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *subv[2];
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:1089:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char stringattr[MAXNAME], *cp, *s[MAXATTRSTR];
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:1167:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(sp1+strlen(sp1), ", position %g;", nvp->position);
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:1229:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy(sp1, "name:");
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:1235:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy(sp1, "name:");
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:1237:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat(sp1, ";contype:tetras;");
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:1238:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat(sp1, "datatype: float;\tdatacat:real;");
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:1239:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat(sp1, "datarank:1; datashape:3;");
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:1240:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat(sp1, "  datacount:37000;\n");
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:1241:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat(sp1, "metahistory:original data;");
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:1242:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat(sp1, "metadesc:3-D seismic data from mars;");
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:1515:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *cp, *s[MAXATTRSTR];
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:1516:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char savename[MAXCOMPNAME];
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:1638:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char stringattr[MAXNAME];
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:1697:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *cp, *s[MAXATTRSTR];
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:2361:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *s[MAXATTRSTR];
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:2446:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *cp, *s[MAXATTRSTR];
data/dx-4.4.4/src/exec/dxmods/import_ss.c:41:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char    token[MAX_DSTR];
data/dx-4.4.4/src/exec/dxmods/import_ss.c:52:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char delimiter[4];
data/dx-4.4.4/src/exec/dxmods/import_ss.c:65:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char name[MAX_STRING]; /* name of component	*/
data/dx-4.4.4/src/exec/dxmods/import_ss.c:124:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(fs.delimiter," \n\r");
data/dx-4.4.4/src/exec/dxmods/import_ss.c:129:3:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	 strcat(fs.delimiter,"\n\r");
data/dx-4.4.4/src/exec/dxmods/import_ss.c:596:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char name[10];
data/dx-4.4.4/src/exec/dxmods/import_ss.c:607:4:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	  sprintf(name,"column%d",i);
data/dx-4.4.4/src/exec/dxmods/import_ss.c:639:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(ds[i]->name,"column%d",i);
data/dx-4.4.4/src/exec/dxmods/import_ss.c:679:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char inv_string[MAX_STRING];
data/dx-4.4.4/src/exec/dxmods/import_ss.c:807:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char inv_name[MAX_STRING];
data/dx-4.4.4/src/exec/dxmods/import_ss.c:1302:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char str[MAX_DSTR];
data/dx-4.4.4/src/exec/dxmods/import_ss.c:1335:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char string[250];
data/dx-4.4.4/src/exec/dxmods/import_ss.c:1336:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char percent[1];
data/dx-4.4.4/src/exec/dxmods/import_ss.c:1407:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char string[MAX_STRING];
data/dx-4.4.4/src/exec/dxmods/import_ss.c:1452:4:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	  sprintf(string,"%d",d[i]);
data/dx-4.4.4/src/exec/dxmods/import_ss.c:1461:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(string,"%g",f[i]);
data/dx-4.4.4/src/exec/dxmods/include.c:379:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char inv_attr[64];   /* at least long enough for "invalid xxx" */
data/dx-4.4.4/src/exec/dxmods/include.c:432:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
		strcpy(inv_attr, "invalid connections");
data/dx-4.4.4/src/exec/dxmods/include.c:434:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
		strcpy(inv_attr, "invalid faces");
data/dx-4.4.4/src/exec/dxmods/include.c:436:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
		strcpy(inv_attr, "invalid polylines");
data/dx-4.4.4/src/exec/dxmods/include.c:438:6:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	    strcpy(inv_attr, "invalid positions");
data/dx-4.4.4/src/exec/dxmods/include.c:450:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy(inv_attr, "invalid connections");
data/dx-4.4.4/src/exec/dxmods/inquire.c:272:9:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    n = atoi(cn);
data/dx-4.4.4/src/exec/dxmods/inquire.c:294:9:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    n = atoi(cn);
data/dx-4.4.4/src/exec/dxmods/inquire.c:317:9:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    n = atoi(cn);
data/dx-4.4.4/src/exec/dxmods/inquire.c:351:9:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    n = atoi(cn);
data/dx-4.4.4/src/exec/dxmods/inquire.c:383:9:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    n = atoi(cn);
data/dx-4.4.4/src/exec/dxmods/inquire.c:421:9:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    n = atoi(cn);
data/dx-4.4.4/src/exec/dxmods/inquire.c:1510:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(invalid, "invalid ");
data/dx-4.4.4/src/exec/dxmods/inquire.c:1573:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char con_name[64];
data/dx-4.4.4/src/exec/dxmods/inquire.c:1575:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char con_total[64];
data/dx-4.4.4/src/exec/dxmods/inquire.c:2154:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char question[MAXQLEN];
data/dx-4.4.4/src/exec/dxmods/inquire.c:2157:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char yesvalue[MAXVLEN];
data/dx-4.4.4/src/exec/dxmods/inquire.c:2161:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char objvalue[MAXVLEN];
data/dx-4.4.4/src/exec/dxmods/inquire.c:2448:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char userquestion[MAXQLEN], *qp;
data/dx-4.4.4/src/exec/dxmods/integer.c:339:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
     sprintf(ei.mp, "min="); while(*ei.mp) ei.mp++;
data/dx-4.4.4/src/exec/dxmods/integer.c:344:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
     sprintf(ei.mp, "max="); while(*ei.mp) ei.mp++;
data/dx-4.4.4/src/exec/dxmods/integer.c:349:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
     sprintf(ei.mp, "delta="); while(*ei.mp) ei.mp++;
data/dx-4.4.4/src/exec/dxmods/integer.c:355:10:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
         sprintf(ei.mp, "list="); while(*ei.mp) ei.mp++;
data/dx-4.4.4/src/exec/dxmods/integer.c:358:12:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
     else{ sprintf(ei.mp, "value="); while(*ei.mp) ei.mp++;}
data/dx-4.4.4/src/exec/dxmods/integer.c:365:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(ei.mp, "label="); while(*ei.mp) ei.mp++;
data/dx-4.4.4/src/exec/dxmods/integer.c:370:29:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      if (method==ABSOLUTE) sprintf(ei.mp, "method=\"absolute\"");
data/dx-4.4.4/src/exec/dxmods/integer.c:371:32:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      else if(method==PERCENT) sprintf(ei.mp, "method=\"relative\"");
data/dx-4.4.4/src/exec/dxmods/integer.c:372:12:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      else sprintf(ei.mp, "method=\"rounded\"");
data/dx-4.4.4/src/exec/dxmods/integer.c:376:32:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      if(start==START_MINIMUM) sprintf(ei.mp, "start=\"minimum\"");
data/dx-4.4.4/src/exec/dxmods/integer.c:377:38:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      else if(start==START_MIDPOINT) sprintf(ei.mp, "start=\"midpoint\"");
data/dx-4.4.4/src/exec/dxmods/integer.c:378:12:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      else sprintf(ei.mp, "start=\"maximum\"");
data/dx-4.4.4/src/exec/dxmods/isolate.c:542:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		    memcpy(depPCompA[k].new_data,
data/dx-4.4.4/src/exec/dxmods/isolate.c:546:10:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		      (char *)depPCompA[k].new_data + depPCompA[k].iSize;
data/dx-4.4.4/src/exec/dxmods/isolate.c:577:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		    memcpy(depPCompA[k].new_data,
data/dx-4.4.4/src/exec/dxmods/isolate.c:581:10:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		      (char *)depPCompA[k].new_data + depPCompA[k].iSize;
data/dx-4.4.4/src/exec/dxmods/keyin.c:75:10:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    fh = open("/dev/tty", 2);
data/dx-4.4.4/src/exec/dxmods/lookup.c:233:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char value_str[ 200 ];
data/dx-4.4.4/src/exec/dxmods/lookup.c:476:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy( look.lookup, look.data, sizeof( catinfo ) );
data/dx-4.4.4/src/exec/dxmods/lookup.c:510:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy( look.dest, look.value, sizeof( catinfo ) );
data/dx-4.4.4/src/exec/dxmods/lookup.c:700:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy( t, s, size );
data/dx-4.4.4/src/exec/dxmods/lookup.c:711:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy( t, s, size );
data/dx-4.4.4/src/exec/dxmods/lookup.c:821:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy( v, ( char * ) found->value, size );
data/dx-4.4.4/src/exec/dxmods/lookup.c:825:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy( v, ( char * ) l->nfValue, l->nfLen );
data/dx-4.4.4/src/exec/dxmods/lookup.c:839:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy( v, ( char * ) ( &( ( ( char * ) ( l->value->comp_data ) ) [ n * size ] ) ), size );
data/dx-4.4.4/src/exec/dxmods/lookup.c:843:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                memcpy( v, ( char * ) l->nfValue, l->nfLen );
data/dx-4.4.4/src/exec/dxmods/map.c:52:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char	srcComponent[COMPONENT_LENGTH];
data/dx-4.4.4/src/exec/dxmods/map.c:53:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char	dstComponent[COMPONENT_LENGTH];
data/dx-4.4.4/src/exec/dxmods/measure.c:613:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(delta, delta+(i*nDim), nDim*sizeof(float));
data/dx-4.4.4/src/exec/dxmods/measure.c:1344:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&hElt.point, pPtr, sizeof(Vector));				       \
data/dx-4.4.4/src/exec/dxmods/measure.c:1359:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&hElt.point[0], pPtr, 2*sizeof(float));			       \
data/dx-4.4.4/src/exec/dxmods/measure.c:1463:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(points+hPtr->cindex, &hPtr->point, sizeof(Vector));
data/dx-4.4.4/src/exec/dxmods/measure.c:1919:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(points+(hPtr->cindex*nDim), &hPtr->point, nDim*sizeof(float));
data/dx-4.4.4/src/exec/dxmods/parse.c:121:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	if (((char *)tempcontrol)[0] != '\0') {
data/dx-4.4.4/src/exec/dxmods/parse.c:125:6:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	    strcat(tcp, "%n");
data/dx-4.4.4/src/exec/dxmods/parse.c:163:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	if (((char *)tempcontrol)[0] == '\0') {
data/dx-4.4.4/src/exec/dxmods/parse.c:172:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat(tcp, "%n");
data/dx-4.4.4/src/exec/dxmods/partition.c:975:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(dstData, srcData+size*(*refs), size);
data/dx-4.4.4/src/exec/dxmods/pick.c:898:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(pathDst, pathSrc+picks->index, picks->pathlen*sizeof(int));
data/dx-4.4.4/src/exec/dxmods/pick.c:3407:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy((char *)outPoints, (char *)(inPoints+3*poke), 3*sizeof(float));
data/dx-4.4.4/src/exec/dxmods/pick.c:3413:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy((char *)outPaths, (char *)(inPaths+pick), psz*sizeof(int));
data/dx-4.4.4/src/exec/dxmods/pick.c:3424:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy((char *)outWeights, (char *)wts, wsz);
data/dx-4.4.4/src/exec/dxmods/pick.c:3702:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		    memcpy(dstD, srcD, itemSize);
data/dx-4.4.4/src/exec/dxmods/pie.c:68:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buf[2048];                                                \
data/dx-4.4.4/src/exec/dxmods/pie.c:632:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(stringlabel, "%6.2f %%", percentarray[i]/3.6);
data/dx-4.4.4/src/exec/dxmods/plot.c:124:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char nullstring[11] = "NULLSTRING";
data/dx-4.4.4/src/exec/dxmods/plot.c:173:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char ptypex[30], ptypey[30], ptypey2[30];
data/dx-4.4.4/src/exec/dxmods/plot.c:174:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char marker[30], plotlabel[60];
data/dx-4.4.4/src/exec/dxmods/plot.c:421:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(ptypex, "log");
data/dx-4.4.4/src/exec/dxmods/plot.c:423:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(ptypex, "lin");
data/dx-4.4.4/src/exec/dxmods/plot.c:426:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(ptypey, "log");
data/dx-4.4.4/src/exec/dxmods/plot.c:428:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(ptypey, "lin");
data/dx-4.4.4/src/exec/dxmods/plot.c:603:13:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
            strcpy(ptypey2, "log");
data/dx-4.4.4/src/exec/dxmods/plot.c:605:13:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
            strcpy(ptypey2, "lin");
data/dx-4.4.4/src/exec/dxmods/plot.c:1725:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char depatt[30];
data/dx-4.4.4/src/exec/dxmods/plot.c:1990:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char coldepatt[30];
data/dx-4.4.4/src/exec/dxmods/programctl.c:40:37:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      if (!DXExtractInteger(in[0], &open))
data/dx-4.4.4/src/exec/dxmods/programctl.c:45:12:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      if ((open != 0)&&(open != 1))
data/dx-4.4.4/src/exec/dxmods/programctl.c:45:25:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      if ((open != 0)&&(open != 1))
data/dx-4.4.4/src/exec/dxmods/programctl.c:52:7:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if (open) 
data/dx-4.4.4/src/exec/dxmods/programctl.c:132:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buf[20];
data/dx-4.4.4/src/exec/dxmods/programctl.c:180:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf, "execute once");
data/dx-4.4.4/src/exec/dxmods/programctl.c:182:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf, "execute onchange");
data/dx-4.4.4/src/exec/dxmods/programctl.c:184:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf, "execute end");
data/dx-4.4.4/src/exec/dxmods/programctl.c:215:13:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  int i, j, open, nummaps, numflags, num_in_open_list;
data/dx-4.4.4/src/exec/dxmods/programctl.c:218:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char messageid[20];
data/dx-4.4.4/src/exec/dxmods/programctl.c:228:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
  sprintf(messageid,"default");
data/dx-4.4.4/src/exec/dxmods/programctl.c:266:31:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	    DXExtractInteger(in[1], &open);
data/dx-4.4.4/src/exec/dxmods/programctl.c:318:8:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	  if (open)
data/dx-4.4.4/src/exec/dxmods/programctl.c:331:23:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
                      sprintf(messageid,"%i", j);
data/dx-4.4.4/src/exec/dxmods/programctl.c:339:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		    sprintf(buf, "open colormapEditor");
data/dx-4.4.4/src/exec/dxmods/programctl.c:341:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		    sprintf(buf, "open image");
data/dx-4.4.4/src/exec/dxmods/programctl.c:343:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		    sprintf(buf, "open controlpanel");
data/dx-4.4.4/src/exec/dxmods/programctl.c:361:23:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
                      sprintf(messageid,"%d",j);
data/dx-4.4.4/src/exec/dxmods/programctl.c:369:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		    sprintf(buf, "close colormapEditor");
data/dx-4.4.4/src/exec/dxmods/programctl.c:371:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		    sprintf(buf, "close image");
data/dx-4.4.4/src/exec/dxmods/programctl.c:373:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		    sprintf(buf, "close controlpanel");
data/dx-4.4.4/src/exec/dxmods/programctl.c:385:12:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	      if (open)
data/dx-4.4.4/src/exec/dxmods/programctl.c:403:15:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
              sprintf(messageid,"%d",j);
data/dx-4.4.4/src/exec/dxmods/programctl.c:428:8:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	  if (open)
data/dx-4.4.4/src/exec/dxmods/programctl.c:446:4:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	  sprintf(messageid,"%d",i);
data/dx-4.4.4/src/exec/dxmods/programctl.c:485:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char messageid[20];
data/dx-4.4.4/src/exec/dxmods/programctl.c:487:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
  sprintf(messageid,"default");
data/dx-4.4.4/src/exec/dxmods/readimage.c:97:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char      basename[MAX_IMAGE_NAMELEN], *fb_name;
data/dx-4.4.4/src/exec/dxmods/readimage.c:98:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char      originalname[MAX_IMAGE_NAMELEN];
data/dx-4.4.4/src/exec/dxmods/readimage.c:99:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char      imagefilename[MAX_IMAGE_NAMELEN];
data/dx-4.4.4/src/exec/dxmods/readimage.c:100:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char      sizefilename[MAX_IMAGE_NAMELEN];
data/dx-4.4.4/src/exec/dxmods/readimage.c:105:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char      user_path[MAX_IMAGE_PATHLEN];
data/dx-4.4.4/src/exec/dxmods/readimage.c:106:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char      user_basename[MAX_IMAGE_NAMELEN];
data/dx-4.4.4/src/exec/dxmods/readimage.c:107:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char      extension[40];
data/dx-4.4.4/src/exec/dxmods/readimage.c:125:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char name[MAX_IMAGE_NAMELEN];
data/dx-4.4.4/src/exec/dxmods/readimage.c:134:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char name[MAX_IMAGE_NAMELEN];
data/dx-4.4.4/src/exec/dxmods/readimage.c:143:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char name[MAX_IMAGE_NAMELEN];
data/dx-4.4.4/src/exec/dxmods/readimage.c:152:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char name[MAX_IMAGE_NAMELEN];
data/dx-4.4.4/src/exec/dxmods/readimage.c:243:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(originalname,"image");
data/dx-4.4.4/src/exec/dxmods/readimage.c:447:10:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
        	strcat(sizefilename,".size");
data/dx-4.4.4/src/exec/dxmods/readimage.c:478:25:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
		    got_file = ((fd = open(gifopts.name, O_RDONLY)) != -1);
data/dx-4.4.4/src/exec/dxmods/readimage.c:519:25:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
		    got_file = ((fd = open(tiffopts.name, O_RDONLY)) != -1);
data/dx-4.4.4/src/exec/dxmods/readimage.c:553:25:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
		    got_file = ((fd = open(miffopts.name, O_RDONLY)) != -1);
data/dx-4.4.4/src/exec/dxmods/readimage.c:593:25:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
		    got_file = ((fd = open(imopts.name, O_RDONLY)) != -1);
data/dx-4.4.4/src/exec/dxmods/readimage.c:713:18:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	} while ( ((i = open(imagefilename, O_RDONLY)) <0)
data/dx-4.4.4/src/exec/dxmods/readimage.c:774:8:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
		fd = open(imagefilename,O_RDONLY); 
data/dx-4.4.4/src/exec/dxmods/readimage.c:1371:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    memcpy(op, ip, 3*width);
data/dx-4.4.4/src/exec/dxmods/reduce.c:385:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   *name, *components[64];
data/dx-4.4.4/src/exec/dxmods/reorient.c:118:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy((char *)&nt, (char *)t, sizeof(Rtaskarg));
data/dx-4.4.4/src/exec/dxmods/scalar.c:338:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
     sprintf(ei.mp, "min="); while(*ei.mp) ei.mp++;
data/dx-4.4.4/src/exec/dxmods/scalar.c:343:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
     sprintf(ei.mp, "max="); while(*ei.mp) ei.mp++;
data/dx-4.4.4/src/exec/dxmods/scalar.c:348:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
     sprintf(ei.mp, "delta="); while(*ei.mp) ei.mp++;
data/dx-4.4.4/src/exec/dxmods/scalar.c:353:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
     sprintf(ei.mp, "decimals="); while(*ei.mp) ei.mp++;
data/dx-4.4.4/src/exec/dxmods/scalar.c:359:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(ei.mp, "list="); while(*ei.mp) ei.mp++;
data/dx-4.4.4/src/exec/dxmods/scalar.c:362:12:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
     else{ sprintf(ei.mp, "value="); while(*ei.mp) ei.mp++;}
data/dx-4.4.4/src/exec/dxmods/scalar.c:368:29:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      if (method==ABSOLUTE) sprintf(ei.mp, "method=\"absolute\"");
data/dx-4.4.4/src/exec/dxmods/scalar.c:369:32:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      else if(method==PERCENT) sprintf(ei.mp, "method=\"relative\"");
data/dx-4.4.4/src/exec/dxmods/scalar.c:370:12:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      else sprintf(ei.mp, "method=\"rounded\"");
data/dx-4.4.4/src/exec/dxmods/scalar.c:374:32:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      if(start==START_MINIMUM) sprintf(ei.mp, "start=\"minimum\"");
data/dx-4.4.4/src/exec/dxmods/scalar.c:375:38:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      else if(start==START_MIDPOINT) sprintf(ei.mp, "start=\"midpoint\"");
data/dx-4.4.4/src/exec/dxmods/scalar.c:376:12:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      else sprintf(ei.mp, "start=\"maximum\"");
data/dx-4.4.4/src/exec/dxmods/scalar.c:381:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(ei.mp, " label=");  while(*ei.mp) ei.mp++;
data/dx-4.4.4/src/exec/dxmods/select.c:990:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(namelist, cp, namlen*count);
data/dx-4.4.4/src/exec/dxmods/selector.c:210:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
     sprintf(ei.mp,"string list=");
data/dx-4.4.4/src/exec/dxmods/selector.c:220:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
     sprintf(ei.mp," value list=");
data/dx-4.4.4/src/exec/dxmods/selector.c:231:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
     sprintf(ei.mp," index=%d",index);
data/dx-4.4.4/src/exec/dxmods/selector.c:234:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
     sprintf(ei.mp," index=");
data/dx-4.4.4/src/exec/dxmods/selector.c:241:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	 sprintf(ei.mp,"%d ",matched_indices[i]);
data/dx-4.4.4/src/exec/dxmods/selector.c:287:10:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
         sprintf(ei.mp,"string list=\"on\" "); while(*ei.mp) ei.mp++;
data/dx-4.4.4/src/exec/dxmods/selector.c:288:10:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
         sprintf(ei.mp,"value list= 1 "); while(*ei.mp) ei.mp++;
data/dx-4.4.4/src/exec/dxmods/selector.c:289:10:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
         sprintf(ei.mp,"index= 0"); while(*ei.mp) ei.mp++;
data/dx-4.4.4/src/exec/dxmods/selector.c:296:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(ei.mp, " label=");  while(*ei.mp) ei.mp++;
data/dx-4.4.4/src/exec/dxmods/selector.c:356:10:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
         sprintf(cp[i],"position=%g",position);
data/dx-4.4.4/src/exec/dxmods/selector.c:470:15:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
              sprintf(cp[i],"member %d",i);
data/dx-4.4.4/src/exec/dxmods/selector.c:537:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(outval,(void *)((byte *)old +bytsize*i),(size_t)bytsize);
data/dx-4.4.4/src/exec/dxmods/selector.c:644:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(ep->mp,"{}");
data/dx-4.4.4/src/exec/dxmods/selector.c:663:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
     memcpy(outval,(void *)((byte *)p +bytsize*index),(size_t)bytsize);
data/dx-4.4.4/src/exec/dxmods/selector.c:669:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(dest,src,(size_t)bytsize);
data/dx-4.4.4/src/exec/dxmods/separate.c:43:4:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
   strcat(cache_label,"_array");
data/dx-4.4.4/src/exec/dxmods/separate.c:93:4:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
   strcat(cache_label,"_label");
data/dx-4.4.4/src/exec/dxmods/separate.c:209:10:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
         sprintf(ep->mp,"%d ",((int *)dp)[offset]); while(*ep->mp) ep->mp++;
data/dx-4.4.4/src/exec/dxmods/separate.c:215:10:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
         sprintf(ep->mp,"%.8g ",((float *)dp)[offset]);while(*ep->mp) ep->mp++;
data/dx-4.4.4/src/exec/dxmods/separate.c:225:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	   c = ((char *)dp)[offset];
data/dx-4.4.4/src/exec/dxmods/separate.c:227:19:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	      case '%':  sprintf(ep->mp,"%%%%");   break; /* the printf conversion char */
data/dx-4.4.4/src/exec/dxmods/separate.c:229:19:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	      case '\a': sprintf(ep->mp,"\\a");  break; /* attention (bell) */
data/dx-4.4.4/src/exec/dxmods/separate.c:231:19:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	      case '\b': sprintf(ep->mp,"\\b");  break; /* backspace */
data/dx-4.4.4/src/exec/dxmods/separate.c:232:19:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	      case '\f': sprintf(ep->mp,"\\f");  break; /* formfeed */
data/dx-4.4.4/src/exec/dxmods/separate.c:233:19:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	      case '\n': sprintf(ep->mp,"\\n");  break; /* newline */
data/dx-4.4.4/src/exec/dxmods/separate.c:234:19:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	      case '\r': sprintf(ep->mp,"\\r");  break; /* carriage return */
data/dx-4.4.4/src/exec/dxmods/separate.c:235:19:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	      case '\t': sprintf(ep->mp,"\\t");  break; /* horizontal tab */
data/dx-4.4.4/src/exec/dxmods/separate.c:236:19:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	      case '\v': sprintf(ep->mp,"\\v");  break; /* vertical tab */
data/dx-4.4.4/src/exec/dxmods/separate.c:237:19:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	      case '\\': sprintf(ep->mp,"\\\\"); break; /* backslash */
data/dx-4.4.4/src/exec/dxmods/separate.c:238:19:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	      case '"':  sprintf(ep->mp,"\\\""); break; /* double quote */
data/dx-4.4.4/src/exec/dxmods/separate.c:241:4:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		 sprintf(ep->mp,"%c",c);
data/dx-4.4.4/src/exec/dxmods/separate.c:277:4:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
   strcat(cache_label,"_object");
data/dx-4.4.4/src/exec/dxmods/separate.c:328:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   char fmt[20];
data/dx-4.4.4/src/exec/dxmods/sequencer.c:192:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(ei.mp, "min="); while(*ei.mp) ei.mp++;
data/dx-4.4.4/src/exec/dxmods/sequencer.c:197:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(ei.mp, "max="); while(*ei.mp) ei.mp++;
data/dx-4.4.4/src/exec/dxmods/sequencer.c:202:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(ei.mp, "delta="); while(*ei.mp) ei.mp++;
data/dx-4.4.4/src/exec/dxmods/sequencer.c:206:4:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
   sprintf(ei.mp, "frame="); while(*ei.mp) ei.mp++;
data/dx-4.4.4/src/exec/dxmods/simplesurf.c:451:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char      the_message[256];
data/dx-4.4.4/src/exec/dxmods/simplesurf.c:453:10:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  static char *in_name[8] = {"\"original_surface\"",  "\"max_error\"",
data/dx-4.4.4/src/exec/dxmods/simplesurf.c:1233:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      static char *element_type[5] = {"","","", "triangles", "quads"};
data/dx-4.4.4/src/exec/dxmods/simplesurf.h:1423:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(a_triangle[1], simp_data->vert[(vstar)[(i)]],   sizeof(Vertex));      \
data/dx-4.4.4/src/exec/dxmods/simplesurf.h:1424:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(a_triangle[2], simp_data->vert[(vstar)[(i)+1]], sizeof(Vertex));}
data/dx-4.4.4/src/exec/dxmods/simplesurf.h:1455:10:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
         memcpy((data)->vx_data + (v) * (data)->data_dim, (data)->vx_data_potential_values,             \
data/dx-4.4.4/src/exec/dxmods/slab.c:541:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy((char *)&a2, (char *)a, sizeof(struct argblk));
data/dx-4.4.4/src/exec/dxmods/slab.c:564:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy((char *)&a2, (char *)a, sizeof(struct argblk));
data/dx-4.4.4/src/exec/dxmods/slice.c:509:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy((char *)&a2, (char *)a, sizeof(struct argblk));
data/dx-4.4.4/src/exec/dxmods/slice.c:532:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy((char *)&a2, (char *)a, sizeof(struct argblk));
data/dx-4.4.4/src/exec/dxmods/slice.c:1139:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    memcpy(np, op, itemsize);
data/dx-4.4.4/src/exec/dxmods/slice.c:1383:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    memcpy(origins, DXGetConstantArrayData(a), DXGetItemSize(a));
data/dx-4.4.4/src/exec/dxmods/socketconnect.c:155:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(s.usrv.sun_path,"/tmp/.DX-unix/DX%d", port);
data/dx-4.4.4/src/exec/dxmods/sort.c:548:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(dPtr, sPtr+(indices[i]*size), size);
data/dx-4.4.4/src/exec/dxmods/stack.c:748:6:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	    strcpy(si->compname[si->compcount], "invalid positions");
data/dx-4.4.4/src/exec/dxmods/stack.c:756:6:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	    strcpy(si->compname[si->compcount], "invalid connections");
data/dx-4.4.4/src/exec/dxmods/streakline.c:1401:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	     memcpy(dst, src, itemSize);
data/dx-4.4.4/src/exec/dxmods/streakline.c:1415:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	     memcpy(dst, src, itemSize);
data/dx-4.4.4/src/exec/dxmods/streakline.c:2443:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(l, ptr, size);
data/dx-4.4.4/src/exec/dxmods/streamline.c:943:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	     memcpy(dst, src, itemSize);
data/dx-4.4.4/src/exec/dxmods/streamline.c:957:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	     memcpy(dst, src, itemSize);
data/dx-4.4.4/src/exec/dxmods/stringlegend.c:48:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char extralabel[80];
data/dx-4.4.4/src/exec/dxmods/superstate.c:52:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char old[256], new[256];
data/dx-4.4.4/src/exec/dxmods/superstate.c:75:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char oTag[512], nTag[512];
data/dx-4.4.4/src/exec/dxmods/superwin.c:214:10:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	depth = atoi(getenv("DX_WINDOW_DEPTH"));
data/dx-4.4.4/src/exec/dxmods/superwin.c:343:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[1024];
data/dx-4.4.4/src/exec/dxmods/superwin.c:475:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char buf[1024];
data/dx-4.4.4/src/exec/dxmods/superwinX.c:119:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[32];
data/dx-4.4.4/src/exec/dxmods/system.c:27:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *p[MAX_CMD_ARGS];
data/dx-4.4.4/src/exec/dxmods/toggle.c:97:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(ei.mp, "label="); while(*ei.mp) ei.mp++;
data/dx-4.4.4/src/exec/dxmods/tracevisual.c:88:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char title[128];		/* window title */
data/dx-4.4.4/src/exec/dxmods/tracevisual.c:183:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
		strcpy(d_small->title, "DX Small Arena Memory");
data/dx-4.4.4/src/exec/dxmods/tracevisual.c:218:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
		strcpy(d_large->title, "DX Large Arena Memory");
data/dx-4.4.4/src/exec/dxmods/tracevisual.c:280:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(d_local[i]->title, "DX Local Arena Memory, Processor %d", i);
data/dx-4.4.4/src/exec/dxmods/tracevisual.c:337:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(d->title + strlen(d->title), " (1 square = %d bytes)", 
data/dx-4.4.4/src/exec/dxmods/tracevisual.c:371:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(cp, "= %d bytes)", d->bytes_vp);
data/dx-4.4.4/src/exec/dxmods/tracevisual.c:751:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[ERRSIZE];
data/dx-4.4.4/src/exec/dxmods/transform.c:94:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy((char *)m, (char *)p, items * sizeof(float));
data/dx-4.4.4/src/exec/dxmods/transpose.c:486:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		    memcpy((char *)np + dims[j]*typesize, 
data/dx-4.4.4/src/exec/dxmods/transpose.c:506:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    memcpy((char *)np + dims[j]*typesize, 
data/dx-4.4.4/src/exec/dxmods/vector.c:495:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(ei.mp,"dim="); while(*ei.mp) ei.mp++;
data/dx-4.4.4/src/exec/dxmods/vector.c:501:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
     sprintf(ei.mp,"min="); while(*ei.mp) ei.mp++;
data/dx-4.4.4/src/exec/dxmods/vector.c:506:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
     sprintf(ei.mp, "max="); while(*ei.mp) ei.mp++;
data/dx-4.4.4/src/exec/dxmods/vector.c:511:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
     sprintf(ei.mp, "delta="); while(*ei.mp) ei.mp++;
data/dx-4.4.4/src/exec/dxmods/vector.c:516:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
     sprintf(ei.mp, "decimals="); while(*ei.mp) ei.mp++;
data/dx-4.4.4/src/exec/dxmods/vector.c:522:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(ei.mp, "list="); while(*ei.mp) ei.mp++;
data/dx-4.4.4/src/exec/dxmods/vector.c:525:12:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
     else{ sprintf(ei.mp, "value="); while(*ei.mp) ei.mp++;}
data/dx-4.4.4/src/exec/dxmods/vector.c:531:29:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      if (method==ABSOLUTE) sprintf(ei.mp, "method=\"absolute\"");
data/dx-4.4.4/src/exec/dxmods/vector.c:532:32:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      else if(method==PERCENT) sprintf(ei.mp, "method=\"relative\"");
data/dx-4.4.4/src/exec/dxmods/vector.c:533:12:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      else sprintf(ei.mp, "method=\"rounded\"");
data/dx-4.4.4/src/exec/dxmods/vector.c:537:32:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      if(start==START_MINIMUM) sprintf(ei.mp, "start=\"minimum\"");
data/dx-4.4.4/src/exec/dxmods/vector.c:538:38:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      else if(start==START_MIDPOINT) sprintf(ei.mp, "start=\"midpoint\"");
data/dx-4.4.4/src/exec/dxmods/vector.c:539:12:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      else sprintf(ei.mp, "start=\"maximum\"");
data/dx-4.4.4/src/exec/dxmods/vector.c:544:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
     sprintf(ei.mp,"label="); while(*ei.mp) ei.mp++;
data/dx-4.4.4/src/exec/dxmods/visualobject.c:1411:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char cbuf[256];
data/dx-4.4.4/src/exec/dxmods/visualobject.c:1492:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		sprintf(cbuf, "term %d", i);
data/dx-4.4.4/src/exec/dxmods/visualobject.c:1500:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		sprintf(cbuf, "term %d", i);
data/dx-4.4.4/src/exec/dxmods/visualobject.c:1536:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(cbuf, "[ [%g %g %g] [%g %g %g] [%g %g %g] ] + [%g %g %g]", 
data/dx-4.4.4/src/exec/dxmods/visualobject.c:1559:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		    sprintf(cbuf, "member %d", i);
data/dx-4.4.4/src/exec/dxmods/visualobject.c:1568:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		sprintf(cbuf, "position %g", pos);
data/dx-4.4.4/src/exec/dxmods/vrml.c:51:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   char wrlname[256];
data/dx-4.4.4/src/exec/dxmods/vrml.c:63:6:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
     strcat(wrlname,".wrl");
data/dx-4.4.4/src/exec/dxmods/vrml.c:65:9:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
   fp = fopen(wrlname,"w");
data/dx-4.4.4/src/exec/dxmods/writeimage.c:207:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(basename,"image");
data/dx-4.4.4/src/exec/dxmods/writeimage.c:409:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[200];
data/dx-4.4.4/src/exec/dxmods/writeimage.c:458:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[200];
data/dx-4.4.4/src/exec/dxmods/writeimage.c:475:19:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    return (float)atoi(buf);
data/dx-4.4.4/src/exec/dxmods/writeimage.c:481:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[200];
data/dx-4.4.4/src/exec/dxmods/writeimage.c:498:19:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    return (float)atoi(buf);
data/dx-4.4.4/src/exec/hwrender/gl/hwLoad.c:45:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buff[NAMELEN+PATHLEN];	/* tmp file path/name buffer */
data/dx-4.4.4/src/exec/hwrender/gl/hwLoad.c:99:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char HWname[NAMELEN];		/* name of HW module for load()*/
data/dx-4.4.4/src/exec/hwrender/gl/hwLoad.c:100:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char HWpath[PATHLEN];
data/dx-4.4.4/src/exec/hwrender/gl/hwLoad.c:101:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buff[NAMELEN+PATHLEN];	/* tmp file path/name buffer */
data/dx-4.4.4/src/exec/hwrender/gl/hwLoad.c:116:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(HWpath,"/bin_ibm6000");
data/dx-4.4.4/src/exec/hwrender/gl/hwLoad.c:121:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(HWpath,"/bin_ibm6000");
data/dx-4.4.4/src/exec/hwrender/gl/hwLoad.c:125:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(HWpath,"/usr/lpp/dx/bin_ibm6000");
data/dx-4.4.4/src/exec/hwrender/gl/hwLoad.c:142:11:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
          strcpy(buff, "DXhwdd.o or ");
data/dx-4.4.4/src/exec/hwrender/gl/hwLoad.c:145:11:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
          strcat(buff,"DXhwddOGL.o");
data/dx-4.4.4/src/exec/hwrender/gl/hwPortGL.h:36:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char gversion_string[32] ;
data/dx-4.4.4/src/exec/hwrender/hwCursorInteractor.c:1533:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char text[256] ;
data/dx-4.4.4/src/exec/hwrender/hwCursorInteractor.c:1572:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
  sprintf (text, "( %8g, %8g, %8g )", R->x, R->y, R->z) ;
data/dx-4.4.4/src/exec/hwrender/hwCursorInteractor.c:1666:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char version[20];
data/dx-4.4.4/src/exec/hwrender/hwCursorInteractor.c:1684:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char version[20];
data/dx-4.4.4/src/exec/hwrender/hwInteractor.c:343:15:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      bzero ((char *) tmp[numInteractorArrays],
data/dx-4.4.4/src/exec/hwrender/hwInteractor.c:408:15:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
              memcpy ((void *)new, (void *)*stack, sizeof(tdmInteractorCamT)) ;
data/dx-4.4.4/src/exec/hwrender/hwInteractor.h:281:21:  [2] (buffer) bcopy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define VCOPY(t,f) (bcopy ((char *)(f), (char *)(t), sizeof(float [3])))
data/dx-4.4.4/src/exec/hwrender/hwInteractor.h:281:29:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
#define VCOPY(t,f) (bcopy ((char *)(f), (char *)(t), sizeof(float [3])))
data/dx-4.4.4/src/exec/hwrender/hwInteractor.h:281:42:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
#define VCOPY(t,f) (bcopy ((char *)(f), (char *)(t), sizeof(float [3])))
data/dx-4.4.4/src/exec/hwrender/hwInteractor.h:282:21:  [2] (buffer) bcopy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define MCOPY(t,f) (bcopy ((char *)(f), (char *)(t), sizeof(float [4][4])))
data/dx-4.4.4/src/exec/hwrender/hwInteractor.h:282:29:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
#define MCOPY(t,f) (bcopy ((char *)(f), (char *)(t), sizeof(float [4][4])))
data/dx-4.4.4/src/exec/hwrender/hwInteractor.h:282:42:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
#define MCOPY(t,f) (bcopy ((char *)(f), (char *)(t), sizeof(float [4][4])))
data/dx-4.4.4/src/exec/hwrender/hwInteractor.h:283:22:  [2] (buffer) bcopy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define DMCOPY(t,f) (bcopy ((char *)(f), (char *)(t), sizeof(double [4][4])))
data/dx-4.4.4/src/exec/hwrender/hwInteractor.h:283:30:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
#define DMCOPY(t,f) (bcopy ((char *)(f), (char *)(t), sizeof(double [4][4])))
data/dx-4.4.4/src/exec/hwrender/hwInteractor.h:283:43:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
#define DMCOPY(t,f) (bcopy ((char *)(f), (char *)(t), sizeof(double [4][4])))
data/dx-4.4.4/src/exec/hwrender/hwQmesh.c:313:5:  [2] (buffer) bcopy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    bcopy (point, stripArray[nStrips].point, nPtsInStrip * sizeof(int)) ;    \
data/dx-4.4.4/src/exec/hwrender/hwQmesh.c:486:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(qmesh->connections+k, stripArray[i].point, stripArray[i].points*sizeof(int));
data/dx-4.4.4/src/exec/hwrender/hwRender.c:756:19:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    if (!tdmFree((char *)(ptr[0])))
data/dx-4.4.4/src/exec/hwrender/hwRender.c:880:41:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        *cacheIdP = tdmAllocate(strlen((char *)(priv[0])) + 1);
data/dx-4.4.4/src/exec/hwrender/hwRender.c:884:28:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        strcpy(*cacheIdP, (char *)(priv[0]));
data/dx-4.4.4/src/exec/hwrender/hwRender.c:1049:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char newDisplay[MAXHOSTNAMELEN + 31];
data/dx-4.4.4/src/exec/hwrender/hwRender.c:1253:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char		shortName[MAXHOSTNAMELEN+1];
data/dx-4.4.4/src/exec/hwrender/hwRender.c:1327:13:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
            strcat(ret,".0");
data/dx-4.4.4/src/exec/hwrender/hwRender.c:1341:13:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
            strcat(ret,".0");
data/dx-4.4.4/src/exec/hwrender/hwStereoSys.c:389:7:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	if (!atoi(cmd)) {
data/dx-4.4.4/src/exec/hwrender/hwTexture.c:241:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy( cmap, (ubyte *)DXGetArrayData(array), 3*n );
data/dx-4.4.4/src/exec/hwrender/hwTmesh.c:553:4:  [2] (buffer) bcopy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	  bcopy (point, &(stripArray[nStrips].point[p]),
data/dx-4.4.4/src/exec/hwrender/hwTmesh.c:577:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(tmesh->connections+k, stripArray[i].point, stripArray[i].points*sizeof(int));
data/dx-4.4.4/src/exec/hwrender/hwView.c:85:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(projection, &vp->pm, sizeof(vp->pm));
data/dx-4.4.4/src/exec/hwrender/hwView.c:88:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(view, &vp->vm, sizeof(vp->vm));
data/dx-4.4.4/src/exec/hwrender/hwWindow.c:190:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    char keyState[256];
data/dx-4.4.4/src/exec/hwrender/hwWindow.c:191:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    char key[2];
data/dx-4.4.4/src/exec/hwrender/hwWindow.c:354:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(oglWindowClassName, "DXOGLWin_%d", (int)clock());
data/dx-4.4.4/src/exec/hwrender/hwWindow.c:725:16:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        return atoi(&winName[i+1]) ;
data/dx-4.4.4/src/exec/hwrender/hwWindow.c:873:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[128] ;
data/dx-4.4.4/src/exec/hwrender/hwWindow.c:1464:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    char buf[32];
data/dx-4.4.4/src/exec/hwrender/hwWindow.c:1806:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static unsigned char gamma[256];
data/dx-4.4.4/src/exec/hwrender/hwWindow.c:2159:16:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        return atoi(&winName[i+1]) ;
data/dx-4.4.4/src/exec/hwrender/hwXfield.c:1095:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char		optionsString[201];
data/dx-4.4.4/src/exec/hwrender/hwXfield.h:295:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   unsigned char clip[8];
data/dx-4.4.4/src/exec/hwrender/opengl/hwInteractorEchoOGL.c:909:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char tmp_bits[8] ;
data/dx-4.4.4/src/exec/hwrender/opengl/hwLoadOGL.c:68:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buff[NAMELEN+PATHLEN];	/* tmp file path/name buffer */
data/dx-4.4.4/src/exec/hwrender/opengl/hwLoadOGL.c:139:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buff[NAMELEN+PATHLEN];	/* tmp file path/name buffer */
data/dx-4.4.4/src/exec/hwrender/opengl/hwLoadOGL.c:190:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buff[NAMELEN+PATHLEN];	/* tmp file path/name buffer */
data/dx-4.4.4/src/exec/hwrender/opengl/hwLoadOGL.c:191:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buf1[NAMELEN+PATHLEN];	/* tmp file path/name buffer */
data/dx-4.4.4/src/exec/hwrender/opengl/hwLoadOGL.c:214:4:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	  strcat(buff, ".dll");
data/dx-4.4.4/src/exec/hwrender/opengl/hwLoadOGL.c:277:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char HWname[NAMELEN];		/* name of HW module for load()*/
data/dx-4.4.4/src/exec/hwrender/opengl/hwLoadOGL.c:278:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char HWpath[PATHLEN];
data/dx-4.4.4/src/exec/hwrender/opengl/hwLoadOGL.c:279:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buff[NAMELEN+PATHLEN];   /* tmp file path/name buffer */
data/dx-4.4.4/src/exec/hwrender/opengl/hwLoadOGL.c:290:6:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
     strcat(HWpath,"/bin_");
data/dx-4.4.4/src/exec/hwrender/opengl/hwLoadOGL.c:297:6:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
     strcat(HWpath,"/bin_");
data/dx-4.4.4/src/exec/hwrender/opengl/hwLoadOGL.c:302:6:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
     strcpy(HWpath,"/usr/lpp/dx/bin_");
data/dx-4.4.4/src/exec/hwrender/opengl/hwPortOGL.c:287:8:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
			if (atoi(doGLStereo))
data/dx-4.4.4/src/exec/hwrender/opengl/hwPortOGL.c:325:8:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
			if (atoi(str))
data/dx-4.4.4/src/exec/hwrender/opengl/hwPortOGL.c:592:6:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	if (atoi(str))
data/dx-4.4.4/src/exec/hwrender/opengl/hwPortOGL.c:633:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char vendor_string[256];
data/dx-4.4.4/src/exec/hwrender/opengl/hwPortOGL.c:640:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char renderer_string[256];
data/dx-4.4.4/src/exec/hwrender/opengl/hwPortUtilOGL.c:2002:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char basename[40];
data/dx-4.4.4/src/exec/hwrender/opengl/hwPortUtilOGL.c:2007:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(basename,"dx.%d",(int)instance);
data/dx-4.4.4/src/exec/hwrender/opengl/hwPortUtilOGL.c:2074:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
WriteToFile(char *s, xfieldP xf, int type, float mat[4][4])
data/dx-4.4.4/src/exec/hwrender/opengl/hwPortUtilOGL.c:2088:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char filename[256];
data/dx-4.4.4/src/exec/hwrender/opengl/hwPortUtilOGL.c:2101:8:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  fp = fopen(filename,"a+");
data/dx-4.4.4/src/exec/hwrender/starbase/hwCacheUtilSB.c:43:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char cache_id[128] ;
data/dx-4.4.4/src/exec/hwrender/starbase/hwCacheUtilSB.c:76:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char cache_id[128] ;
data/dx-4.4.4/src/exec/hwrender/starbase/hwCacheUtilSB.c:130:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char cache_id[128] ;
data/dx-4.4.4/src/exec/hwrender/starbase/hwCacheUtilSB.c:161:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char cache_id[128] ;
data/dx-4.4.4/src/exec/hwrender/starbase/hwInteractorEchoSB.c:702:19:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  static unsigned char R[4096], G[4096], B[4096] ;
data/dx-4.4.4/src/exec/hwrender/starbase/hwInteractorEchoSB.c:988:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char R[9], G[9], B[9] ;
data/dx-4.4.4/src/exec/hwrender/starbase/hwInteractorEchoSB.c:1137:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char          tmp_bits[8];
data/dx-4.4.4/src/exec/hwrender/starbase/hwLineDrawSB.c:204:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
			  color_map[((char *)fcolors)[connections[2*k + i]]] ;
data/dx-4.4.4/src/exec/hwrender/starbase/hwLineDrawSB.c:215:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
			  color_map[((char *)fcolors)[k]] ;
data/dx-4.4.4/src/exec/hwrender/starbase/hwLineDrawSB.c:280:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
			  color_map[((char *)fcolors)[connections[2*k + i]]];
data/dx-4.4.4/src/exec/hwrender/starbase/hwLineDrawSB.c:291:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
			  color_map[((char *)fcolors)[k]] ;
data/dx-4.4.4/src/exec/hwrender/starbase/hwLoad.c:48:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char HWname[257],HWpath[513];	/* name of HW module for load()*/
data/dx-4.4.4/src/exec/hwrender/starbase/hwLoad.c:59:7:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
      strcpy(HWname,"DXhwdd.sl");
data/dx-4.4.4/src/exec/hwrender/starbase/hwLoad.c:65:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat(HWpath,"/bin_hp700/");
data/dx-4.4.4/src/exec/hwrender/starbase/hwLoad.c:73:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat(HWpath,"/bin_hp700/");
data/dx-4.4.4/src/exec/hwrender/starbase/hwLoad.c:79:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(HWpath,"/usr/lpp/dx/bin_hp700/");
data/dx-4.4.4/src/exec/hwrender/starbase/hwMeshDrawSB.c.h:411:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
			  color_map[((unsigned char *)fcolors)[pntIdx[i]]] ;
data/dx-4.4.4/src/exec/hwrender/starbase/hwPlineDrawSB.c:329:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		  color_map[((char *)fcolors)[pntIdx[i]]] ;
data/dx-4.4.4/src/exec/hwrender/starbase/hwPolygonDrawSB.c.h:454:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		  a = opacity_map[((char *)opacities)[connections[dP]]];
data/dx-4.4.4/src/exec/hwrender/starbase/hwPolygonDrawSB.c.h:464:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		  a = opacity_map[((char *)opacities)[i]] ;
data/dx-4.4.4/src/exec/hwrender/starbase/hwPolygonDrawSB.c.h:508:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		      color_map[((char *)fcolors)[connections[v]]] ;
data/dx-4.4.4/src/exec/hwrender/starbase/hwPolygonDrawSB.c.h:527:30:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		      LOOKUP(opacity_map[((char *)opacities)[connections[v]]]) ;
data/dx-4.4.4/src/exec/hwrender/starbase/hwPolyhedraDrawSB.c.h:202:44:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    *(RGBColor *)(clist+dV) = color_map[((char *)fcolors)[i]] ;
data/dx-4.4.4/src/exec/hwrender/starbase/hwPolyhedraDrawSB.c.h:349:42:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		    *(RGBColor *)(clist) = color_map[((char *)fcolors)[v]] ;
data/dx-4.4.4/src/exec/hwrender/starbase/hwPolylineDrawSB.c:194:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
				color_map[((char *)fcolors)[edges[i]]];
data/dx-4.4.4/src/exec/hwrender/starbase/hwPolylineDrawSB.c:204:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
				color_map[((char *)fcolors)[k]];
data/dx-4.4.4/src/exec/hwrender/starbase/hwPortSB.c:1446:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char  cap_flags[SIZE_OF_CAPABILITIES];
data/dx-4.4.4/src/exec/hwrender/starbase/hwPortSB.h:102:29:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
			       CLAMP(color_map[((char *)fcolors)[i]].r), \
data/dx-4.4.4/src/exec/hwrender/starbase/hwPortSB.h:103:29:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
			       CLAMP(color_map[((char *)fcolors)[i]].g), \
data/dx-4.4.4/src/exec/hwrender/starbase/hwPortSB.h:104:29:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
			       CLAMP(color_map[((char *)fcolors)[i]].b)))
data/dx-4.4.4/src/exec/hwrender/xgl/hwCacheUtilXGL.c:112:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char cache_id[128] ;
data/dx-4.4.4/src/exec/hwrender/xgl/hwCacheUtilXGL.c:143:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char cache_id[128] ;
data/dx-4.4.4/src/exec/hwrender/xgl/hwCacheUtilXGL.c:210:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char *priv, cache_id[128] ;
data/dx-4.4.4/src/exec/hwrender/xgl/hwCacheUtilXGL.c:239:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char cache_id[128] ;
data/dx-4.4.4/src/exec/hwrender/xgl/hwCacheUtilXGL.c:269:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char cache_id[128] ;
data/dx-4.4.4/src/exec/hwrender/xgl/hwCacheUtilXGL.c:299:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char cache_id[128] ;
data/dx-4.4.4/src/exec/hwrender/xgl/hwCacheUtilXGL.c:340:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char *priv, cache_id[128] ;
data/dx-4.4.4/src/exec/hwrender/xgl/hwCacheUtilXGL.c:370:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char cache_id[128] ;
data/dx-4.4.4/src/exec/hwrender/xgl/hwInteractorEchoXGL.c:1377:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char tmp_bits[8] ;
data/dx-4.4.4/src/exec/hwrender/xgl/hwLoad.c:50:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char HWname[257],HWpath[513];	/* name of HW module for load()*/
data/dx-4.4.4/src/exec/hwrender/xgl/hwLoad.c:92:7:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
      strcpy(HWname,"DXhwdd.so");
data/dx-4.4.4/src/exec/hwrender/xgl/hwLoad.c:97:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat(HWpath,"/bin_");
data/dx-4.4.4/src/exec/hwrender/xgl/hwLoad.c:107:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat(HWpath,"/bin_");
data/dx-4.4.4/src/exec/hwrender/xgl/hwLoad.c:115:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(HWpath,"/usr/lpp/dx/bin_");
data/dx-4.4.4/src/exec/hwrender/xgl/hwMeshDraw.c.h:487:28:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
			  &color_map[((unsigned char *)fcolors)[pntIdx[i]]]);
data/dx-4.4.4/src/exec/hwrender/xgl/hwMeshDraw.c.h:517:19:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
			  &color_map[((char *)fcolors)[pntIdx[i]]]) ;
data/dx-4.4.4/src/exec/hwrender/xgl/hwPlineDraw.c:332:19:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
			  &color_map[((char *)fcolors)[pntIdx[i]]]);
data/dx-4.4.4/src/exec/libdx/array.c:257:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(local, data, n);
data/dx-4.4.4/src/exec/libdx/array.c:315:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy((char *)(a->data)+start*a->size, data, n*a->size);
data/dx-4.4.4/src/exec/libdx/array.c:339:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(d, a->ldata, sizeof(a->ldata));
data/dx-4.4.4/src/exec/libdx/array.c:666:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		    memcpy(scratch, DXGetArrayEntry(handle->handles[0],
data/dx-4.4.4/src/exec/libdx/array.c:674:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		    memcpy(handle->scratch1, DXGetArrayEntry(handle->handles[0],
data/dx-4.4.4/src/exec/libdx/array.c:713:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		    memcpy(scratch, DXGetArrayEntry(handle->handles[0],
data/dx-4.4.4/src/exec/libdx/array.c:719:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		    memcpy(scratch, DXGetArrayEntry(handle->handles[0],
data/dx-4.4.4/src/exec/libdx/axes.c:301:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[100];		/* the label */
data/dx-4.4.4/src/exec/libdx/axes.c:836:19:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
       maxwidth = atoi(cstring);
data/dx-4.4.4/src/exec/libdx/axes.c:840:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(fmt, "%%%d.%df", width, precision);
data/dx-4.4.4/src/exec/libdx/axes.c:848:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    { char tbuf[32], *cp;
data/dx-4.4.4/src/exec/libdx/axes.c:871:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(tbuf, "%.*e", prec, val);
data/dx-4.4.4/src/exec/libdx/axes.c:878:4:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	  sprintf(fmt, "%%.%de", prec);
data/dx-4.4.4/src/exec/libdx/axes.c:884:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(fmt, "%%.%de", minprec);
data/dx-4.4.4/src/exec/libdx/axes.c:933:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char fmtx[20], fmty[20], fmtz[20];
data/dx-4.4.4/src/exec/libdx/axes.c:1729:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tbuf[32], *cp;
data/dx-4.4.4/src/exec/libdx/axes.c:1745:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(tbuf, "%%%d.%df", width, prec);
data/dx-4.4.4/src/exec/libdx/axes.c:1772:18:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
       maxwidth =atoi(cstring); 
data/dx-4.4.4/src/exec/libdx/axes.c:1777:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(fmt, "%%%d.%df", width, minprec);
data/dx-4.4.4/src/exec/libdx/axes.c:1802:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(tbuf, "%.*e", prec, val);
data/dx-4.4.4/src/exec/libdx/axes.c:1809:4:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	  sprintf(fmt, "%%.%de", prec);
data/dx-4.4.4/src/exec/libdx/axes.c:1814:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(fmt, "%%.%de", minprec);
data/dx-4.4.4/src/exec/libdx/binSort.c:172:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy((char *)dst, (char *)src, sizeof(struct grid));
data/dx-4.4.4/src/exec/libdx/buffer.c:354:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
 memcpy((char *)pix, (char *)ptr, sizeof(ubyte)*knt); 
data/dx-4.4.4/src/exec/libdx/buffer.c:489:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
 memcpy(segptr, start_p, l); 
data/dx-4.4.4/src/exec/libdx/buffer.c:523:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
 memcpy(segptr, start_p, l); 
data/dx-4.4.4/src/exec/libdx/buffer.c:566:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
 memcpy(start_p, DXGetSegListSegmentPointer(seg), l); 
data/dx-4.4.4/src/exec/libdx/buffer.c:657:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
 memcpy((char *)pix, (char *)ptr, sizeof(ushort)*knt); 
data/dx-4.4.4/src/exec/libdx/buffer.c:658:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 (((char *)(pix))[0] = ((char *)(ptr))[0], ((char *)(pix))[1] = ((char *)(ptr))[1]); 
data/dx-4.4.4/src/exec/libdx/buffer.c:658:26:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 (((char *)(pix))[0] = ((char *)(ptr))[0], ((char *)(pix))[1] = ((char *)(ptr))[1]); 
data/dx-4.4.4/src/exec/libdx/buffer.c:658:46:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 (((char *)(pix))[0] = ((char *)(ptr))[0], ((char *)(pix))[1] = ((char *)(ptr))[1]); 
data/dx-4.4.4/src/exec/libdx/buffer.c:658:67:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 (((char *)(pix))[0] = ((char *)(ptr))[0], ((char *)(pix))[1] = ((char *)(ptr))[1]); 
data/dx-4.4.4/src/exec/libdx/buffer.c:663:29:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 (((char *)(&proto))[0] = ((char *)(ptr))[0], ((char *)(&proto))[1] = ((char *)(ptr))[1]); 
data/dx-4.4.4/src/exec/libdx/buffer.c:663:73:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 (((char *)(&proto))[0] = ((char *)(ptr))[0], ((char *)(&proto))[1] = ((char *)(ptr))[1]); 
data/dx-4.4.4/src/exec/libdx/buffer.c:792:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
 memcpy(segptr, start_p, l); 
data/dx-4.4.4/src/exec/libdx/buffer.c:826:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
 memcpy(segptr, start_p, l); 
data/dx-4.4.4/src/exec/libdx/buffer.c:869:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
 memcpy(start_p, DXGetSegListSegmentPointer(seg), l); 
data/dx-4.4.4/src/exec/libdx/buffer.c:960:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
 memcpy((char *)pix, (char *)ptr, sizeof(int32)*knt); 
data/dx-4.4.4/src/exec/libdx/buffer.c:961:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 (((char *)(pix))[0] = ((char *)(ptr))[0], ((char *)(pix))[1] = ((char *)(ptr))[1], ((char *)(pix))[2] = ((char *)(ptr))[2], ((char *)(pix))[3] = ((char *)(ptr))[3]); 
data/dx-4.4.4/src/exec/libdx/buffer.c:961:26:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 (((char *)(pix))[0] = ((char *)(ptr))[0], ((char *)(pix))[1] = ((char *)(ptr))[1], ((char *)(pix))[2] = ((char *)(ptr))[2], ((char *)(pix))[3] = ((char *)(ptr))[3]); 
data/dx-4.4.4/src/exec/libdx/buffer.c:961:46:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 (((char *)(pix))[0] = ((char *)(ptr))[0], ((char *)(pix))[1] = ((char *)(ptr))[1], ((char *)(pix))[2] = ((char *)(ptr))[2], ((char *)(pix))[3] = ((char *)(ptr))[3]); 
data/dx-4.4.4/src/exec/libdx/buffer.c:961:67:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 (((char *)(pix))[0] = ((char *)(ptr))[0], ((char *)(pix))[1] = ((char *)(ptr))[1], ((char *)(pix))[2] = ((char *)(ptr))[2], ((char *)(pix))[3] = ((char *)(ptr))[3]); 
data/dx-4.4.4/src/exec/libdx/buffer.c:961:87:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 (((char *)(pix))[0] = ((char *)(ptr))[0], ((char *)(pix))[1] = ((char *)(ptr))[1], ((char *)(pix))[2] = ((char *)(ptr))[2], ((char *)(pix))[3] = ((char *)(ptr))[3]); 
data/dx-4.4.4/src/exec/libdx/buffer.c:961:108:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 (((char *)(pix))[0] = ((char *)(ptr))[0], ((char *)(pix))[1] = ((char *)(ptr))[1], ((char *)(pix))[2] = ((char *)(ptr))[2], ((char *)(pix))[3] = ((char *)(ptr))[3]); 
data/dx-4.4.4/src/exec/libdx/buffer.c:961:128:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 (((char *)(pix))[0] = ((char *)(ptr))[0], ((char *)(pix))[1] = ((char *)(ptr))[1], ((char *)(pix))[2] = ((char *)(ptr))[2], ((char *)(pix))[3] = ((char *)(ptr))[3]); 
data/dx-4.4.4/src/exec/libdx/buffer.c:961:149:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 (((char *)(pix))[0] = ((char *)(ptr))[0], ((char *)(pix))[1] = ((char *)(ptr))[1], ((char *)(pix))[2] = ((char *)(ptr))[2], ((char *)(pix))[3] = ((char *)(ptr))[3]); 
data/dx-4.4.4/src/exec/libdx/buffer.c:966:29:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 (((char *)(&proto))[0] = ((char *)(ptr))[0], ((char *)(&proto))[1] = ((char *)(ptr))[1], ((char *)(&proto))[2] = ((char *)(ptr))[2], ((char *)(&proto))[3] = ((char *)(ptr))[3]); 
data/dx-4.4.4/src/exec/libdx/buffer.c:966:73:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 (((char *)(&proto))[0] = ((char *)(ptr))[0], ((char *)(&proto))[1] = ((char *)(ptr))[1], ((char *)(&proto))[2] = ((char *)(ptr))[2], ((char *)(&proto))[3] = ((char *)(ptr))[3]); 
data/dx-4.4.4/src/exec/libdx/buffer.c:966:117:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 (((char *)(&proto))[0] = ((char *)(ptr))[0], ((char *)(&proto))[1] = ((char *)(ptr))[1], ((char *)(&proto))[2] = ((char *)(ptr))[2], ((char *)(&proto))[3] = ((char *)(ptr))[3]); 
data/dx-4.4.4/src/exec/libdx/buffer.c:966:161:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 (((char *)(&proto))[0] = ((char *)(ptr))[0], ((char *)(&proto))[1] = ((char *)(ptr))[1], ((char *)(&proto))[2] = ((char *)(ptr))[2], ((char *)(&proto))[3] = ((char *)(ptr))[3]); 
data/dx-4.4.4/src/exec/libdx/buffer.c:1095:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
 memcpy(segptr, start_p, l); 
data/dx-4.4.4/src/exec/libdx/buffer.c:1129:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
 memcpy(segptr, start_p, l); 
data/dx-4.4.4/src/exec/libdx/buffer.c:1172:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
 memcpy(start_p, DXGetSegListSegmentPointer(seg), l); 
data/dx-4.4.4/src/exec/libdx/buffer.c:1263:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
 memcpy((char *)pix, (char *)ptr, sizeof(int32)*knt); 
data/dx-4.4.4/src/exec/libdx/buffer.c:1264:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 (((char *)(pix))[0] = ((char *)(ptr))[0], ((char *)(pix))[1] = ((char *)(ptr))[1], ((char *)(pix))[2] = ((char *)(ptr))[2], ((char *)(pix))[3] = ((char *)(ptr))[3]); 
data/dx-4.4.4/src/exec/libdx/buffer.c:1264:26:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 (((char *)(pix))[0] = ((char *)(ptr))[0], ((char *)(pix))[1] = ((char *)(ptr))[1], ((char *)(pix))[2] = ((char *)(ptr))[2], ((char *)(pix))[3] = ((char *)(ptr))[3]); 
data/dx-4.4.4/src/exec/libdx/buffer.c:1264:46:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 (((char *)(pix))[0] = ((char *)(ptr))[0], ((char *)(pix))[1] = ((char *)(ptr))[1], ((char *)(pix))[2] = ((char *)(ptr))[2], ((char *)(pix))[3] = ((char *)(ptr))[3]); 
data/dx-4.4.4/src/exec/libdx/buffer.c:1264:67:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 (((char *)(pix))[0] = ((char *)(ptr))[0], ((char *)(pix))[1] = ((char *)(ptr))[1], ((char *)(pix))[2] = ((char *)(ptr))[2], ((char *)(pix))[3] = ((char *)(ptr))[3]); 
data/dx-4.4.4/src/exec/libdx/buffer.c:1264:87:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 (((char *)(pix))[0] = ((char *)(ptr))[0], ((char *)(pix))[1] = ((char *)(ptr))[1], ((char *)(pix))[2] = ((char *)(ptr))[2], ((char *)(pix))[3] = ((char *)(ptr))[3]); 
data/dx-4.4.4/src/exec/libdx/buffer.c:1264:108:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 (((char *)(pix))[0] = ((char *)(ptr))[0], ((char *)(pix))[1] = ((char *)(ptr))[1], ((char *)(pix))[2] = ((char *)(ptr))[2], ((char *)(pix))[3] = ((char *)(ptr))[3]); 
data/dx-4.4.4/src/exec/libdx/buffer.c:1264:128:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 (((char *)(pix))[0] = ((char *)(ptr))[0], ((char *)(pix))[1] = ((char *)(ptr))[1], ((char *)(pix))[2] = ((char *)(ptr))[2], ((char *)(pix))[3] = ((char *)(ptr))[3]); 
data/dx-4.4.4/src/exec/libdx/buffer.c:1264:149:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 (((char *)(pix))[0] = ((char *)(ptr))[0], ((char *)(pix))[1] = ((char *)(ptr))[1], ((char *)(pix))[2] = ((char *)(ptr))[2], ((char *)(pix))[3] = ((char *)(ptr))[3]); 
data/dx-4.4.4/src/exec/libdx/buffer.c:1269:29:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 (((char *)(&proto))[0] = ((char *)(ptr))[0], ((char *)(&proto))[1] = ((char *)(ptr))[1], ((char *)(&proto))[2] = ((char *)(ptr))[2], ((char *)(&proto))[3] = ((char *)(ptr))[3]); 
data/dx-4.4.4/src/exec/libdx/buffer.c:1269:73:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 (((char *)(&proto))[0] = ((char *)(ptr))[0], ((char *)(&proto))[1] = ((char *)(ptr))[1], ((char *)(&proto))[2] = ((char *)(ptr))[2], ((char *)(&proto))[3] = ((char *)(ptr))[3]); 
data/dx-4.4.4/src/exec/libdx/buffer.c:1269:117:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 (((char *)(&proto))[0] = ((char *)(ptr))[0], ((char *)(&proto))[1] = ((char *)(ptr))[1], ((char *)(&proto))[2] = ((char *)(ptr))[2], ((char *)(&proto))[3] = ((char *)(ptr))[3]); 
data/dx-4.4.4/src/exec/libdx/buffer.c:1269:161:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 (((char *)(&proto))[0] = ((char *)(ptr))[0], ((char *)(&proto))[1] = ((char *)(ptr))[1], ((char *)(&proto))[2] = ((char *)(ptr))[2], ((char *)(&proto))[3] = ((char *)(ptr))[3]); 
data/dx-4.4.4/src/exec/libdx/buffer.c:1398:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
 memcpy(segptr, start_p, l); 
data/dx-4.4.4/src/exec/libdx/buffer.c:1432:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
 memcpy(segptr, start_p, l); 
data/dx-4.4.4/src/exec/libdx/buffer.c:1475:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
 memcpy(start_p, DXGetSegListSegmentPointer(seg), l); 
data/dx-4.4.4/src/exec/libdx/buffer.c:1566:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
 memcpy((char *)pix, (char *)ptr, sizeof(RGBColor)*knt); 
data/dx-4.4.4/src/exec/libdx/buffer.c:1567:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
 memcpy((char *)(pix), (char *)(ptr), sizeof(RGBColor)); 
data/dx-4.4.4/src/exec/libdx/buffer.c:1572:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
 memcpy((char *)(&proto), (char *)(ptr), sizeof(RGBColor)); 
data/dx-4.4.4/src/exec/libdx/buffer.c:1701:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
 memcpy(segptr, start_p, l); 
data/dx-4.4.4/src/exec/libdx/buffer.c:1735:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
 memcpy(segptr, start_p, l); 
data/dx-4.4.4/src/exec/libdx/buffer.c:1778:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
 memcpy(start_p, DXGetSegListSegmentPointer(seg), l); 
data/dx-4.4.4/src/exec/libdx/callm_init.c:53:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[1024];
data/dx-4.4.4/src/exec/libdx/client.c:63:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char localHostname[BUFSIZ];
data/dx-4.4.4/src/exec/libdx/client.c:64:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char localhostHostname[BUFSIZ];
data/dx-4.4.4/src/exec/libdx/client.c:65:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char remoteHostname[BUFSIZ];
data/dx-4.4.4/src/exec/libdx/client.c:72:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tmpHost[MAXHOSTNAMELEN], *p;
data/dx-4.4.4/src/exec/libdx/client.c:149:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(userver.sun_path, "/tmp/.DX-unix/DX%d", port);
data/dx-4.4.4/src/exec/libdx/client.c:177:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&server.sin_addr, hp->h_addr, hp->h_length);
data/dx-4.4.4/src/exec/libdx/component.c:1354:2:  [2] (buffer) bcopy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	bcopy(p, DXGetArrayData(na), nitems * DXGetItemSize(na));
data/dx-4.4.4/src/exec/libdx/cstarray.c:36:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(a->data, d, a->array.size);
data/dx-4.4.4/src/exec/libdx/cstarray.c:76:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    memcpy(d, ((ConstantArray)a)->data, a->size);
data/dx-4.4.4/src/exec/libdx/cstarray.c:78:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    memcpy(d, ((RegularArray)a)->origin, a->size);
data/dx-4.4.4/src/exec/libdx/cstarray.c:121:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(src, a->data, size);
data/dx-4.4.4/src/exec/libdx/cstarray.c:124:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(d, src, size);
data/dx-4.4.4/src/exec/libdx/cubesII.c:562:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    memcpy(v, ((FieldInterpolator)ci)->cstData, itemSize);
data/dx-4.4.4/src/exec/libdx/cubesII.c:608:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    memcpy(v, DXGetArrayEntry(ci->dHandle,
data/dx-4.4.4/src/exec/libdx/cubesII.c:748:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(new->gridCounts, old->gridCounts, sizeof(old->gridCounts));
data/dx-4.4.4/src/exec/libdx/cubesRR.c:456:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    memcpy(v, ((FieldInterpolator)ci)->cstData, itemSize);
data/dx-4.4.4/src/exec/libdx/cubesRR.c:612:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    memcpy(v, DXGetArrayEntry(ci->data,
data/dx-4.4.4/src/exec/libdx/cubesRR.c:664:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy((char *)new->size,        (char *)old->size,        sizeof(old->size));
data/dx-4.4.4/src/exec/libdx/cubesRR.c:665:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy((char *)new->counts,      (char *)old->counts,      sizeof(old->counts));
data/dx-4.4.4/src/exec/libdx/cubesRR.c:666:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy((char *)new->eltStrides,  (char *)old->eltStrides,  sizeof(old->eltStrides));
data/dx-4.4.4/src/exec/libdx/cubesRR.c:667:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy((char *)new->meshOffsets, (char *)old->meshOffsets, sizeof(old->meshOffsets));
data/dx-4.4.4/src/exec/libdx/displayfb.c:288:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char copy[100], *s;
data/dx-4.4.4/src/exec/libdx/displayutil.c:163:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char	depth[4];
data/dx-4.4.4/src/exec/libdx/displayutil.c:189:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
  switch (i = atoi(depth)) {
data/dx-4.4.4/src/exec/libdx/displayw.c:159:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		sprintf(SWWindowClassName, "SoftwareRenderer_%d", (int)clock());
data/dx-4.4.4/src/exec/libdx/displayw.c:1140:23:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
				w->parent = (HWND)atoi(num);
data/dx-4.4.4/src/exec/libdx/displayw.c:1148:23:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
				w->parent = (HWND)atoi(num);
data/dx-4.4.4/src/exec/libdx/displayw.c:2262:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
					memcpy((void *)w->pixels, (void *)pixels, width*height*2);
data/dx-4.4.4/src/exec/libdx/displayw.c:2271:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
				memcpy((void *)w->pixels, (void *)pixels, width*height*size);
data/dx-4.4.4/src/exec/libdx/displayw.c:2640:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *s, copy[201], *host = NULL, *window = NULL;
data/dx-4.4.4/src/exec/libdx/displayx.c:43:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[100];
data/dx-4.4.4/src/exec/libdx/displayx.c:178:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    ir = ((unsigned char *)_src)[0];					\
data/dx-4.4.4/src/exec/libdx/displayx.c:179:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    ig = ((unsigned char *)_src)[1];					\
data/dx-4.4.4/src/exec/libdx/displayx.c:180:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    ib = ((unsigned char *)_src)[2];					\
data/dx-4.4.4/src/exec/libdx/displayx.c:254:16:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    ((unsigned char *)t_dst)[0] = i & 0xff;				\
data/dx-4.4.4/src/exec/libdx/displayx.c:255:16:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    ((unsigned char *)t_dst)[1] = (i >> 8) & 0xff;			\
data/dx-4.4.4/src/exec/libdx/displayx.c:256:16:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    ((unsigned char *)t_dst)[2] = (i >> 16) & 0xff;					
data/dx-4.4.4/src/exec/libdx/displayx.c:2170:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[1024];
data/dx-4.4.4/src/exec/libdx/displayx.c:2188:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(cacheid, buf, len);
data/dx-4.4.4/src/exec/libdx/displayx.c:2602:12:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		w->wid = atoi(num);
data/dx-4.4.4/src/exec/libdx/displayx.c:2610:12:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		w->wid = atoi(num);
data/dx-4.4.4/src/exec/libdx/displayx.c:2983:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *s, copy[201], *host = NULL, *window = NULL;
data/dx-4.4.4/src/exec/libdx/displayx.c:3720:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char 		cacheid[100];
data/dx-4.4.4/src/exec/libdx/displayx.c:4031:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char		save[MAXRGBCMAPSIZE];
data/dx-4.4.4/src/exec/libdx/displayx.c:4559:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char       readOnly[MAXCMAPSIZE];
data/dx-4.4.4/src/exec/libdx/displayx.c:4562:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char       colorAssigned[MAX_RR*MAX_GG*MAX_BB];
data/dx-4.4.4/src/exec/libdx/displayx.c:4855:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    qsort((char *)sort, xlatesize, sizeof(sort[0]), compare);
data/dx-4.4.4/src/exec/libdx/displayx.c:5127:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char	allocated[256];
data/dx-4.4.4/src/exec/libdx/displayx.c:5128:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char	readOnly[256];
data/dx-4.4.4/src/exec/libdx/displayx.c:5297:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    qsort((char *)sort, nextGap, sizeof(sort[0]), grayCmp);
data/dx-4.4.4/src/exec/libdx/displayx.c:6020:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(dst, src, w->wwidth);
data/dx-4.4.4/src/exec/libdx/edf.h:101:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char contents[LOCALSTORBLOCK];	/* actual local storage */
data/dx-4.4.4/src/exec/libdx/edfdata.c:752:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char c[4];
data/dx-4.4.4/src/exec/libdx/edfdata.c:854:11:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    if (!memcpy(dest, src, tsize * ndata))
data/dx-4.4.4/src/exec/libdx/edfdict.c:175:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char lcase[LONGESTKEY];
data/dx-4.4.4/src/exec/libdx/edfio.c:92:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char rightstr[20];
data/dx-4.4.4/src/exec/libdx/edfio.c:96:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy(rightstr, "points");
data/dx-4.4.4/src/exec/libdx/edfio.c:99:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy(rightstr, "lines");
data/dx-4.4.4/src/exec/libdx/edfio.c:102:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy(rightstr, "quads");
data/dx-4.4.4/src/exec/libdx/edfio.c:105:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy(rightstr, "cubes");
data/dx-4.4.4/src/exec/libdx/edfio.c:108:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(rightstr, "cubes%dD", num);
data/dx-4.4.4/src/exec/libdx/edfio.c:584:14:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        fd = fopen(*outname+1, "r");
data/dx-4.4.4/src/exec/libdx/edfio.c:609:10:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    fd = fopen(inname, "r");
data/dx-4.4.4/src/exec/libdx/edfio.c:646:13:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ((fd=fopen(*outname, "r"))!=NULL) {
data/dx-4.4.4/src/exec/libdx/edfio.c:688:14:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	    if ((fd=fopen(*outname, "r"))!=NULL) {
data/dx-4.4.4/src/exec/libdx/edfio.c:699:14:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	    if ((fd=fopen(*outname, "r"))!=NULL) {
data/dx-4.4.4/src/exec/libdx/edfio.c:721:10:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	if ((fd=fopen(*outname, "r"))!=NULL) {
data/dx-4.4.4/src/exec/libdx/edfio.c:731:10:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	if ((fd=fopen(*outname, "r"))!=NULL) {
data/dx-4.4.4/src/exec/libdx/edfio.c:915:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy((void *)fp2, (void *)fp1, sizeof(struct finfo));
data/dx-4.4.4/src/exec/libdx/edflex.c:499:11:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		value = atoi(pp->inbuf);
data/dx-4.4.4/src/exec/libdx/edflex.c:603:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char cbuf[512];
data/dx-4.4.4/src/exec/libdx/edflex.c:607:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(cbuf, "end of input");
data/dx-4.4.4/src/exec/libdx/edflex.c:612:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf(cbuf, "integer: %d", t->token.i);
data/dx-4.4.4/src/exec/libdx/edflex.c:615:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf(cbuf, "float: %f", t->token.f);
data/dx-4.4.4/src/exec/libdx/edflex.c:618:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf(cbuf, "double: %g", t->token.d);
data/dx-4.4.4/src/exec/libdx/edflex.c:621:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf(cbuf, "byte: %x", (unsigned int)t->token.c);
data/dx-4.4.4/src/exec/libdx/edflex.c:624:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf(cbuf, "bad number");
data/dx-4.4.4/src/exec/libdx/edflex.c:640:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf(cbuf, "bad input");
data/dx-4.4.4/src/exec/libdx/edflex.c:643:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf(cbuf, "missing quote");
data/dx-4.4.4/src/exec/libdx/edflex.c:646:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf(cbuf, "bad number");
data/dx-4.4.4/src/exec/libdx/edflex.c:649:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(cbuf, "multiple commas");
data/dx-4.4.4/src/exec/libdx/edflex.c:652:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(cbuf, "missing bracket");
data/dx-4.4.4/src/exec/libdx/edflex.c:655:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(cbuf, "line too long");
data/dx-4.4.4/src/exec/libdx/edflex.c:658:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf(cbuf, "unknown error");
data/dx-4.4.4/src/exec/libdx/edflex.c:663:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(cbuf, "bad input");
data/dx-4.4.4/src/exec/libdx/edfparse.c:3575:23:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	    gb->numlist[0] = atoi(cp);
data/dx-4.4.4/src/exec/libdx/edfprint.c:101:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char fred[256];
data/dx-4.4.4/src/exec/libdx/edfprint.c:104:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(fred, "unknown");
data/dx-4.4.4/src/exec/libdx/edfprint.c:106:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(fred, "%d", id);
data/dx-4.4.4/src/exec/libdx/edfprint.c:128:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char lcasefmt[32], *lcp;
data/dx-4.4.4/src/exec/libdx/edfprint.c:182:6:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	    strcat(fname, ".dx");
data/dx-4.4.4/src/exec/libdx/edfprint.c:184:6:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	    strcat(fname, ".dx");
data/dx-4.4.4/src/exec/libdx/edfprint.c:186:9:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	p.fp = fopen(fname, "w+");
data/dx-4.4.4/src/exec/libdx/edfprint.c:343:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(fname2 + strlen(fname2), "%d", getpid());
data/dx-4.4.4/src/exec/libdx/edfprint.c:345:10:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	p.dfp = fopen(fname2, "w+");
data/dx-4.4.4/src/exec/libdx/edfprint.c:390:10:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	p.dfp = fopen(fname2, "r");
data/dx-4.4.4/src/exec/libdx/edfprint.c:469:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char lcasefmt[32], *lcp;
data/dx-4.4.4/src/exec/libdx/field.c:87:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(c, f->local, sizeof(f->local));
data/dx-4.4.4/src/exec/libdx/fileio.c:66:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char fname[256];
data/dx-4.4.4/src/exec/libdx/fileio.c:146:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dname[256];  /* max drive name - look for right #define */
data/dx-4.4.4/src/exec/libdx/fileio.c:256:8:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
		fd = open(name, O_RDONLY);
data/dx-4.4.4/src/exec/libdx/fileio.c:264:8:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
		fd = open(name, O_RDWR);
data/dx-4.4.4/src/exec/libdx/fileio.c:266:9:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
			fd = open(name, O_WRONLY | O_CREAT, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH | S_IWOTH);
data/dx-4.4.4/src/exec/libdx/fileio.c:483:6:  [2] (buffer) bcopy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    bcopy(addr, align, size);
data/dx-4.4.4/src/exec/libdx/fileio.c:647:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(addr, frag_mem, bytes);
data/dx-4.4.4/src/exec/libdx/fileio.c:675:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(frag_mem, addr, bytes);
data/dx-4.4.4/src/exec/libdx/fileio.c:772:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[256];
data/dx-4.4.4/src/exec/libdx/fle2D.c:498:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(v, DXGetArrayEntry(fle->dHandle, found, dbuf), itemSize);
data/dx-4.4.4/src/exec/libdx/groupinterp.c:111:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    memcpy((void *)(gi->interpolator.min), (void *)(sub->min),
data/dx-4.4.4/src/exec/libdx/groupinterp.c:113:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    memcpy((void *)(gi->interpolator.max), (void *)(sub->max),
data/dx-4.4.4/src/exec/libdx/grow.c:78:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *components[100];
data/dx-4.4.4/src/exec/libdx/grow.c:555:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char     *name, origName[256];
data/dx-4.4.4/src/exec/libdx/hash.c:339:37:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    nextelt = ( HashElement ) ( ( ( char * ) pages[ pageNum ] ) + eltNum * eltSize );
data/dx-4.4.4/src/exec/libdx/hash.c:637:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy( ( char * ) dir->leaves + oldLength, ( char * ) dir->leaves, oldLength );
data/dx-4.4.4/src/exec/libdx/hash.c:702:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy( DATA_PTR( element ), data, hashTable->dataSize );
data/dx-4.4.4/src/exec/libdx/helper.c:475:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *names[100], *cp;
data/dx-4.4.4/src/exec/libdx/helper.c:494:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *names[100];
data/dx-4.4.4/src/exec/libdx/image.c:23:10:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
unsigned char _dxd_convert[NC] = { 0 };	   /* see internals.h for more info */
data/dx-4.4.4/src/exec/libdx/image.c:29:34:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static int rgb_to_yuv(drgb *buf, char *tmp, double *yuv_buf[3], int n_line);
data/dx-4.4.4/src/exec/libdx/image.c:1092:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
rgb_to_yuv(drgb *buf, char *tmp, double *yuv_buf[3], int n_line)
data/dx-4.4.4/src/exec/libdx/internals.h:75:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
extern unsigned char _dxd_convert[NC];	/* table accessed by unsigned short */
data/dx-4.4.4/src/exec/libdx/invalid.c:189:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char			*toDelete[32];
data/dx-4.4.4/src/exec/libdx/invalid.c:580:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char			*toDelete[32];
data/dx-4.4.4/src/exec/libdx/invalid.c:1011:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char			*toDelete[32];
data/dx-4.4.4/src/exec/libdx/invalid.c:1339:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(nPtr, DXGetArrayEntry(aHandle, i, buf), itemSize);
data/dx-4.4.4/src/exec/libdx/invalid.c:2337:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char sbuf[128];
data/dx-4.4.4/src/exec/libdx/invalid.c:2601:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char  sbuf[128];
data/dx-4.4.4/src/exec/libdx/invalid.c:3033:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(tmp, handle->data, handle->nItems*sizeof(ubyte));
data/dx-4.4.4/src/exec/libdx/invalid.c:3204:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(tmp, handle->data, handle->nItems*sizeof(ubyte));
data/dx-4.4.4/src/exec/libdx/invalid.c:3431:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *cNames[1000];
data/dx-4.4.4/src/exec/libdx/irreggrow.c:700:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   	*oComponents[256];
data/dx-4.4.4/src/exec/libdx/irreggrow.c:701:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   	*sComponents[256];
data/dx-4.4.4/src/exec/libdx/irreggrow.c:702:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char        origName[256];
data/dx-4.4.4/src/exec/libdx/irreggrow.c:1015:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char      origName[256];
data/dx-4.4.4/src/exec/libdx/irreggrow.c:1021:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char      *names[100];
data/dx-4.4.4/src/exec/libdx/irreggrow.c:1023:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char      *components[256];
data/dx-4.4.4/src/exec/libdx/irreggrow.c:1596:8:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			    memcpy(dPtr, sPtr, knt*iSize);
data/dx-4.4.4/src/exec/libdx/irreggrow.c:1605:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(dPtr, sPtr, knt*iSize);
data/dx-4.4.4/src/exec/libdx/irreggrow.c:1894:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
				memcpy(dst, src, itemSize);
data/dx-4.4.4/src/exec/libdx/irreggrow.c:1918:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
				memcpy(dst, src, itemSize);
data/dx-4.4.4/src/exec/libdx/lbcolor.c:21:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char        colorname[80];
data/dx-4.4.4/src/exec/libdx/lbcolor.c:114:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char newstring[30], laststring[80];
data/dx-4.4.4/src/exec/libdx/lbcolor.c:115:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char compactstring[80];
data/dx-4.4.4/src/exec/libdx/lbcolor.c:116:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *rootstring, colorfile[100];
data/dx-4.4.4/src/exec/libdx/lbcolor.c:151:11:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	    in = fopen(colorfile, "r");
data/dx-4.4.4/src/exec/libdx/lbcolor.c:158:11:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	    in = fopen(colorfile, "r");
data/dx-4.4.4/src/exec/libdx/lbcolor.c:165:11:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	    in = fopen(colorfile, "r");
data/dx-4.4.4/src/exec/libdx/lbcolor.c:169:7:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	in = fopen("/usr/share/dx/lib/colors.txt","r");
data/dx-4.4.4/src/exec/libdx/lbcolor.c:275:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char string[80];
data/dx-4.4.4/src/exec/libdx/lbextract.c:430:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(efrom, eto, itemsize);
data/dx-4.4.4/src/exec/libdx/lbextract.c:448:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(from, to, itemsize);
data/dx-4.4.4/src/exec/libdx/lbextract.c:466:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(from, to, itemsize);
data/dx-4.4.4/src/exec/libdx/lbextract.c:630:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(todp, fromdp, fromcount * DXGetItemSize(from));
data/dx-4.4.4/src/exec/libdx/lbextract.c:1161:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    memcpy(p, DXGetArrayData((Array)o), 
data/dx-4.4.4/src/exec/libdx/lbextract.c:1180:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(p, DXGetArrayData(na), nitems * DXGetItemSize(na));
data/dx-4.4.4/src/exec/libdx/lbgrid.c:134:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy(str, "points");
data/dx-4.4.4/src/exec/libdx/lbgrid.c:137:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy(str, "lines");
data/dx-4.4.4/src/exec/libdx/lbgrid.c:140:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy(str, "quads");
data/dx-4.4.4/src/exec/libdx/lbgrid.c:143:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy(str, "cubes");
data/dx-4.4.4/src/exec/libdx/lbgrid.c:146:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(str, "cubes%dD", rank);
data/dx-4.4.4/src/exec/libdx/lbgrid.c:158:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char et[32];
data/dx-4.4.4/src/exec/libdx/lbmessage.c:58:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *file, *s, name[100];
data/dx-4.4.4/src/exec/libdx/lbmessage.c:91:10:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    fd = open(name, O_RDONLY);
data/dx-4.4.4/src/exec/libdx/lbmessage.c:116:8:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	mno = atoi(s);
data/dx-4.4.4/src/exec/libdx/lbmessage.c:150:9:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    i = atoi(s+1);
data/dx-4.4.4/src/exec/libdx/lbmessage.c:177:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char _ErrorMessage[2000] = "";
data/dx-4.4.4/src/exec/libdx/lbmessage.c:236:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[2000];
data/dx-4.4.4/src/exec/libdx/lbmessage.c:246:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(_ErrorMessage, " / ");
data/dx-4.4.4/src/exec/libdx/lbmessage.c:287:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char *messages[(int)ERROR_MAX];
data/dx-4.4.4/src/exec/libdx/lbmessage.c:350:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char long_buf[LARGE];
data/dx-4.4.4/src/exec/libdx/lbpartition.c:680:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(pptr+(ptinfo[j].pos*itemSize), psrc, itemSize);
data/dx-4.4.4/src/exec/libdx/lbpartition.c:683:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(nptr+(ptinfo[j].neg*itemSize), nsrc, itemSize);
data/dx-4.4.4/src/exec/libdx/lbpartition.c:688:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(pptr+(c_index[j]*itemSize), psrc, itemSize);
data/dx-4.4.4/src/exec/libdx/lbpartition.c:691:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(nptr+(c_index[j]*itemSize), nsrc, itemSize);
data/dx-4.4.4/src/exec/libdx/lbpartition.c:697:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(pptr, psrc, itemSize);
data/dx-4.4.4/src/exec/libdx/lbpartition.c:703:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(nptr, nsrc, itemSize);
data/dx-4.4.4/src/exec/libdx/lbprint.c:185:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *c[2];
data/dx-4.4.4/src/exec/libdx/lbprint.c:201:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *components[100];
data/dx-4.4.4/src/exec/libdx/lbprint.c:1549:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char linebuf[128];
data/dx-4.4.4/src/exec/libdx/lbprint.c:1551:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char sbuf[64], mbuf[64], ebuf[64];
data/dx-4.4.4/src/exec/libdx/lbprint.c:1814:10:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	pchar(((char *)value)[offset]);
data/dx-4.4.4/src/exec/libdx/lbshade.c:1086:38:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   fcolors->r = byteTable[((unsigned char *)ifc)[0]] * fambr;
data/dx-4.4.4/src/exec/libdx/lbshade.c:1087:38:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   fcolors->g = byteTable[((unsigned char *)ifc)[1]] * fambg;
data/dx-4.4.4/src/exec/libdx/lbshade.c:1088:38:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   fcolors->b = byteTable[((unsigned char *)ifc)[2]] * fambb;
data/dx-4.4.4/src/exec/libdx/lbshade.c:1128:38:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   bcolors->r = byteTable[((unsigned char *)ibc)[0]] * bambr;
data/dx-4.4.4/src/exec/libdx/lbshade.c:1129:38:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   bcolors->g = byteTable[((unsigned char *)ibc)[1]] * bambg;
data/dx-4.4.4/src/exec/libdx/lbshade.c:1130:38:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   bcolors->b = byteTable[((unsigned char *)ibc)[2]] * bambb;
data/dx-4.4.4/src/exec/libdx/lbshade.c:1774:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 ofc->r = byteTable[((unsigned char *)ifc)[0]] 
data/dx-4.4.4/src/exec/libdx/lbshade.c:1776:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 ofc->g = byteTable[((unsigned char *)ifc)[1]] 
data/dx-4.4.4/src/exec/libdx/lbshade.c:1778:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 ofc->b = byteTable[((unsigned char *)ifc)[2]] 
data/dx-4.4.4/src/exec/libdx/lbshade.c:1790:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 obc->r = byteTable[((unsigned char *)ibc)[0]] 
data/dx-4.4.4/src/exec/libdx/lbshade.c:1792:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 obc->g = byteTable[((unsigned char *)ibc)[1]] 
data/dx-4.4.4/src/exec/libdx/lbshade.c:1794:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 obc->b = byteTable[((unsigned char *)ibc)[2]] 
data/dx-4.4.4/src/exec/libdx/lbshade.c:1858:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 ofc->r = byteTable[((unsigned char *)ifc)[0]] 
data/dx-4.4.4/src/exec/libdx/lbshade.c:1860:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 ofc->g = byteTable[((unsigned char *)ifc)[1]] 
data/dx-4.4.4/src/exec/libdx/lbshade.c:1862:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 ofc->b = byteTable[((unsigned char *)ifc)[2]] 
data/dx-4.4.4/src/exec/libdx/lbshade.c:1918:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 obc->r = byteTable[((unsigned char *)ibc)[0]] 
data/dx-4.4.4/src/exec/libdx/lbshade.c:1920:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 obc->g = byteTable[((unsigned char *)ibc)[1]] 
data/dx-4.4.4/src/exec/libdx/lbshade.c:1922:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 obc->b = byteTable[((unsigned char *)ibc)[2]] 
data/dx-4.4.4/src/exec/libdx/lbshade.c:1979:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 ofc->r = byteTable[((unsigned char *)ifc)[0]] 
data/dx-4.4.4/src/exec/libdx/lbshade.c:1981:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 ofc->g = byteTable[((unsigned char *)ifc)[1]] 
data/dx-4.4.4/src/exec/libdx/lbshade.c:1983:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 ofc->b = byteTable[((unsigned char *)ifc)[2]] 
data/dx-4.4.4/src/exec/libdx/lbshade.c:1995:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 obc->r = byteTable[((unsigned char *)ibc)[0]] 
data/dx-4.4.4/src/exec/libdx/lbshade.c:1997:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 obc->g = byteTable[((unsigned char *)ibc)[1]] 
data/dx-4.4.4/src/exec/libdx/lbshade.c:1999:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 obc->b = byteTable[((unsigned char *)ibc)[2]] 
data/dx-4.4.4/src/exec/libdx/lbshade.c:2061:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 ofc->r = byteTable[((unsigned char *)ifc)[0]] 
data/dx-4.4.4/src/exec/libdx/lbshade.c:2063:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 ofc->g = byteTable[((unsigned char *)ifc)[1]] 
data/dx-4.4.4/src/exec/libdx/lbshade.c:2065:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 ofc->b = byteTable[((unsigned char *)ifc)[2]] 
data/dx-4.4.4/src/exec/libdx/lbshade.c:2119:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 obc->r = byteTable[((unsigned char *)ibc)[0]] 
data/dx-4.4.4/src/exec/libdx/lbshade.c:2121:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 obc->g = byteTable[((unsigned char *)ibc)[1]] 
data/dx-4.4.4/src/exec/libdx/lbshade.c:2123:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 obc->b = byteTable[((unsigned char *)ibc)[2]] 
data/dx-4.4.4/src/exec/libdx/lbshade.c:2184:33:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 ofc->r += byteTable[((unsigned char *)ifc)[0]] * CAT(f,diffr) + CAT(f,specr); 
data/dx-4.4.4/src/exec/libdx/lbshade.c:2185:33:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 ofc->g += byteTable[((unsigned char *)ifc)[1]] * CAT(f,diffg) + CAT(f,specg); 
data/dx-4.4.4/src/exec/libdx/lbshade.c:2186:33:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 ofc->b += byteTable[((unsigned char *)ifc)[2]] * CAT(f,diffb) + CAT(f,specb); 
data/dx-4.4.4/src/exec/libdx/lbshade.c:2197:33:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 obc->r += byteTable[((unsigned char *)ibc)[0]] * CAT(b,diffr) + CAT(b,specr); 
data/dx-4.4.4/src/exec/libdx/lbshade.c:2198:33:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 obc->g += byteTable[((unsigned char *)ibc)[1]] * CAT(b,diffg) + CAT(b,specg); 
data/dx-4.4.4/src/exec/libdx/lbshade.c:2199:33:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 obc->b += byteTable[((unsigned char *)ibc)[2]] * CAT(b,diffb) + CAT(b,specb); 
data/dx-4.4.4/src/exec/libdx/lbshade.c:2262:33:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 ofc->r += byteTable[((unsigned char *)ifc)[0]] * CAT(f,diffr) + CAT(f,specr); 
data/dx-4.4.4/src/exec/libdx/lbshade.c:2263:33:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 ofc->g += byteTable[((unsigned char *)ifc)[1]] * CAT(f,diffg) + CAT(f,specg); 
data/dx-4.4.4/src/exec/libdx/lbshade.c:2264:33:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 ofc->b += byteTable[((unsigned char *)ifc)[2]] * CAT(f,diffb) + CAT(f,specb); 
data/dx-4.4.4/src/exec/libdx/lbshade.c:2319:33:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 obc->r += byteTable[((unsigned char *)ibc)[0]] * CAT(b,diffr) + CAT(b,specr); 
data/dx-4.4.4/src/exec/libdx/lbshade.c:2320:33:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 obc->g += byteTable[((unsigned char *)ibc)[1]] * CAT(b,diffg) + CAT(b,specg); 
data/dx-4.4.4/src/exec/libdx/lbshade.c:2321:33:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 obc->b += byteTable[((unsigned char *)ibc)[2]] * CAT(b,diffb) + CAT(b,specb); 
data/dx-4.4.4/src/exec/libdx/lbshade.c:2377:33:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 ofc->r += byteTable[((unsigned char *)ifc)[0]] * CAT(f,diffr) + CAT(f,specr); 
data/dx-4.4.4/src/exec/libdx/lbshade.c:2378:33:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 ofc->g += byteTable[((unsigned char *)ifc)[1]] * CAT(f,diffg) + CAT(f,specg); 
data/dx-4.4.4/src/exec/libdx/lbshade.c:2379:33:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 ofc->b += byteTable[((unsigned char *)ifc)[2]] * CAT(f,diffb) + CAT(f,specb); 
data/dx-4.4.4/src/exec/libdx/lbshade.c:2390:33:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 obc->r += byteTable[((unsigned char *)ibc)[0]] * CAT(b,diffr) + CAT(b,specr); 
data/dx-4.4.4/src/exec/libdx/lbshade.c:2391:33:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 obc->g += byteTable[((unsigned char *)ibc)[1]] * CAT(b,diffg) + CAT(b,specg); 
data/dx-4.4.4/src/exec/libdx/lbshade.c:2392:33:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 obc->b += byteTable[((unsigned char *)ibc)[2]] * CAT(b,diffb) + CAT(b,specb); 
data/dx-4.4.4/src/exec/libdx/lbshade.c:2453:33:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 ofc->r += byteTable[((unsigned char *)ifc)[0]] * CAT(f,diffr) + CAT(f,specr); 
data/dx-4.4.4/src/exec/libdx/lbshade.c:2454:33:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 ofc->g += byteTable[((unsigned char *)ifc)[1]] * CAT(f,diffg) + CAT(f,specg); 
data/dx-4.4.4/src/exec/libdx/lbshade.c:2455:33:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 ofc->b += byteTable[((unsigned char *)ifc)[2]] * CAT(f,diffb) + CAT(f,specb); 
data/dx-4.4.4/src/exec/libdx/lbshade.c:2508:33:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 obc->r += byteTable[((unsigned char *)ibc)[0]] * CAT(b,diffr) + CAT(b,specr); 
data/dx-4.4.4/src/exec/libdx/lbshade.c:2509:33:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 obc->g += byteTable[((unsigned char *)ibc)[1]] * CAT(b,diffg) + CAT(b,specg); 
data/dx-4.4.4/src/exec/libdx/lbshade.c:2510:33:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 obc->b += byteTable[((unsigned char *)ibc)[2]] * CAT(b,diffb) + CAT(b,specb); 
data/dx-4.4.4/src/exec/libdx/lbshade.c:2918:29:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      f = _map + ((unsigned char *)_fc)[ci];
data/dx-4.4.4/src/exec/libdx/lbshade.c:2920:29:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      b = _map + ((unsigned char *)_bc)[ci];
data/dx-4.4.4/src/exec/libdx/lbtask.c:252:38:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    t->arg = size==0? arg : (char *) memcpy(DXAllocate(size), arg, size);
data/dx-4.4.4/src/exec/libdx/lbtask.c:428:8:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
       memcpy(ti->tasks, lti.tasks, lti.ntasks * sizeof(struct task));
data/dx-4.4.4/src/exec/libdx/lbtext.c:186:21:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        if ( ( fd = open( dirbuf, O_RDONLY ) ) >= 0 )
data/dx-4.4.4/src/exec/libdx/lbtext.c:189:9:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
        strcat( dirbuf, ".dx" );
data/dx-4.4.4/src/exec/libdx/lbtext.c:191:21:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        if ( ( fd = open( dirbuf, O_RDONLY ) ) >= 0 )
data/dx-4.4.4/src/exec/libdx/lbtext.c:199:9:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
        strcat( dirbuf, "/fonts/" );
data/dx-4.4.4/src/exec/libdx/lbtext.c:203:21:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        if ( ( fd = open( dirbuf, O_RDONLY ) ) >= 0 )
data/dx-4.4.4/src/exec/libdx/lbtext.c:206:9:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
        strcat( dirbuf, ".dx" );
data/dx-4.4.4/src/exec/libdx/lbtext.c:208:21:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        if ( ( fd = open( dirbuf, O_RDONLY ) ) >= 0 )
data/dx-4.4.4/src/exec/libdx/lbtransform.c:814:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy((char *)&m0, (char *)m, sizeof(Matrix));
data/dx-4.4.4/src/exec/libdx/lbtransform.c:1398:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(buf, DXGetConstantArrayData(array), size);
data/dx-4.4.4/src/exec/libdx/lbtransform.c:1453:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    memcpy(outPointer, inPointer, size1);
data/dx-4.4.4/src/exec/libdx/lbtransform.c:1463:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    memcpy(outPointer, inPointer, inSize);
data/dx-4.4.4/src/exec/libdx/line.c:305:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	dst = cmap[((unsigned char *)colors)[i]]; \
data/dx-4.4.4/src/exec/libdx/line.c:321:28:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    dst = omap[((unsigned char *)opacities)[i]]; \
data/dx-4.4.4/src/exec/libdx/line.c:323:41:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    dst = _dxd_ubyteToFloat[((unsigned char *)opacities)[i]]; \
data/dx-4.4.4/src/exec/libdx/linesII1D.c:420:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    memcpy(v, ((FieldInterpolator)li)->cstData, itemSize);
data/dx-4.4.4/src/exec/libdx/linesII1D.c:466:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    memcpy(v, DXGetArrayEntry(li->dHandle, seg, (Pointer)dbuf),
data/dx-4.4.4/src/exec/libdx/linesRI1D.c:548:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    memcpy(v, ((FieldInterpolator)li)->cstData, itemSize);
data/dx-4.4.4/src/exec/libdx/linesRI1D.c:594:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    memcpy(v, DXGetArrayEntry(li->dHandle, seg, (Pointer)dbuf),
data/dx-4.4.4/src/exec/libdx/linesRR1D.c:301:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    memcpy(v, ((FieldInterpolator)li)->cstData, itemSize);
data/dx-4.4.4/src/exec/libdx/linesRR1D.c:375:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    memcpy(v, 
data/dx-4.4.4/src/exec/libdx/lock.c:45:27:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	    _dxf_locks_enabled = atoi(force_locks);
data/dx-4.4.4/src/exec/libdx/mem.c:173:16:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    FILE *fd = fopen("/proc/sys/kernel/shmmax", "r");
data/dx-4.4.4/src/exec/libdx/mem.c:262:7:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	m = (atoi(cp) == -1) ? MEM_DATASEG : MEM_SHARED;
data/dx-4.4.4/src/exec/libdx/mem.c:354:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	maxsegsize = atoi(cp);
data/dx-4.4.4/src/exec/libdx/mem.c:808:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char DX_MAP_FILE[32];
data/dx-4.4.4/src/exec/libdx/mem.c:811:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(DX_MAP_FILE, "dx%d.map", _getpid()); 
data/dx-4.4.4/src/exec/libdx/mem.c:856:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char DX_MAP_FILE[32];
data/dx-4.4.4/src/exec/libdx/mem.c:862:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(DX_MAP_FILE, "dx%d.map", _getpid()); 
data/dx-4.4.4/src/exec/libdx/memory.c:934:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(y, x, bs-USER);		/* yes, copy the data */
data/dx-4.4.4/src/exec/libdx/memory.c:1178:10:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    fp = fopen("/proc/meminfo", "r");
data/dx-4.4.4/src/exec/libdx/memory.c:1181:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char str[256];
data/dx-4.4.4/src/exec/libdx/memory.c:1364:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char buf[1000], *b;
data/dx-4.4.4/src/exec/libdx/memory.c:1374:21:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
			physmem = (uint)(atoi(b+6) / 1024.);
data/dx-4.4.4/src/exec/libdx/memory.c:1534:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char buf[132];
data/dx-4.4.4/src/exec/libdx/memory.c:1536:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(buf, "initial: physmem %d, othermem %d, po_ratio %g, physical procs %d, nproc %d\n",
data/dx-4.4.4/src/exec/libdx/memory.c:1583:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char buf[132];
data/dx-4.4.4/src/exec/libdx/memory.c:1585:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(buf, "final: physmem %d, othermem %d, total_size %ld (%ldM)\n",
data/dx-4.4.4/src/exec/libdx/memory.c:1701:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char tmpbuf[80];
data/dx-4.4.4/src/exec/libdx/memory.c:1702:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(tmpbuf, 
data/dx-4.4.4/src/exec/libdx/memory.c:2271:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(y, x, USIZE(x)-USER);
data/dx-4.4.4/src/exec/libdx/mesharray.c:128:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(result, left, size);
data/dx-4.4.4/src/exec/libdx/notify.c:32:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   string[1];
data/dx-4.4.4/src/exec/libdx/object.c:296:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		    memcpy(a, o->local, sizeof(o->local));
data/dx-4.4.4/src/exec/libdx/partreg.c:1378:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(orig_ip, np, sizeof(int) * orig_items);
data/dx-4.4.4/src/exec/libdx/parts.c:529:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy (args_copy_global, args, size);
data/dx-4.4.4/src/exec/libdx/permute.c:63:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    memcpy (out, in, n * size);
data/dx-4.4.4/src/exec/libdx/permute.c:75:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy (out, in, size);
data/dx-4.4.4/src/exec/libdx/plock.c:169:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buf[1024];
data/dx-4.4.4/src/exec/libdx/plock.c:173:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buf, "_lock: %d %d", n0, n1);
data/dx-4.4.4/src/exec/libdx/plock.c:201:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buf[1024];
data/dx-4.4.4/src/exec/libdx/plock.c:205:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buf, "_unlock: %d %d", n0, n1);
data/dx-4.4.4/src/exec/libdx/plock.c:272:18:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        int fd = open(LOCKFILE, OPEN_FLAGS, OPEN_MODE);
data/dx-4.4.4/src/exec/libdx/plock.c:312:25:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	    locks->_findlock = atoi(s);
data/dx-4.4.4/src/exec/libdx/point.c:29:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    cmap[((unsigned char *)colors)[i]] : \
data/dx-4.4.4/src/exec/libdx/point.c:33:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    &(cmap[((unsigned char *)colors)[i]]) : \
data/dx-4.4.4/src/exec/libdx/point.c:37:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    omap[((unsigned char *)opacities)[i]] : \
data/dx-4.4.4/src/exec/libdx/productarray.c:152:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(result, left, size);
data/dx-4.4.4/src/exec/libdx/qmessage.c:47:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char message[1];			/* allocate enough to put msg here */
data/dx-4.4.4/src/exec/libdx/qmessage.c:87:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(e->message, message, length);
data/dx-4.4.4/src/exec/libdx/qmessage.c:144:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[2000];
data/dx-4.4.4/src/exec/libdx/qmessage.c:196:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[2000];
data/dx-4.4.4/src/exec/libdx/qmessage.c:208:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buf, "%2d: ", DXProcessorId());
data/dx-4.4.4/src/exec/libdx/quad.c:105:34:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:105:94:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:105:154:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:144:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).r, g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).g, b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:144:89:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).r, g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).g, b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:144:147:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).r, g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).g, b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:161:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:161:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:161:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:184:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : i]]);
data/dx-4.4.4/src/exec/libdx/quad.c:508:34:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:508:94:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:508:154:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:547:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).r, g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).g, b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:547:89:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).r, g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).g, b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:547:147:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).r, g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).g, b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:564:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:564:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:564:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:587:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : i]]);
data/dx-4.4.4/src/exec/libdx/quad.c:938:34:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:938:94:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:938:154:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:977:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).r, g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).g, b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:977:89:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).r, g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).g, b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:977:147:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).r, g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).g, b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:994:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:994:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:994:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:1017:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : i]]);
data/dx-4.4.4/src/exec/libdx/quad.c:1341:34:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:1341:94:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:1341:154:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:1380:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).r, g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).g, b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:1380:89:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).r, g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).g, b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:1380:147:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).r, g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).g, b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:1397:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:1397:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:1397:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:1420:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : i]]);
data/dx-4.4.4/src/exec/libdx/quad.c:1830:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:1830:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:1830:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:1871:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:1871:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:1871:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:1888:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:1888:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:1888:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:1911:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/quad.c:2140:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:2140:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:2140:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:2181:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:2181:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:2181:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:2198:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:2198:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:2198:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:2221:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/quad.c:2491:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:2491:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:2491:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:2532:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:2532:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:2532:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:2549:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:2549:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:2549:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:2572:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/quad.c:2801:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:2801:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:2801:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:2842:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:2842:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:2842:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:2859:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:2859:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:2859:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:2882:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/quad.c:3152:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:3152:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:3152:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:3193:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:3193:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:3193:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:3210:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:3210:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:3210:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:3233:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/quad.c:3462:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:3462:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:3462:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:3503:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:3503:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:3503:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:3520:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:3520:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:3520:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:3543:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/quad.c:3820:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:3820:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:3820:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:3861:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:3861:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:3861:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:3878:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:3878:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:3878:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:3901:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/quad.c:4130:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:4130:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:4130:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:4171:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:4171:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:4171:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:4188:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:4188:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:4188:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:4211:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/quad.c:4481:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:4481:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:4481:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:4522:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:4522:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:4522:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:4539:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:4539:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:4539:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:4562:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/quad.c:4791:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:4791:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:4791:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:4832:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:4832:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:4832:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:4849:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:4849:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:4849:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:4872:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/quad.c:5142:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:5142:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:5142:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:5183:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:5183:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:5183:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:5200:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:5200:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:5200:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:5223:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/quad.c:5452:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:5452:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:5452:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:5493:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:5493:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:5493:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:5510:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:5510:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:5510:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:5533:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/quad.c:5838:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:5838:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:5838:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:5879:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:5879:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:5879:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:5896:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:5896:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:5896:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:5919:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/quad.c:6148:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:6148:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:6148:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:6189:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:6189:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:6189:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:6206:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:6206:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:6206:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:6229:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/quad.c:6499:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:6499:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:6499:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:6540:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:6540:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:6540:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:6557:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:6557:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:6557:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:6580:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/quad.c:6809:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:6809:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:6809:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:6850:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:6850:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:6850:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:6867:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:6867:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:6867:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:6890:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/quad.c:7160:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:7160:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:7160:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:7201:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:7201:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:7201:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:7218:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:7218:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:7218:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:7241:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/quad.c:7470:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:7470:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:7470:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:7511:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:7511:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:7511:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:7528:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:7528:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:7528:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:7551:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/quad.c:7861:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:7861:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:7861:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:7902:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:7902:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:7902:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:7919:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:7919:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:7919:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:7942:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/quad.c:8171:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:8171:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:8171:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:8212:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:8212:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:8212:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:8229:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:8229:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:8229:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:8252:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/quad.c:8554:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:8554:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:8554:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:8595:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:8595:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:8595:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:8612:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:8612:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:8612:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:8635:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/quad.c:8864:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:8864:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:8864:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:8905:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:8905:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:8905:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:8922:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:8922:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:8922:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:8945:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/quad.c:9215:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:9215:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:9215:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:9256:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:9256:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:9256:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:9273:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:9273:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:9273:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:9296:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/quad.c:9525:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:9525:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:9525:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:9566:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:9566:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:9566:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:9583:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:9583:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:9583:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:9606:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/quad.c:9876:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:9876:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:9876:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:9917:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:9917:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:9917:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:9934:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:9934:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:9934:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:9957:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/quad.c:10186:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:10186:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:10186:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:10227:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:10227:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:10227:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:10244:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:10244:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:10244:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:10267:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/quad.c:10600:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:10600:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:10600:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:10641:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:10641:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:10641:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:10658:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:10658:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:10658:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:10681:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/quad.c:10910:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:10910:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:10910:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:10951:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:10951:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:10951:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:10968:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:10968:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:10968:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:10991:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/quad.c:11271:34:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:11271:94:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:11271:154:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:11310:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).r, g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).g, b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:11310:89:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).r, g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).g, b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:11310:147:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).r, g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).g, b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:11327:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:11327:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:11327:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:11350:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : i]]);
data/dx-4.4.4/src/exec/libdx/quad.c:11674:34:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:11674:94:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:11674:154:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:11713:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).r, g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).g, b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:11713:89:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).r, g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).g, b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:11713:147:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).r, g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).g, b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:11730:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:11730:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:11730:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:11753:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : i]]);
data/dx-4.4.4/src/exec/libdx/quad.c:12160:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:12160:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:12160:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:12201:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:12201:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:12201:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:12218:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:12218:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:12218:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:12241:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/quad.c:12470:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:12470:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:12470:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:12511:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:12511:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:12511:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:12528:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:12528:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:12528:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:12551:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/quad.c:12821:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:12821:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:12821:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:12862:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:12862:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:12862:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:12879:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:12879:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:12879:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:12902:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/quad.c:13131:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:13131:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:13131:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:13172:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:13172:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:13172:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:13189:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:13189:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:13189:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:13212:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/quad.c:13482:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:13482:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:13482:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:13523:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:13523:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:13523:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:13540:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:13540:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:13540:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:13563:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/quad.c:13792:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:13792:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:13792:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:13833:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:13833:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:13833:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:13850:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:13850:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:13850:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:13873:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/quad.c:14177:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:14177:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:14177:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:14218:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:14218:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:14218:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:14235:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:14235:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:14235:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:14258:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/quad.c:14487:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:14487:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:14487:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:14528:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:14528:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:14528:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:14545:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:14545:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:14545:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:14568:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/quad.c:14838:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:14838:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:14838:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:14879:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:14879:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:14879:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:14896:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:14896:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:14896:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:14919:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/quad.c:15148:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:15148:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:15148:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:15189:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:15189:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:15189:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:15206:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:15206:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:15206:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:15229:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/quad.c:15499:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:15499:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:15499:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:15540:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:15540:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:15540:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:15557:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:15557:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:15557:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:15580:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/quad.c:15809:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:15809:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:15809:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:15850:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:15850:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:15850:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/quad.c:15867:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:15867:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:15867:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/quad.c:15890:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/quadsII2D.c:486:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    memcpy(v, ((FieldInterpolator)qi)->cstData, itemSize);
data/dx-4.4.4/src/exec/libdx/quadsII2D.c:532:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    memcpy(v, DXGetArrayEntry(qi->dHandle,
data/dx-4.4.4/src/exec/libdx/quadsII2D.c:897:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(args->quad, quad, 4*sizeof(int));
data/dx-4.4.4/src/exec/libdx/quadsRR2D.c:402:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    memcpy(v, ((FieldInterpolator)qi)->cstData, itemSize);
data/dx-4.4.4/src/exec/libdx/quadsRR2D.c:523:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    memcpy(v, DXGetArrayEntry(qi->dHandle,
data/dx-4.4.4/src/exec/libdx/quadsRR2D.c:601:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy((char *)new->size,   (char *)old->size,   2*sizeof(int));
data/dx-4.4.4/src/exec/libdx/quadsRR2D.c:602:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy((char *)new->counts, (char *)old->counts, 2*sizeof(float));
data/dx-4.4.4/src/exec/libdx/quadsRR2D.c:603:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy((char *)new->meshOffsets, (char *)old->meshOffsets, sizeof(old->meshOffsets));
data/dx-4.4.4/src/exec/libdx/reggrow.c:296:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char      *components[256];
data/dx-4.4.4/src/exec/libdx/reggrow.c:970:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char  	origName[128];
data/dx-4.4.4/src/exec/libdx/reggrow.c:976:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char	*toShrink[256], *toReplace[256];
data/dx-4.4.4/src/exec/libdx/reggrow.c:1278:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy((char *)dPtr, (char *)refs,
data/dx-4.4.4/src/exec/libdx/reggrow.c:1496:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(loop[0].dstPtr, loop[0].srcPtr, loop[0].length*itemSize);
data/dx-4.4.4/src/exec/libdx/reggrow.c:1550:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   origName[64];
data/dx-4.4.4/src/exec/libdx/reggrow.c:1954:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		    memcpy(loop[0].dstPtr, loop[0].srcPtr,
data/dx-4.4.4/src/exec/libdx/reggrow.c:2890:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(dstData, srcData, itemSize);
data/dx-4.4.4/src/exec/libdx/regulararray.c:38:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(a->origin, origin, a->array.size);
data/dx-4.4.4/src/exec/libdx/regulararray.c:39:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(a->delta, delta, a->array.size);
data/dx-4.4.4/src/exec/libdx/regulararray.c:58:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(origin, a->origin, a->array.size);
data/dx-4.4.4/src/exec/libdx/regulararray.c:60:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(delta, a->delta, a->array.size);
data/dx-4.4.4/src/exec/libdx/regulararray.c:78:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(origin, a->origin, size);					\
data/dx-4.4.4/src/exec/libdx/regulararray.c:79:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(delta, a->delta, size);					\
data/dx-4.4.4/src/exec/libdx/rwobject.c:1000:32:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define SetBytes(value, len) { memcpy((char *)*header, (char *)value, len); \
data/dx-4.4.4/src/exec/libdx/rwobject.c:2300:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dataset[64];
data/dx-4.4.4/src/exec/libdx/rwobject.c:2311:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(dataset, "socket %x import", fd);
data/dx-4.4.4/src/exec/libdx/rwobject.c:2457:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dataset[64];
data/dx-4.4.4/src/exec/libdx/rwobject.c:2470:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(dataset, "socket %x export", fd);
data/dx-4.4.4/src/exec/libdx/rwobject.c:2594:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dataset[64];
data/dx-4.4.4/src/exec/libdx/rwobject.c:2601:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(dataset, "socket import");
data/dx-4.4.4/src/exec/libdx/rwobject.c:2718:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dataset[64];
data/dx-4.4.4/src/exec/libdx/rwobject.c:2725:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(dataset, "socket export");
data/dx-4.4.4/src/exec/libdx/stats.c:53:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char data[1];       /* compname and statname point here */
data/dx-4.4.4/src/exec/libdx/stats.c:738:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat (statname, " statistics");
data/dx-4.4.4/src/exec/libdx/stats.c:1950:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(invalid, "invalid ");
data/dx-4.4.4/src/exec/libdx/stats.c:1985:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(*invalid, "invalid ");
data/dx-4.4.4/src/exec/libdx/string.c:54:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(o->shortstr, s, n);
data/dx-4.4.4/src/exec/libdx/string.c:61:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(o->string, s, n);
data/dx-4.4.4/src/exec/libdx/stringClass.c:145:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char shortstr[IMBEDDED];		/* short strings are stored here */
data/dx-4.4.4/src/exec/libdx/tetras.c:751:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    memcpy(v, ((FieldInterpolator)ti)->cstData, itemSize);
data/dx-4.4.4/src/exec/libdx/tetras.c:797:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    memcpy(v, DXGetArrayEntry(ti->data,
data/dx-4.4.4/src/exec/libdx/tile.c:336:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char depth_str[201];
data/dx-4.4.4/src/exec/libdx/tile.c:477:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy((char *)&(p->background), (char *)&background,
data/dx-4.4.4/src/exec/libdx/timing.c:47:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char label[16];		/* this event's label */
data/dx-4.4.4/src/exec/libdx/triangle.c:96:34:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:96:94:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:96:154:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:135:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).r, g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).g, b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:135:89:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).r, g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).g, b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:135:147:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).r, g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).g, b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:152:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:152:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:152:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:175:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : i]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:517:34:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:517:94:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:517:154:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:556:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).r, g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).g, b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:556:89:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).r, g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).g, b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:556:147:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).r, g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).g, b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:573:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:573:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:573:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:596:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : i]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:1007:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:1007:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:1007:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:1048:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:1048:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:1048:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:1065:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:1065:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:1065:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:1088:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:1359:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:1359:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:1359:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:1400:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:1400:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:1400:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:1417:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:1417:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:1417:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:1440:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:1711:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:1711:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:1711:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:1752:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:1752:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:1752:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:1769:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:1769:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:1769:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:1792:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:2071:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:2071:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:2071:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:2112:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:2112:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:2112:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:2129:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:2129:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:2129:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:2152:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:2423:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:2423:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:2423:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:2464:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:2464:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:2464:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:2481:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:2481:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:2481:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:2504:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:2775:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:2775:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:2775:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:2816:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:2816:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:2816:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:2833:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:2833:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:2833:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:2856:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:3162:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:3162:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:3162:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:3203:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:3203:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:3203:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:3220:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:3220:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:3220:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:3243:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:3514:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:3514:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:3514:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:3555:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:3555:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:3555:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:3572:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:3572:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:3572:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:3595:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:3866:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:3866:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:3866:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:3907:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:3907:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:3907:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:3924:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:3924:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:3924:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:3947:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:4283:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:4283:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:4283:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:4324:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:4324:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:4324:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:4341:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:4341:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:4341:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:4364:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:4635:34:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:4635:94:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:4635:154:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:4674:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).r, g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).g, b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:4674:89:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).r, g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).g, b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:4674:147:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (cmap) r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).r, g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).g, b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : i]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:4691:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:4691:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:4691:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:4714:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : i]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:5122:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:5122:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:5122:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:5163:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:5163:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:5163:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:5180:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:5180:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:5180:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:5203:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:5474:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:5474:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:5474:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:5515:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:5515:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:5515:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:5532:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:5532:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:5532:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:5555:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:5826:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:5826:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:5826:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:5867:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:5867:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:5867:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:5884:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:5884:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:5884:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:5907:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:6212:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:6212:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:6212:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:6253:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:6253:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:6253:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:6270:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:6270:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:6270:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:6293:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:6564:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:6564:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:6564:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:6605:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:6605:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:6605:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:6622:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:6622:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:6622:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:6645:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:6916:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:6916:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:6916:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:6957:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:6957:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:6957:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:6974:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:6974:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:6974:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:6997:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:7360:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:7360:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:7360:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:7401:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:7401:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:7401:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:7418:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:7418:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:7418:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:7441:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:7744:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:7744:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:7744:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:7785:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:7785:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:7785:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:7802:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:7802:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:7802:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:7825:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:8096:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:8096:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:8096:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:8137:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:8137:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:8137:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:8154:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:8154:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:8154:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:8177:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:8448:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:8448:84:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:8448:144:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 c1= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v1]]), c2= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v2]]), c3= &(cmap[((unsigned char *)colors)[cstcolors ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:8489:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:8489:83:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:8489:145:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 r=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).r; g=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).g; b=(cmap[((unsigned char *)colors)[cstcolors ? 0 : index]]).b;
data/dx-4.4.4/src/exec/libdx/triangle.c:8506:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:8506:92:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:8506:152:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o1=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v1]]), o2=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v2]]), o3=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : v3]]);
data/dx-4.4.4/src/exec/libdx/triangle.c:8529:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 if (omap) o=(omap[((unsigned char *)opacities)[xf->ocst ? 0 : index]]);
data/dx-4.4.4/src/exec/libdx/triangles.h:355:37:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
#define MAPCOLS(i) (cmap[((unsigned char *)colors)[cstcolors ? 0 : i]])
data/dx-4.4.4/src/exec/libdx/triangles.h:356:36:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
#define MAPOPS(i) (omap[((unsigned char *)opacities)[xf->ocst ? 0 : i]])
data/dx-4.4.4/src/exec/libdx/trisRI2D.c:402:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    memcpy(v, ((FieldInterpolator)ti)->cstData, itemSize);
data/dx-4.4.4/src/exec/libdx/trisRI2D.c:448:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    memcpy(v, DXGetArrayEntry(ti->dHandle,
data/dx-4.4.4/src/exec/libdx/zclip.h:25:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		    c1 = cmap + (((unsigned char *)fcolors)[v1]);\
data/dx-4.4.4/src/exec/libdx/zclip.h:26:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		    c2 = cmap + (((unsigned char *)fcolors)[v2]);\
data/dx-4.4.4/src/exec/libdx/zclip.h:44:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		    c1 = cmap + (((unsigned char *)bcolors)[v1]);\
data/dx-4.4.4/src/exec/libdx/zclip.h:45:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		    c2 = cmap + (((unsigned char *)bcolors)[v2]);\
data/dx-4.4.4/src/exec/libdx/zclip.h:61:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		    o1 = omap + (((unsigned char *)opacities)[v1]);\
data/dx-4.4.4/src/exec/libdx/zclip.h:62:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		    o2 = omap + (((unsigned char *)opacities)[v2]);\
data/dx-4.4.4/src/exec/libdx/zclip.h:100:44:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    else if (cmap) *xfc = cmap[((unsigned char *)fcolors)[i]];\
data/dx-4.4.4/src/exec/libdx/zclip.h:106:44:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    else if (cmap) *xbc = cmap[((unsigned char *)bcolors)[i]];\
data/dx-4.4.4/src/exec/libdx/zclip.h:112:44:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    else if (omap) *xop = omap[((unsigned char *)opacities)[i]];\
data/dx-4.4.4/src/exec/libdx/zclip.h:133:44:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    else if (cmap) *xfc = cmap[((unsigned char *)fcolors)[v]];\
data/dx-4.4.4/src/exec/libdx/zclip.h:139:44:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    else if (cmap) *xbc = cmap[((unsigned char *)bcolors)[v]];\
data/dx-4.4.4/src/exec/libdx/zclip.h:145:44:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    else if (omap) *xop = omap[((unsigned char *)opacities)[v]];\
data/dx-4.4.4/src/misc/dx.c:167:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char key[500];
data/dx-4.4.4/src/misc/dx.c:168:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char key2[500];
data/dx-4.4.4/src/misc/dx.c:331:14:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    	        strcpy(xservername, "Exceed 7"); whichX = EXCEED7;
data/dx-4.4.4/src/misc/dx.c:340:14:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    	        strcpy(xservername, "Exceed 6"); whichX = EXCEED6;
data/dx-4.4.4/src/misc/dx.c:352:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
		strcpy(xservername, "X-Win32"); whichX = XWIN32;
data/dx-4.4.4/src/misc/dx.c:362:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
		strcpy(xservername, "WinaXe"); whichX = WINAXE;
data/dx-4.4.4/src/misc/dx.c:420:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
		strcpy(dxroot, "/usr/share/dx/");
data/dx-4.4.4/src/misc/dx.c:422:6:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    	strcpy(dxroot, "\\usr\\local\\dx\\");
data/dx-4.4.4/src/misc/dx.c:438:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(dxdata,"samples/data");
data/dx-4.4.4/src/misc/dx.c:445:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(dxdata,"samples\\data");
data/dx-4.4.4/src/misc/dx.c:456:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(dxmacros,"samples/macros");
data/dx-4.4.4/src/misc/dx.c:463:9:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
        strcat(buf,"samples\\macros");
data/dx-4.4.4/src/misc/dx.c:600:4:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
			strcpy(display, "localpc:0");
data/dx-4.4.4/src/misc/dx.c:602:4:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
			strcpy(display, "localhost:0");
data/dx-4.4.4/src/misc/dx.c:788:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
				strcat(prompterflags, " -file ");
data/dx-4.4.4/src/misc/dx.c:823:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
				strcat(uiflags, " -port ");
data/dx-4.4.4/src/misc/dx.c:827:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
				strcat(uiflags, " -program ");
data/dx-4.4.4/src/misc/dx.c:831:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
				strcat(uiflags, " -uionly");
data/dx-4.4.4/src/misc/dx.c:833:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
				strcat(uiflags, " -wizard");
data/dx-4.4.4/src/misc/dx.c:836:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
				strcat(uiflags, " -directory ");
data/dx-4.4.4/src/misc/dx.c:841:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
				strcat(uiflags, " -exec ");
data/dx-4.4.4/src/misc/dx.c:868:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *args[100];
data/dx-4.4.4/src/misc/dx.c:873:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[BUFFSIZE];
data/dx-4.4.4/src/misc/dx.c:879:6:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	f = fopen(FileName, "r");
data/dx-4.4.4/src/misc/dx.c:1107:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy(msgstr, "ignoring option -" #val  " and its value, ");	\
data/dx-4.4.4/src/misc/dx.c:1169:6:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	    strcpy(exmem, " -M");
data/dx-4.4.4/src/misc/dx.c:1171:6:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	    strcpy(uimem, "-memory");
data/dx-4.4.4/src/misc/dx.c:1177:6:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	    strcpy(exprocs, " -p");
data/dx-4.4.4/src/misc/dx.c:1196:6:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	    strcpy(exmode, "-r");
data/dx-4.4.4/src/misc/dx.c:1205:6:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	    strcpy(uimode, "-kiosk");
data/dx-4.4.4/src/misc/dx.c:1207:6:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	    strcpy(exmode, "-r");
data/dx-4.4.4/src/misc/dx.c:1219:6:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	    strcpy(xparms, "-xrm");
data/dx-4.4.4/src/misc/dx.c:1233:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
		strcpy(exlog, "-l");
data/dx-4.4.4/src/misc/dx.c:1234:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
		strcpy(uilog, "-log on");
data/dx-4.4.4/src/misc/dx.c:1237:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
		strcpy(uilog, "-log off");
data/dx-4.4.4/src/misc/dx.c:1245:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
		strcpy(uicache, "-cache on");
data/dx-4.4.4/src/misc/dx.c:1247:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
		strcpy(excache, "-c");
data/dx-4.4.4/src/misc/dx.c:1248:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
		strcpy(uicache, "-cache off");
data/dx-4.4.4/src/misc/dx.c:1255:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
		strcpy(extrace, "-T");
data/dx-4.4.4/src/misc/dx.c:1256:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
		strcpy(uitrace, "-trace on");
data/dx-4.4.4/src/misc/dx.c:1259:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
		strcpy(uitrace, "-trace off");
data/dx-4.4.4/src/misc/dx.c:1267:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
		strcpy(uiread, "-readahead on");
data/dx-4.4.4/src/misc/dx.c:1269:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
		strcpy(exread, "-u");
data/dx-4.4.4/src/misc/dx.c:1270:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
		strcpy(uiread, "-readahead off");
data/dx-4.4.4/src/misc/dx.c:1277:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
		strcpy(extime, "-m");
data/dx-4.4.4/src/misc/dx.c:1278:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
		strcpy(uitime, "-timing on");
data/dx-4.4.4/src/misc/dx.c:1281:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
		strcpy(uitime, "-timing off");
data/dx-4.4.4/src/misc/dx.c:1289:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
		strcpy(exhilite, "-B");
data/dx-4.4.4/src/misc/dx.c:1290:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
		strcpy(uihilite, "-highlight on");
data/dx-4.4.4/src/misc/dx.c:1293:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
		strcpy(uihilite, "-highlight off");
data/dx-4.4.4/src/misc/dx.c:1316:6:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	    strcpy(exmode, "-R");
data/dx-4.4.4/src/misc/dx.c:1338:6:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	    strcat(uiflags, "-cfg");
data/dx-4.4.4/src/misc/dx.c:1375:6:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	    strcat(exmdf, " -F");
data/dx-4.4.4/src/misc/dx.c:1377:6:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	    strcat(uimdf, " -mdf");
data/dx-4.4.4/src/misc/dx.c:1389:6:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	    strcat(uimdf, " -uimdf");
data/dx-4.4.4/src/misc/dx.c:1426:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
		strcpy(dx8bitcmap, "-1.0");
data/dx-4.4.4/src/misc/dx.c:1428:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
		strcpy(dx8bitcmap, "1.0");
data/dx-4.4.4/src/misc/dx.c:1541:6:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	    strcpy(errmsg, "Unrecognized parameter: ");
data/dx-4.4.4/src/misc/dx.h:55:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
typedef char smallstr[SMALLSTR];
data/dx-4.4.4/src/misc/dx.h:56:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
typedef char envstr[MAXENV];
data/dx-4.4.4/src/misc/dx.h:57:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
typedef char namestr[MAXNAME];
data/dx-4.4.4/src/misc/dx.h:58:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
typedef char valuestr[MAXNAME];
data/dx-4.4.4/src/misc/utils.c:107:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char s[MAXENV];
data/dx-4.4.4/src/uipp/base/Application.C:237:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char res_file[256];
data/dx-4.4.4/src/uipp/base/Application.C:491:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[BUFSIZ];
data/dx-4.4.4/src/uipp/base/Application.C:492:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char mesg[BUFSIZ];
data/dx-4.4.4/src/uipp/base/Application.C:493:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char number[32];
data/dx-4.4.4/src/uipp/base/Application.C:502:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(number, "%d", event->request_code);
data/dx-4.4.4/src/uipp/base/Application.C:505:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(buffer, "Extension %d", event->request_code);
data/dx-4.4.4/src/uipp/base/Application.C:512:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(mesg, "Extension %d.%d",
data/dx-4.4.4/src/uipp/base/Application.C:591:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy (&res_file[len], "-ad");
data/dx-4.4.4/src/uipp/base/CascadeMenu.C:29:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *pulldownName, buffer[BUFLEN]; 
data/dx-4.4.4/src/uipp/base/CmdEntry.C:77:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char s[100];
data/dx-4.4.4/src/uipp/base/DXTensor.C:108:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy((char*)nptr, ptr, size);
data/dx-4.4.4/src/uipp/base/DXTensor.C:287:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char buf[128];
data/dx-4.4.4/src/uipp/base/DXType.C:654:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char buf1[512];
data/dx-4.4.4/src/uipp/base/DXType.C:655:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char buf2[512];
data/dx-4.4.4/src/uipp/base/DXValue.C:556:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char extra_memory[4096];
data/dx-4.4.4/src/uipp/base/DXValue.C:833:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
			char *newval, *p, buf[64];
data/dx-4.4.4/src/uipp/base/DXValue.C:902:7:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
						strcpy(newval,"{ ");
data/dx-4.4.4/src/uipp/base/DXValue.C:1009:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(this->string, "%d", integer);
data/dx-4.4.4/src/uipp/base/DXValue.C:1079:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf, "%.*g", precision, value);
data/dx-4.4.4/src/uipp/base/DXValue.C:1087:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat(buf,".0");
data/dx-4.4.4/src/uipp/base/DXValue.C:1224:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char format[64], tmp[8];
data/dx-4.4.4/src/uipp/base/DXValue.C:1227:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(format, "%%.%de", decimals);
data/dx-4.4.4/src/uipp/base/DXValue.C:1229:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    	sprintf(format, "%%.%df", decimals);
data/dx-4.4.4/src/uipp/base/DXValue.C:1347:6:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	    strcat(c, " }");
data/dx-4.4.4/src/uipp/base/DXValue.C:1398:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   char stack[4096];
data/dx-4.4.4/src/uipp/base/DXValue.C:1456:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf(p, "%d ", (int)v);
data/dx-4.4.4/src/uipp/base/DXValue.C:1465:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf(p, "%d ", (int)dflt);
data/dx-4.4.4/src/uipp/base/DXValue.C:1492:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char valbuf[64], itembuf[1024];
data/dx-4.4.4/src/uipp/base/DXValue.C:1594:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		sprintf(valbuf,"%d ", (int)(val));
data/dx-4.4.4/src/uipp/base/DXValue.C:1640:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char        stringval[64];
data/dx-4.4.4/src/uipp/base/DXValue.C:1702:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   char buf_space[1024];
data/dx-4.4.4/src/uipp/base/DXValue.C:1773:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   char buf_space[1024];
data/dx-4.4.4/src/uipp/base/Dialog.C:155:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   char buffer[256];
data/dx-4.4.4/src/uipp/base/DragSource.C:269:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char hostname[MAXHOSTNAMELEN];
data/dx-4.4.4/src/uipp/base/DropSite.C:270:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char hostname[MAXHOSTNAMELEN], *src_host;
data/dx-4.4.4/src/uipp/base/DropSite.C:271:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tbuf[8];
data/dx-4.4.4/src/uipp/base/DropSite.C:289:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy (tbuf, "FALSE");
data/dx-4.4.4/src/uipp/base/DropSite.C:291:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy (tbuf, "TRUE");
data/dx-4.4.4/src/uipp/base/DynamicResource.C:389:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char *names_of_dest[MAXLEVELS+1];
data/dx-4.4.4/src/uipp/base/ErrorDialogManager.C:73:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buffer[1024];      // FIXME: how to allocate this
data/dx-4.4.4/src/uipp/base/ErrorDialogManager.C:92:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char buffer[1024];	// FIXME: how to allocate this
data/dx-4.4.4/src/uipp/base/FileDialog.C:261:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char shellname[512];
data/dx-4.4.4/src/uipp/base/FileDialog.C:443:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char dir[_MAX_PATH];
data/dx-4.4.4/src/uipp/base/FileDialog.C:444:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char mask[_MAX_PATH];
data/dx-4.4.4/src/uipp/base/FileDialog.C:445:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char value[_MAX_PATH];
data/dx-4.4.4/src/uipp/base/FileDialog.C:446:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buff[_MAX_PATH];
data/dx-4.4.4/src/uipp/base/FileDialog.C:447:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char filter[_MAX_PATH];
data/dx-4.4.4/src/uipp/base/FileDialog.C:602:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char          fullname[300];
data/dx-4.4.4/src/uipp/base/FileDialog.C:613:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char *list[MAX_DIR_LIST];
data/dx-4.4.4/src/uipp/base/FileDialog.C:675:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char          dirmask[_MAX_PATH];
data/dx-4.4.4/src/uipp/base/FileDialog.C:676:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char		*list[MAX_DIR_LIST];
data/dx-4.4.4/src/uipp/base/FileDialog.C:677:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char          fullname[_MAX_PATH];
data/dx-4.4.4/src/uipp/base/FileDialog.C:751:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char buf[1024];
data/dx-4.4.4/src/uipp/base/HelpMenuCommand.C:63:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy(url, "file://");
data/dx-4.4.4/src/uipp/base/HelpMenuCommand.C:65:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat(url, "/html/pages/qikgu033.htm");
data/dx-4.4.4/src/uipp/base/HelpWin.C:169:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char helpDirFileName[512];
data/dx-4.4.4/src/uipp/base/HelpWin.C:173:12:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	helpDir = fopen(helpDirFileName, "r");
data/dx-4.4.4/src/uipp/base/HelpWin.C:177:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char helpDirFileName[512];
data/dx-4.4.4/src/uipp/base/HelpWin.C:181:12:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	helpDir = fopen(helpDirFileName, "r");
data/dx-4.4.4/src/uipp/base/HelpWin.C:186:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char line[1000];
data/dx-4.4.4/src/uipp/base/HelpWin.C:191:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char topic[250];
data/dx-4.4.4/src/uipp/base/HelpWin.C:192:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char file[250];
data/dx-4.4.4/src/uipp/base/HelpWin.C:414:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    	char url[520];
data/dx-4.4.4/src/uipp/base/HelpWin.C:415:6:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    	strcpy(url, "file://");
data/dx-4.4.4/src/uipp/base/HelpWin.C:419:6:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	    strcat(url, "notfound.htm");
data/dx-4.4.4/src/uipp/base/IBMApplication.C:294:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy (defs[i], &cdef, sizeof(XColor));
data/dx-4.4.4/src/uipp/base/IBMApplication.C:321:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char errmsg[128];
data/dx-4.4.4/src/uipp/base/IBMApplication.C:478:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(url, "file://");
data/dx-4.4.4/src/uipp/base/IBMApplication.C:480:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(url, "/html/pages/qikgu011.htm");
data/dx-4.4.4/src/uipp/base/IBMApplication.C:524:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char	s[256];
data/dx-4.4.4/src/uipp/base/IBMApplication.C:542:14:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if((fp = fopen(s, "r")) == NULL)
data/dx-4.4.4/src/uipp/base/IBMApplication.C:679:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char		s[256];
data/dx-4.4.4/src/uipp/base/IBMApplication.C:697:14:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if((fp = fopen(s, "r")) == NULL)
data/dx-4.4.4/src/uipp/base/IBMApplication.C:784:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char supfile[1024];
data/dx-4.4.4/src/uipp/base/IBMApplication.C:797:13:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	if (!(fp = fopen(supfile,"r"))) {
data/dx-4.4.4/src/uipp/base/IBMApplication.C:854:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy(tmpDirList, "./;");
data/dx-4.4.4/src/uipp/base/IBMApplication.C:882:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy(tmpDirList, "/tmp;");
data/dx-4.4.4/src/uipp/base/IBMApplication.C:947:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char resource_line[4096];
data/dx-4.4.4/src/uipp/base/IBMApplication.C:950:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char res_file[256];
data/dx-4.4.4/src/uipp/base/IBMApplication.C:1036:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char res_file[256];
data/dx-4.4.4/src/uipp/base/InfoDialogManager.C:90:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buffer[1024];      // FIXME: how to allocate this
data/dx-4.4.4/src/uipp/base/InfoDialogManager.C:109:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char *p, buffer[1024];      
data/dx-4.4.4/src/uipp/base/License.C:162:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char remname[1024];
data/dx-4.4.4/src/uipp/base/License.C:163:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char auth_msg[AUTH_MSG_LEN];
data/dx-4.4.4/src/uipp/base/License.C:164:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char ckey[128];
data/dx-4.4.4/src/uipp/base/License.C:165:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char c_buf[128],p_buf[128];	/* hold crypted msgs for comaparison */
data/dx-4.4.4/src/uipp/base/License.C:166:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char envbuf[128];
data/dx-4.4.4/src/uipp/base/License.C:167:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char salt[32];
data/dx-4.4.4/src/uipp/base/License.C:196:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(envbuf,"_DX_%d=",getpid());
data/dx-4.4.4/src/uipp/base/License.C:197:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(c_buf,"%x",ctime);
data/dx-4.4.4/src/uipp/base/License.C:207:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char arg1[512];
data/dx-4.4.4/src/uipp/base/License.C:208:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char arg2[512];
data/dx-4.4.4/src/uipp/base/License.C:209:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char arg3[512];
data/dx-4.4.4/src/uipp/base/License.C:243:34:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
            case RunTimeLicense: strcpy(arg1,"-rtonly");      break;
data/dx-4.4.4/src/uipp/base/License.C:244:36:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
            case DeveloperLicense: strcpy(arg1,"-devonly");     break;
data/dx-4.4.4/src/uipp/base/License.C:245:25:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
            default:    strcpy(arg1,"-dev"); break;
data/dx-4.4.4/src/uipp/base/License.C:249:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(arg3,"%d.%d.%d",maj,min,mic);
data/dx-4.4.4/src/uipp/base/License.C:315:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(ckey+4,"%x",child);
data/dx-4.4.4/src/uipp/base/License.C:429:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char keybuf[64];
data/dx-4.4.4/src/uipp/base/License.C:430:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char cryptbuf[64];
data/dx-4.4.4/src/uipp/base/License.C:431:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char salt[8];
data/dx-4.4.4/src/uipp/base/License.C:487:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char   key[32];
data/dx-4.4.4/src/uipp/base/License.C:488:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char   cryptHost[1024];
data/dx-4.4.4/src/uipp/base/License.C:489:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char   cryptTime[1024];
data/dx-4.4.4/src/uipp/base/License.C:490:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char   host[512];
data/dx-4.4.4/src/uipp/base/License.C:502:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char   fileName[1024];
data/dx-4.4.4/src/uipp/base/License.C:523:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
  sprintf(host, "%d", name);
data/dx-4.4.4/src/uipp/base/License.C:529:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
  sprintf(host, "%x", name);
data/dx-4.4.4/src/uipp/base/License.C:538:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(host, "%x", atol(host));
data/dx-4.4.4/src/uipp/base/License.C:538:25:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    sprintf(host, "%x", atol(host));
data/dx-4.4.4/src/uipp/base/License.C:546:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(host, "%x", atol(host));
data/dx-4.4.4/src/uipp/base/License.C:546:25:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    sprintf(host, "%x", atol(host));
data/dx-4.4.4/src/uipp/base/License.C:561:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char *dev, buf[32];
data/dx-4.4.4/src/uipp/base/License.C:570:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		    sprintf(buf,"%x", devea.default_pa[i] );
data/dx-4.4.4/src/uipp/base/License.C:606:11:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      f = fopen(fname, "r");
data/dx-4.4.4/src/uipp/base/License.C:675:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
extern "C" char __setkey[1024];
data/dx-4.4.4/src/uipp/base/License.C:676:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
extern "C" char __crypt[1024];
data/dx-4.4.4/src/uipp/base/License.C:677:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
extern "C" char __encrypt[1024];
data/dx-4.4.4/src/uipp/base/License.C:678:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char __setkey[1024];
data/dx-4.4.4/src/uipp/base/License.C:679:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char __crypt[1024];
data/dx-4.4.4/src/uipp/base/License.C:680:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char __encrypt[1024];
data/dx-4.4.4/src/uipp/base/License.C:693:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char key[500];
data/dx-4.4.4/src/uipp/base/License.C:697:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char errstr[200];
data/dx-4.4.4/src/uipp/base/License.C:710:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(key, "SOFTWARE");
data/dx-4.4.4/src/uipp/base/License.C:715:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(key, "\\OpenDX");
data/dx-4.4.4/src/uipp/base/License.C:720:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(key, "\\Open Visualization Data Explorer");
data/dx-4.4.4/src/uipp/base/License.C:725:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(key, "\\CurrentVersion");
data/dx-4.4.4/src/uipp/base/License.C:760:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[25];
data/dx-4.4.4/src/uipp/base/License.C:829:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char data[500];
data/dx-4.4.4/src/uipp/base/License.C:865:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(keystr, "%c%c%c%c%c %04d %04d %04d", data[0],
data/dx-4.4.4/src/uipp/base/License.C:908:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char username[200];
data/dx-4.4.4/src/uipp/base/License.C:909:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char userco[200];
data/dx-4.4.4/src/uipp/base/License.C:910:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char keystrreg[100];
data/dx-4.4.4/src/uipp/base/License.C:911:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char keystr[100];
data/dx-4.4.4/src/uipp/base/List.C:494:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(workspace, sd, cnt * sizeof(const void*));
data/dx-4.4.4/src/uipp/base/ListEditor.C:89:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy(list,"{ ");
data/dx-4.4.4/src/uipp/base/ListEditor.C:107:9:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	       strcat(p,", ");
data/dx-4.4.4/src/uipp/base/MainWindow.C:376:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char menubar_name[1024];
data/dx-4.4.4/src/uipp/base/MainWindow.C:758:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char geom[256];
data/dx-4.4.4/src/uipp/base/MainWindow.C:825:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		    sprintf(geom,"%dx%d+%d+%d", width_spec, height_spec, 
data/dx-4.4.4/src/uipp/base/MainWindow.C:829:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		    sprintf(geom,"%dx%d+%d+%d", width_spec, height_spec, x,y);
data/dx-4.4.4/src/uipp/base/StartWebBrowser.C:65:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char msgbuf[4096];
data/dx-4.4.4/src/uipp/base/StartWebBrowser.C:118:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char CmdLine[MAXPATH];
data/dx-4.4.4/src/uipp/base/StartWebBrowser.C:119:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char fname[MAXPATH];
data/dx-4.4.4/src/uipp/base/StartWebBrowser.C:126:13:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        f = fopen(fname,"wb");
data/dx-4.4.4/src/uipp/base/Strings.C:121:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat(unique,"/tmpXXXXXX");
data/dx-4.4.4/src/uipp/base/Strings.C:232:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char path[2048];
data/dx-4.4.4/src/uipp/base/Strings.C:268:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char user[1024];
data/dx-4.4.4/src/uipp/base/Strings.C:648:13:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    fpSrc = fopen(SrcFile, "rb");
data/dx-4.4.4/src/uipp/base/Strings.C:651:14:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    fpDest = fopen(DestFile, "wb");
data/dx-4.4.4/src/uipp/base/TemporaryLicense.C:89:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char               host[9];
data/dx-4.4.4/src/uipp/base/TemporaryLicense.C:96:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char	       cryptHost[301];
data/dx-4.4.4/src/uipp/base/TemporaryLicense.C:97:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char	       cryptTime[301];
data/dx-4.4.4/src/uipp/base/TemporaryLicense.C:99:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char	      key[100];
data/dx-4.4.4/src/uipp/base/TemporaryLicense.C:143:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(cryptTime, "As%08x95D", *newTime);
data/dx-4.4.4/src/uipp/base/TemporaryLicense.C:145:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      sprintf(cryptTime, "Am%08x9lD", *newTime);
data/dx-4.4.4/src/uipp/base/TemporaryLicense.C:174:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[256];
data/dx-4.4.4/src/uipp/base/TemporaryLicense.C:261:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char host[64];
data/dx-4.4.4/src/uipp/base/TemporaryLicense.C:271:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf (host, "%d", name);
data/dx-4.4.4/src/uipp/base/TemporaryLicense.C:287:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(host, "%x", atol(host));
data/dx-4.4.4/src/uipp/base/TemporaryLicense.C:287:26:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	    sprintf(host, "%x", atol(host));
data/dx-4.4.4/src/uipp/base/TemporaryLicense.C:305:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf (host, "%x", gethostid());
data/dx-4.4.4/src/uipp/base/TemporaryLicense.C:323:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		    char *dev, buf[32];
data/dx-4.4.4/src/uipp/base/TemporaryLicense.C:332:8:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
			    sprintf(buf,"%x", devea.default_pa[i] );
data/dx-4.4.4/src/uipp/base/TemporaryLicense.C:342:7:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
		    strcpy(host,"UNKNOWN");
data/dx-4.4.4/src/uipp/base/TextSelector.C:425:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy (this->old_event, e, sizeof(XEvent));
data/dx-4.4.4/src/uipp/base/TreeView.h:73:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char typing[32];
data/dx-4.4.4/src/uipp/base/UIComponent.C:241:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char        buffer[4096];
data/dx-4.4.4/src/uipp/base/UIComponent.C:242:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char	prepend[1024];
data/dx-4.4.4/src/uipp/base/UIComponent.C:637:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char format[1024];
data/dx-4.4.4/src/uipp/base/WarningDialogManager.C:72:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[1024];	// FIXME: how to allocate this
data/dx-4.4.4/src/uipp/base/WarningDialogManager.C:88:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[1024];	// FIXME: how to allocate this
data/dx-4.4.4/src/uipp/base/WizardDialog.C:121:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char pathname[512];
data/dx-4.4.4/src/uipp/base/WizardDialog.C:141:15:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    FILE* f = fopen(pathname, "r");
data/dx-4.4.4/src/uipp/base/WorkSpaceGrid.C:166:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char     alignment[8];
data/dx-4.4.4/src/uipp/base/help.c:239:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char name[MAXPATHLEN];
data/dx-4.4.4/src/uipp/base/help.c:240:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char str[MAXPATHLEN];
data/dx-4.4.4/src/uipp/base/help.c:242:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char CurrentFont[127];
data/dx-4.4.4/src/uipp/base/help.c:243:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char CurrentColor[127];
data/dx-4.4.4/src/uipp/base/help.c:248:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(name, "helpXXXXXX");
data/dx-4.4.4/src/uipp/base/help.c:252:15:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    outfile = fopen(str,"w");
data/dx-4.4.4/src/uipp/base/help.c:299:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char        fname[MAXPATHLEN];
data/dx-4.4.4/src/uipp/base/help.c:300:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char        tempname[MAXPATHLEN];
data/dx-4.4.4/src/uipp/base/help.c:372:16:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	if ((infile = fopen(fname,"r")) == NULL){
data/dx-4.4.4/src/uipp/base/help.c:378:21:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
           infile = fopen(fname,"r"); 
data/dx-4.4.4/src/uipp/base/help.c:714:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char numbuff[10];
data/dx-4.4.4/src/uipp/base/help.c:736:17:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
                sprintf(numbuff,"%d",random);
data/dx-4.4.4/src/uipp/base/help.h:32:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   char   filename[MAXPATHLEN];
data/dx-4.4.4/src/uipp/base/help.h:33:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   char   label[MAXPATHLEN];
data/dx-4.4.4/src/uipp/base/history.c:288:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char      oldData[255];
data/dx-4.4.4/src/uipp/base/history.h:25:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char			filename[127];
data/dx-4.4.4/src/uipp/base/history.h:26:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char			label[127];
data/dx-4.4.4/src/uipp/base/lex.C:613:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char dispstr[256];
data/dx-4.4.4/src/uipp/base/parse.c:57:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 char rest[255],fmt[20];
data/dx-4.4.4/src/uipp/base/parse.c:73:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char  rest[255];
data/dx-4.4.4/src/uipp/base/parse.c:74:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char  fmt[20];
data/dx-4.4.4/src/uipp/base/parse.c:114:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char             buffer[255];
data/dx-4.4.4/src/uipp/base/parse.c:115:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char             psfile[127];
data/dx-4.4.4/src/uipp/base/parse.c:116:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char font[127];
data/dx-4.4.4/src/uipp/base/parse.c:117:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char color[127];
data/dx-4.4.4/src/uipp/base/parse.c:118:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char tabBuf[127];
data/dx-4.4.4/src/uipp/base/parse.c:119:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char link[127];
data/dx-4.4.4/src/uipp/base/parse.c:120:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char indent[15];
data/dx-4.4.4/src/uipp/base/parse.c:124:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char             ascname[15];
data/dx-4.4.4/src/uipp/base/parse.c:125:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char             fascname[127];
data/dx-4.4.4/src/uipp/base/parse.c:232:32:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
                     ascfile = fopen(fascname,"r");
data/dx-4.4.4/src/uipp/base/parse.c:273:53:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                                        indentnum = atoi(indent);
data/dx-4.4.4/src/uipp/base/parse.c:312:29:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                indentnum = atoi(indent);
data/dx-4.4.4/src/uipp/base/parse.c:370:25:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            indentnum = atoi(indent);
data/dx-4.4.4/src/uipp/base/parse.c:388:29:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                indentnum = atoi(indent);
data/dx-4.4.4/src/uipp/dxl/close.c:40:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[1024];
data/dx-4.4.4/src/uipp/dxl/close.c:48:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[1024];
data/dx-4.4.4/src/uipp/dxl/close.c:62:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[1024];
data/dx-4.4.4/src/uipp/dxl/close.c:70:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[1024];
data/dx-4.4.4/src/uipp/dxl/conn.c:199:19:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	time_remaining = atoi(str);
data/dx-4.4.4/src/uipp/dxl/conn.c:209:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char buf[1024];
data/dx-4.4.4/src/uipp/dxl/conn.c:289:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char errorstr[256];
data/dx-4.4.4/src/uipp/dxl/conn.c:290:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *argv[256];
data/dx-4.4.4/src/uipp/dxl/conn.c:291:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char  pi[256];
data/dx-4.4.4/src/uipp/dxl/conn.c:360:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(pi, "%d", DXLGetBasePort());
data/dx-4.4.4/src/uipp/dxl/conn.c:389:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char buf[2048];
data/dx-4.4.4/src/uipp/dxl/conn.c:497:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char achStr[32];
data/dx-4.4.4/src/uipp/dxl/conn.c:502:9:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	port = atoi(achStr);
data/dx-4.4.4/src/uipp/dxl/conn.c:611:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char s[BUFSIZ];
data/dx-4.4.4/src/uipp/dxl/conn.c:612:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char script_name[500],cmd[1000];
data/dx-4.4.4/src/uipp/dxl/conn.c:826:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char evar[256], c;
data/dx-4.4.4/src/uipp/dxl/conn.c:827:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char eval[1024];
data/dx-4.4.4/src/uipp/dxl/conn.c:959:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char         Buff[BuffSize];
data/dx-4.4.4/src/uipp/dxl/conn.c:966:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char         exename[255];
data/dx-4.4.4/src/uipp/dxl/conn.c:986:13:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
            strcpy(cmd,"CMD.EXE");
data/dx-4.4.4/src/uipp/dxl/conn.c:987:13:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
            strcpy(args,"CMD.EXE");
data/dx-4.4.4/src/uipp/dxl/conn.c:989:13:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
            strcpy(ptr,"/C ");
data/dx-4.4.4/src/uipp/dxl/conn.c:1040:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char         args[1000];
data/dx-4.4.4/src/uipp/dxl/conn.c:1041:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char         exename[255];
data/dx-4.4.4/src/uipp/dxl/conn.c:1080:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy(cmd,"command.com /C "); 
data/dx-4.4.4/src/uipp/dxl/conn.c:1089:6:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	    strcat(cmd, "rsh ");
data/dx-4.4.4/src/uipp/dxl/connect.c:30:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[100];
data/dx-4.4.4/src/uipp/dxl/connect.c:35:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buffer, "ConnectToServer %d", port);
data/dx-4.4.4/src/uipp/dxl/dxlP.h:50:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[DXL_EVENT_BUF_SIZE];
data/dx-4.4.4/src/uipp/dxl/execute.c:96:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   char namestr[1024];
data/dx-4.4.4/src/uipp/dxl/execute.c:101:8:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
       sprintf(namestr, "main(\n");
data/dx-4.4.4/src/uipp/dxl/execute.c:113:4:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
   strcat(namestr, ");\n");
data/dx-4.4.4/src/uipp/dxl/execute.c:228:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *args[100];
data/dx-4.4.4/src/uipp/dxl/execute.c:249:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *args[100];
data/dx-4.4.4/src/uipp/dxl/execute.c:264:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buf[100];
data/dx-4.4.4/src/uipp/dxl/object.c:63:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char format[1024];
data/dx-4.4.4/src/uipp/dxl/object.c:64:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char varname[1024];
data/dx-4.4.4/src/uipp/dxl/open.c:45:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char buffer[256];
data/dx-4.4.4/src/uipp/dxl/open.c:56:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf(buffer, "Executive(\"flush cache\");\n");
data/dx-4.4.4/src/uipp/dxl/query.c:106:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char rbuf[128];
data/dx-4.4.4/src/uipp/dxl/query.c:121:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char rbuf[128];
data/dx-4.4.4/src/uipp/dxl/query.c:167:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char rbuf[128];
data/dx-4.4.4/src/uipp/dxl/query.c:182:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char rbuf[128];
data/dx-4.4.4/src/uipp/dxl/send.c:165:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(dst->contents, src->contents, src->contentsSize);
data/dx-4.4.4/src/uipp/dxl/send.c:231:8:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	dbg = fopen("debug", "w");
data/dx-4.4.4/src/uipp/dxl/send.c:234:8:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	dbg = fopen("debug", "a");
data/dx-4.4.4/src/uipp/dxl/send.c:777:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   type[8];
data/dx-4.4.4/src/uipp/dxl/send.c:807:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    memcpy (buffer, conn->leftOver, nRemaining);
data/dx-4.4.4/src/uipp/dxl/send.c:947:8:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	dbg = fopen("debug", "w");
data/dx-4.4.4/src/uipp/dxl/send.c:950:8:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	dbg = fopen("debug", "a");
data/dx-4.4.4/src/uipp/dxl/socket.c:114:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char hostname[256] = "localhost";
data/dx-4.4.4/src/uipp/dxl/socket.c:186:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(userver.sun_path, "/tmp/.DX-unix/DX%d", port);
data/dx-4.4.4/src/uipp/dxl/socket.c:239:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    memcpy((void*)&server.sin_addr, &locaddr, sizeof(unsigned long));
data/dx-4.4.4/src/uipp/dxl/socket.c:249:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    memcpy((void*)&server.sin_addr, hostp->h_addr, hostp->h_length);
data/dx-4.4.4/src/uipp/dxl/socket.c:404:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char localHostname[BUFSIZ];
data/dx-4.4.4/src/uipp/dxl/socket.c:405:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char localhostHostname[BUFSIZ];
data/dx-4.4.4/src/uipp/dxl/socket.c:406:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char remoteHostname[BUFSIZ];
data/dx-4.4.4/src/uipp/dxl/value.c:64:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char format[1024];
data/dx-4.4.4/src/uipp/dxl/value.c:65:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char varname[1024];
data/dx-4.4.4/src/uipp/dxl/value.c:76:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char value[8192];
data/dx-4.4.4/src/uipp/dxl/value.c:198:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[128];
data/dx-4.4.4/src/uipp/dxl/value.c:199:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf,"%d",value);
data/dx-4.4.4/src/uipp/dxl/value.c:206:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[128];
data/dx-4.4.4/src/uipp/dxl/value.c:207:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf,"%.*g",8,value);
data/dx-4.4.4/src/uipp/dxl/value.c:242:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[128];
data/dx-4.4.4/src/uipp/dxl/value.c:243:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf,"%d",value);
data/dx-4.4.4/src/uipp/dxl/value.c:252:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[128];
data/dx-4.4.4/src/uipp/dxl/value.c:253:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf,"%f",value);
data/dx-4.4.4/src/uipp/dxl/value.c:290:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[128];
data/dx-4.4.4/src/uipp/dxl/value.c:291:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf,"%d",value);
data/dx-4.4.4/src/uipp/dxl/value.c:300:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[128];
data/dx-4.4.4/src/uipp/dxl/value.c:301:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf,"%.*g",8,value);
data/dx-4.4.4/src/uipp/dxl/windows.c:38:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[1024];
data/dx-4.4.4/src/uipp/dxl/windows.c:48:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[1024];
data/dx-4.4.4/src/uipp/dxl/windows.c:58:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[1024];
data/dx-4.4.4/src/uipp/dxl/windows.c:84:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[1024];
data/dx-4.4.4/src/uipp/dxl/windows.c:94:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[1024];
data/dx-4.4.4/src/uipp/dxl/windows.c:104:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[1024];
data/dx-4.4.4/src/uipp/dxl/windows.c:105:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char mode[3];
data/dx-4.4.4/src/uipp/dxl/windows.c:111:7:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
      strcpy(mode, "sw");
data/dx-4.4.4/src/uipp/dxl/windows.c:113:7:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
      strcpy(mode, "hw");
data/dx-4.4.4/src/uipp/dxui/ColormapNode.C:331:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char value[256];
data/dx-4.4.4/src/uipp/dxui/ColormapNode.C:334:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(value, "%d", (int)nbins);
data/dx-4.4.4/src/uipp/dxui/ColormapNode.C:477:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char buf[128], last[128];
data/dx-4.4.4/src/uipp/dxui/ColormapNode.C:855:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
		strcpy(buf,"NULL");
data/dx-4.4.4/src/uipp/dxui/ColormapNode.C:922:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buf[64];
data/dx-4.4.4/src/uipp/dxui/ColormapNode.C:927:22:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	    hist[count++] = atoi(buf);
data/dx-4.4.4/src/uipp/dxui/ColormapNode.C:1096:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char buffer[128];
data/dx-4.4.4/src/uipp/dxui/ColormapNode.C:1097:7:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	fp = fopen(cmname,"r");
data/dx-4.4.4/src/uipp/dxui/ColormapNode.C:1153:13:  [2] (tmpfile) tmpfile:
  Function tmpfile() has a security flaw on some systems (e.g., older System
  V systems) (CWE-377).
        if (tmpfile)
data/dx-4.4.4/src/uipp/dxui/ColormapNode.C:1154:20:  [2] (tmpfile) tmpfile:
  Function tmpfile() has a security flaw on some systems (e.g., older System
  V systems) (CWE-377).
            file = tmpfile;
data/dx-4.4.4/src/uipp/dxui/ColormapNode.C:1158:7:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	fp = fopen(file,"w");
data/dx-4.4.4/src/uipp/dxui/ColormapNode.C:1170:13:  [2] (tmpfile) tmpfile:
  Function tmpfile() has a security flaw on some systems (e.g., older System
  V systems) (CWE-377).
        if (tmpfile) {
data/dx-4.4.4/src/uipp/dxui/ColormapNode.C:1178:20:  [2] (tmpfile) tmpfile:
  Function tmpfile() has a security flaw on some systems (e.g., older System
  V systems) (CWE-377).
            rename(tmpfile,cmname);
data/dx-4.4.4/src/uipp/dxui/ColormapNode.C:1182:20:  [2] (tmpfile) tmpfile:
  Function tmpfile() has a security flaw on some systems (e.g., older System
  V systems) (CWE-377).
            delete tmpfile;
data/dx-4.4.4/src/uipp/dxui/ColormapNode.C:1318:6:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	    strcpy(valstr,"NULL");
data/dx-4.4.4/src/uipp/dxui/ColormapNode.C:1326:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy(valstr,"{ ");
data/dx-4.4.4/src/uipp/dxui/ColormapNode.C:1329:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char v1[128], v2[128];
data/dx-4.4.4/src/uipp/dxui/ColormapNode.C:1418:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[1024];
data/dx-4.4.4/src/uipp/dxui/ColormapNode.C:1419:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char v1[128], v2[128];
data/dx-4.4.4/src/uipp/dxui/ColormapNode.h:256:21:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	{ if (window_name) strcpy (window_name, "Colormap Window"); return FALSE; }
data/dx-4.4.4/src/uipp/dxui/ComputeNode.C:44:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char name[2];
data/dx-4.4.4/src/uipp/dxui/ComputeNode.C:144:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char token[512];
data/dx-4.4.4/src/uipp/dxui/ComputeNode.C:306:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char name[2];
data/dx-4.4.4/src/uipp/dxui/DXLInputNode.C:31:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char label[512];
data/dx-4.4.4/src/uipp/dxui/DXLInputNode.C:59:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char srcoutputname[128];
data/dx-4.4.4/src/uipp/dxui/DXLInputNode.C:179:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[128];
data/dx-4.4.4/src/uipp/dxui/DXLInputNode.C:181:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char PropName[128], propName[128];
data/dx-4.4.4/src/uipp/dxui/DXLInputNode.C:216:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[128];
data/dx-4.4.4/src/uipp/dxui/DXLInputNode.C:218:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char PropName[128], propName[128];
data/dx-4.4.4/src/uipp/dxui/DXLOutputNode.C:29:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char label[512];
data/dx-4.4.4/src/uipp/dxui/DisplayNode.C:48:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char message[1000];
data/dx-4.4.4/src/uipp/dxui/DisplayNode.C:49:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(message, "IMAGE:  ##%d", this->windowId);
data/dx-4.4.4/src/uipp/dxui/DisplayNode.C:257:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
				char message[1000];
data/dx-4.4.4/src/uipp/dxui/DisplayNode.C:258:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
				sprintf(message, "IMAGE:  ##%d", this->windowId);
data/dx-4.4.4/src/uipp/dxui/DisplayNode.C:265:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
				sprintf(message, "IMAGE:  ##%d", this->windowId);
data/dx-4.4.4/src/uipp/dxui/DisplayNode.C:398:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char pname[128];
data/dx-4.4.4/src/uipp/dxui/DisplayNode.C:429:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char *retbuf, buf1[256], buf2[256];
data/dx-4.4.4/src/uipp/dxui/DisplayNode.C:434:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat(buf1, " = ");
data/dx-4.4.4/src/uipp/dxui/DisplayNode.C:439:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(buf2, "\"X%d,,\";", this->getDepth());
data/dx-4.4.4/src/uipp/dxui/GlobalLocalNode.C:88:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char newname[1024];
data/dx-4.4.4/src/uipp/dxui/ImageNode.C:582:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char s[100];
data/dx-4.4.4/src/uipp/dxui/ImageNode.C:583:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(s, "[%g %g %g]", to[0], to[1], to[2]);
data/dx-4.4.4/src/uipp/dxui/ImageNode.C:588:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char s[100];
data/dx-4.4.4/src/uipp/dxui/ImageNode.C:589:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(s, "[%g %g %g]", from[0], from[1], from[2]);
data/dx-4.4.4/src/uipp/dxui/ImageNode.C:594:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char s[100];
data/dx-4.4.4/src/uipp/dxui/ImageNode.C:595:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(s, "%d", x);
data/dx-4.4.4/src/uipp/dxui/ImageNode.C:601:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char s[100];
data/dx-4.4.4/src/uipp/dxui/ImageNode.C:602:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(s, "%g", w);
data/dx-4.4.4/src/uipp/dxui/ImageNode.C:614:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char s[100];
data/dx-4.4.4/src/uipp/dxui/ImageNode.C:615:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(s, "%g", a);
data/dx-4.4.4/src/uipp/dxui/ImageNode.C:620:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char s[100];
data/dx-4.4.4/src/uipp/dxui/ImageNode.C:621:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(s, "%g", a);
data/dx-4.4.4/src/uipp/dxui/ImageNode.C:627:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char s[100];
data/dx-4.4.4/src/uipp/dxui/ImageNode.C:628:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(s, "[%g %g %g]", up[0], up[1], up[2]);
data/dx-4.4.4/src/uipp/dxui/ImageNode.C:655:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char s[100];
data/dx-4.4.4/src/uipp/dxui/ImageNode.C:656:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(s, "%d", persp);
data/dx-4.4.4/src/uipp/dxui/ImageNode.C:662:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char s[100];
data/dx-4.4.4/src/uipp/dxui/ImageNode.C:663:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(s, "%g", angle);
data/dx-4.4.4/src/uipp/dxui/ImageNode.C:675:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char s[100];
data/dx-4.4.4/src/uipp/dxui/ImageNode.C:676:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(s, "%d", up? 1: 2);
data/dx-4.4.4/src/uipp/dxui/ImageNode.C:686:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char s[100];
data/dx-4.4.4/src/uipp/dxui/ImageNode.C:687:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(s, "%d", density);
data/dx-4.4.4/src/uipp/dxui/ImageNode.C:861:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char s[100];
data/dx-4.4.4/src/uipp/dxui/ImageNode.C:1061:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[1025];
data/dx-4.4.4/src/uipp/dxui/ImageNode.C:1097:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char buf[1024];
data/dx-4.4.4/src/uipp/dxui/ImageNode.C:1105:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(buf, comment, len);
data/dx-4.4.4/src/uipp/dxui/ImageNode.C:1233:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char imode[32], arg[256];
data/dx-4.4.4/src/uipp/dxui/ImageNode.C:1354:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char mode[128];
data/dx-4.4.4/src/uipp/dxui/ImageNode.h:120:21:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	{ if (window_name) strcpy (window_name, "Image Window"); return FALSE; }
data/dx-4.4.4/src/uipp/dxui/Interactor.C:720:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char topic[100];
data/dx-4.4.4/src/uipp/dxui/InteractorNode.C:344:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char       value[4069];
data/dx-4.4.4/src/uipp/dxui/InteractorNode.C:345:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char       interactor_name[64];
data/dx-4.4.4/src/uipp/dxui/InteractorNode.C:488:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char           style_name[256];
data/dx-4.4.4/src/uipp/dxui/InteractorNode.C:730:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char           label[256];
data/dx-4.4.4/src/uipp/dxui/InteractorNode.C:1047:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buf[1024];
data/dx-4.4.4/src/uipp/dxui/InteractorNode.C:1211:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char var_name[32]; 
data/dx-4.4.4/src/uipp/dxui/InteractorNode.h:381:21:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	{ if (window_name) strcpy (window_name, "Interactor"); return FALSE; }
data/dx-4.4.4/src/uipp/dxui/MacroDefinition.C:233:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *p, line[1000];
data/dx-4.4.4/src/uipp/dxui/MacroDefinition.C:281:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char name[1000];
data/dx-4.4.4/src/uipp/dxui/MacroDefinition.C:337:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char cat[1000];
data/dx-4.4.4/src/uipp/dxui/MacroDefinition.C:349:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char desc[1000];
data/dx-4.4.4/src/uipp/dxui/MacroDefinition.C:361:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char name[1000];
data/dx-4.4.4/src/uipp/dxui/MacroDefinition.C:362:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char types[1000];
data/dx-4.4.4/src/uipp/dxui/MacroDefinition.C:363:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char deflt[1000];
data/dx-4.4.4/src/uipp/dxui/MacroDefinition.C:364:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char descr[1000];
data/dx-4.4.4/src/uipp/dxui/MacroDefinition.C:391:13:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		visattr = atoi(p);
data/dx-4.4.4/src/uipp/dxui/MacroDefinition.C:448:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char name[1000];
data/dx-4.4.4/src/uipp/dxui/MacroDefinition.C:449:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char types[1000];
data/dx-4.4.4/src/uipp/dxui/MacroDefinition.C:450:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char descr[1000];
data/dx-4.4.4/src/uipp/dxui/MacroDefinition.C:478:13:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		visattr = atoi(p);
data/dx-4.4.4/src/uipp/dxui/MacroDefinition.C:693:6:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	    strcat(srch_string2, "*.net");
data/dx-4.4.4/src/uipp/dxui/MacroDefinition.C:701:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		    char path[1000];
data/dx-4.4.4/src/uipp/dxui/MacroParameterNode.C:119:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char s[100];
data/dx-4.4.4/src/uipp/dxui/MacroParameterNode.C:133:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(s, "input_%d", this->index);
data/dx-4.4.4/src/uipp/dxui/MacroParameterNode.C:184:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(s, "output_%d", this->index);
data/dx-4.4.4/src/uipp/dxui/MacroParameterNode.C:312:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char name[1000];
data/dx-4.4.4/src/uipp/dxui/MacroParameterNode.C:313:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char value[1000];
data/dx-4.4.4/src/uipp/dxui/MacroParameterNode.C:315:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char description[1000];
data/dx-4.4.4/src/uipp/dxui/MacroParameterNode.C:929:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[64];
data/dx-4.4.4/src/uipp/dxui/MacroParameterNode.C:931:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy(buf,"input_");
data/dx-4.4.4/src/uipp/dxui/MacroParameterNode.C:933:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy(buf,"output_");
data/dx-4.4.4/src/uipp/dxui/MacroParameterNode.C:944:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		sprintf(buf+buflen,"%d",this->getIndex());
data/dx-4.4.4/src/uipp/dxui/MacroParameterNode.C:974:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char name_buf[64];
data/dx-4.4.4/src/uipp/dxui/MacroParameterNode.C:976:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		sprintf(name_buf,"input_%d", this->getIndex());
data/dx-4.4.4/src/uipp/dxui/MacroParameterNode.C:978:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		sprintf(name_buf,"output_%d", this->getIndex());
data/dx-4.4.4/src/uipp/dxui/MacroParameterNode.C:997:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char name_buf[64];
data/dx-4.4.4/src/uipp/dxui/MacroParameterNode.C:999:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		sprintf(name_buf,"input_%d", this->getIndex());
data/dx-4.4.4/src/uipp/dxui/MacroParameterNode.C:1001:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		sprintf(name_buf,"output_%d", this->getIndex());
data/dx-4.4.4/src/uipp/dxui/Node.C:172:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char buf[512];
data/dx-4.4.4/src/uipp/dxui/Node.C:291:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[1024];
data/dx-4.4.4/src/uipp/dxui/Node.C:329:6:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	    strcat(buf,",\n");
data/dx-4.4.4/src/uipp/dxui/Node.C:915:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *p, *retstr, pname[512];
data/dx-4.4.4/src/uipp/dxui/Node.C:919:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(s, " = ");
data/dx-4.4.4/src/uipp/dxui/Node.C:988:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char *c, pname[512];
data/dx-4.4.4/src/uipp/dxui/Node.C:992:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat(pname, " = ");
data/dx-4.4.4/src/uipp/dxui/Node.C:1154:6:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
					strcat(names, ", ");
data/dx-4.4.4/src/uipp/dxui/Node.C:1159:6:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
					strcat(values, ", ");
data/dx-4.4.4/src/uipp/dxui/Node.C:1197:3:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
		strcat(names, ", ");
data/dx-4.4.4/src/uipp/dxui/Node.C:1202:3:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
		strcat(values, ", ");
data/dx-4.4.4/src/uipp/dxui/Node.C:1213:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat(s, " = ");
data/dx-4.4.4/src/uipp/dxui/Node.C:1494:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char       node_name[1024];
data/dx-4.4.4/src/uipp/dxui/Node.C:1495:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char       labelstr[1024];
data/dx-4.4.4/src/uipp/dxui/Node.C:1847:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char msg[MAXMSGLEN];
data/dx-4.4.4/src/uipp/dxui/Node.C:1848:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char varname[500];
data/dx-4.4.4/src/uipp/dxui/Node.C:2104:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char pname[128];
data/dx-4.4.4/src/uipp/dxui/Node.C:2779:16:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		values = new char *[numInputs];
data/dx-4.4.4/src/uipp/dxui/Node.C:3265:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char modinput_name[128];
data/dx-4.4.4/src/uipp/dxui/Node.C:3266:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char modoutput_name[128];
data/dx-4.4.4/src/uipp/dxui/Node.C:3290:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char oname[128];
data/dx-4.4.4/src/uipp/dxui/Node.C:3308:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char oname[256];
data/dx-4.4.4/src/uipp/dxui/Node.C:3341:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char modinput_name[128];
data/dx-4.4.4/src/uipp/dxui/Node.C:3345:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy(modinput_name,"NULL");
data/dx-4.4.4/src/uipp/dxui/Node.C:3357:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char input_val[512];
data/dx-4.4.4/src/uipp/dxui/Node.C:3366:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char oname[256];
data/dx-4.4.4/src/uipp/dxui/Node.C:3374:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char oname[256];
data/dx-4.4.4/src/uipp/dxui/Node.C:3377:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		sprintf(input_val, "objinput[%d]", objnum++);
data/dx-4.4.4/src/uipp/dxui/Node.C:3397:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char modoutput_name[128];
data/dx-4.4.4/src/uipp/dxui/Node.C:3410:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char output_objptr[512];
data/dx-4.4.4/src/uipp/dxui/Node.C:3412:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char oname[256];
data/dx-4.4.4/src/uipp/dxui/Node.C:3438:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char oname[256];
data/dx-4.4.4/src/uipp/dxui/Node.C:3458:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char modinput_name[128];
data/dx-4.4.4/src/uipp/dxui/Node.C:3459:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char modoutput_name[128];
data/dx-4.4.4/src/uipp/dxui/Node.C:3469:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char oname[256];
data/dx-4.4.4/src/uipp/dxui/Node.C:3489:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char oname[256];
data/dx-4.4.4/src/uipp/dxui/Node.C:3577:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char src_name[128];
data/dx-4.4.4/src/uipp/dxui/Node.C:3579:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy (src_name, "null");
data/dx-4.4.4/src/uipp/dxui/Node.h:999:21:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	{ if (window_name) strcpy (window_name, "Configuration Dialog"); return TRUE; }
data/dx-4.4.4/src/uipp/dxui/NodeDefinition.C:273:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char category[256];
data/dx-4.4.4/src/uipp/dxui/NodeDefinition.C:274:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char description[256];
data/dx-4.4.4/src/uipp/dxui/NodeDefinition.C:275:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char io_board[256];
data/dx-4.4.4/src/uipp/dxui/NodeDefinition.C:276:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char flags[256];
data/dx-4.4.4/src/uipp/dxui/NodeDefinition.C:367:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(&params[currend],"REPEAT %d\n",this->getInputRepeatCount());
data/dx-4.4.4/src/uipp/dxui/NodeDefinition.C:371:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(&params[currend],"REPEAT %d\n",this->getOutputRepeatCount());
data/dx-4.4.4/src/uipp/dxui/ParameterDefinition.C:272:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char attributes[128];
data/dx-4.4.4/src/uipp/dxui/ParameterDefinition.C:280:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(p,"visible:2 ");
data/dx-4.4.4/src/uipp/dxui/ParameterDefinition.C:283:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(p,"visible:0 ");
data/dx-4.4.4/src/uipp/dxui/ParameterDefinition.C:289:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(p,"cache:%d ",c);
data/dx-4.4.4/src/uipp/dxui/ParameterDefinition.C:294:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(p,"reroute:%d ",output-1);	// Executive uses 0 based
data/dx-4.4.4/src/uipp/dxui/ParameterDefinition.C:298:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(p,"cache:%d ", c);
data/dx-4.4.4/src/uipp/dxui/PickNode.C:44:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char string[64];
data/dx-4.4.4/src/uipp/dxui/PickNode.C:101:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char s[100];
data/dx-4.4.4/src/uipp/dxui/PickNode.C:106:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(s, "[%g, %g]", x, y);
data/dx-4.4.4/src/uipp/dxui/PickNode.C:110:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char newValue[102];
data/dx-4.4.4/src/uipp/dxui/PickNode.C:181:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char newS[100];
data/dx-4.4.4/src/uipp/dxui/PickNode.C:182:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(newS, "%d", i);
data/dx-4.4.4/src/uipp/dxui/ProbeNode.C:39:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char string[20];
data/dx-4.4.4/src/uipp/dxui/ProbeNode.C:86:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char  string[40];
data/dx-4.4.4/src/uipp/dxui/ProbeNode.C:87:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(string,"[%g,%g,%g]",x,y,z);
data/dx-4.4.4/src/uipp/dxui/ProbeNode.C:106:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char *newList, list[10];
data/dx-4.4.4/src/uipp/dxui/ProbeNode.C:110:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(list, "{ }");
data/dx-4.4.4/src/uipp/dxui/ProbeNode.C:126:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char value[64];
data/dx-4.4.4/src/uipp/dxui/ProbeNode.C:127:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(value,"[%g %g %g]",x,y,z);
data/dx-4.4.4/src/uipp/dxui/ProbeNode.C:209:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char name[128];
data/dx-4.4.4/src/uipp/dxui/ProbeNode.C:240:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char dflt_label[128];
data/dx-4.4.4/src/uipp/dxui/SaveMacroCommand.C:58:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char message[1024];
data/dx-4.4.4/src/uipp/dxui/ScalarListInteractor.C:475:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy(list,"{ ");
data/dx-4.4.4/src/uipp/dxui/ScalarListInteractor.C:482:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char s[128];
data/dx-4.4.4/src/uipp/dxui/ScalarListInteractor.C:496:9:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	       strcat(p,", ");
data/dx-4.4.4/src/uipp/dxui/ScalarListNode.C:252:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[256];
data/dx-4.4.4/src/uipp/dxui/ScalarListNode.C:259:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(value,"{ ");
data/dx-4.4.4/src/uipp/dxui/ScalarNode.C:362:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char *p, buf[128];
data/dx-4.4.4/src/uipp/dxui/ScalarNode.C:541:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[256];
data/dx-4.4.4/src/uipp/dxui/ScalarNode.C:554:12:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	int dim = atoi(p);
data/dx-4.4.4/src/uipp/dxui/ScalarNode.C:1089:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char           mode[32];
data/dx-4.4.4/src/uipp/dxui/ScalarNode.C:1198:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char           mode[32];
data/dx-4.4.4/src/uipp/dxui/SelectionNode.C:467:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char     value[128];
data/dx-4.4.4/src/uipp/dxui/SelectionNode.C:468:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char     name[512];
data/dx-4.4.4/src/uipp/dxui/SelectionNode.C:754:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy(buf,"NULL");
data/dx-4.4.4/src/uipp/dxui/SelectionNode.C:759:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy(buf,"{ ");
data/dx-4.4.4/src/uipp/dxui/SelectionNode.C:814:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy(output,"NULL");
data/dx-4.4.4/src/uipp/dxui/SequencerNode.C:192:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char buf[128];
data/dx-4.4.4/src/uipp/dxui/SequencerNode.C:324:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char loop[64];
data/dx-4.4.4/src/uipp/dxui/SequencerNode.C:325:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char step[64];
data/dx-4.4.4/src/uipp/dxui/SequencerNode.C:326:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char pal[64];
data/dx-4.4.4/src/uipp/dxui/SequencerNode.C:492:26:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	    this->setStartValue(atoi(buf));
data/dx-4.4.4/src/uipp/dxui/SequencerNode.C:511:26:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	     this->setStopValue(atoi(buf));
data/dx-4.4.4/src/uipp/dxui/SequencerNode.C:550:18:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	this->current = atoi(p); 
data/dx-4.4.4/src/uipp/dxui/SequencerNode.C:685:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[64];
data/dx-4.4.4/src/uipp/dxui/SequencerNode.C:686:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf,"%d",val);
data/dx-4.4.4/src/uipp/dxui/SequencerNode.C:691:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[64];
data/dx-4.4.4/src/uipp/dxui/SequencerNode.C:692:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf,"%d",val);
data/dx-4.4.4/src/uipp/dxui/SequencerNode.C:704:12:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    return atoi(val);
data/dx-4.4.4/src/uipp/dxui/SequencerNode.C:708:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[64];
data/dx-4.4.4/src/uipp/dxui/SequencerNode.C:709:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf,"%d",val);
data/dx-4.4.4/src/uipp/dxui/SequencerNode.C:714:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[64];
data/dx-4.4.4/src/uipp/dxui/SequencerNode.C:715:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf,"%d",val);
data/dx-4.4.4/src/uipp/dxui/SequencerNode.C:727:12:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    return atoi(val);
data/dx-4.4.4/src/uipp/dxui/SequencerNode.C:731:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[64];
data/dx-4.4.4/src/uipp/dxui/SequencerNode.C:732:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf,"%d",val);
data/dx-4.4.4/src/uipp/dxui/SequencerNode.C:737:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[64];
data/dx-4.4.4/src/uipp/dxui/SequencerNode.C:738:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf,"%d",val);
data/dx-4.4.4/src/uipp/dxui/SequencerNode.C:750:12:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    return atoi(val);
data/dx-4.4.4/src/uipp/dxui/SequencerNode.C:759:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[64];
data/dx-4.4.4/src/uipp/dxui/SequencerNode.C:760:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf,"%d",val);
data/dx-4.4.4/src/uipp/dxui/SequencerNode.C:771:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[64];
data/dx-4.4.4/src/uipp/dxui/SequencerNode.C:772:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf,"%d",val);
data/dx-4.4.4/src/uipp/dxui/SequencerNode.C:788:12:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    return atoi(val);
data/dx-4.4.4/src/uipp/dxui/SequencerNode.C:798:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[64];
data/dx-4.4.4/src/uipp/dxui/SequencerNode.C:799:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf,"%d",val);
data/dx-4.4.4/src/uipp/dxui/SequencerNode.C:810:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[64];
data/dx-4.4.4/src/uipp/dxui/SequencerNode.C:811:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buf,"%d",val);
data/dx-4.4.4/src/uipp/dxui/SequencerNode.C:827:12:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    return atoi(val);
data/dx-4.4.4/src/uipp/dxui/SequencerNode.C:918:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy(command, "@startframe,@frame,@nextframe,@endframe,@deltaframe ="
data/dx-4.4.4/src/uipp/dxui/SequencerNode.C:924:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(command,
data/dx-4.4.4/src/uipp/dxui/SequencerNode.C:961:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[10];
data/dx-4.4.4/src/uipp/dxui/SequencerNode.C:1007:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
     char val[128];
data/dx-4.4.4/src/uipp/dxui/SequencerNode.C:1018:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	 sprintf(val,"{ %d %d %d %d %d %d }", 
data/dx-4.4.4/src/uipp/dxui/SequencerNode.C:1073:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char tbuf[32];
data/dx-4.4.4/src/uipp/dxui/SequencerNode.C:1076:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf (tbuf, "%d", this->getMinimumValue());
data/dx-4.4.4/src/uipp/dxui/SequencerNode.C:1080:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf (tbuf, "%d", this->getMaximumValue());
data/dx-4.4.4/src/uipp/dxui/SequencerNode.C:1084:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf (tbuf, "%d", this->getDeltaValue());
data/dx-4.4.4/src/uipp/dxui/SequencerNode.h:232:21:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	{ if (window_name) strcpy (window_name, "Sequencer"); return FALSE; }
data/dx-4.4.4/src/uipp/dxui/TransmitterNode.C:37:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char s[100];
data/dx-4.4.4/src/uipp/dxui/TransmitterNode.C:39:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(s, "wireless_%d", this->getInstanceNumber());
data/dx-4.4.4/src/uipp/dxui/TransmitterNode.C:222:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char new_name[100];
data/dx-4.4.4/src/uipp/dxui/TransmitterNode.C:225:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(new_name, "wireless_%d", this->getInstanceNumber());
data/dx-4.4.4/src/uipp/dxui/TransmitterNode.C:243:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		    sprintf (new_name, "cyclic_connection_%d", this->getInstanceNumber());
data/dx-4.4.4/src/uipp/dxuilib/AnnotationGroupManager.C:49:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char name[128];
data/dx-4.4.4/src/uipp/dxuilib/AutoAxesDialog.C:580:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char	*ticks_label_name[3];
data/dx-4.4.4/src/uipp/dxuilib/AutoAxesDialog.C:1023:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char *ticks_label_name[3];
data/dx-4.4.4/src/uipp/dxuilib/AutoAxesDialog.C:1181:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char *ticks_label_name[3];
data/dx-4.4.4/src/uipp/dxuilib/AutoAxesDialog.C:1577:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   *name[2];
data/dx-4.4.4/src/uipp/dxuilib/AutoAxesDialog.C:1613:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   *name[3];
data/dx-4.4.4/src/uipp/dxuilib/AutoAxesDialog.C:1661:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *name[2];
data/dx-4.4.4/src/uipp/dxuilib/AutoAxesDialog.C:1687:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *name[2];
data/dx-4.4.4/src/uipp/dxuilib/AutoAxesDialog.C:1713:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *name[2];
data/dx-4.4.4/src/uipp/dxuilib/AutoAxesDialog.C:1743:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *name[2];
data/dx-4.4.4/src/uipp/dxuilib/AutoAxesDialog.C:2211:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char  	sv[256];
data/dx-4.4.4/src/uipp/dxuilib/AutoAxesDialog.C:2245:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char  	*sval[5], sv0[256], sv1[256], sv2[256], sv3[256];
data/dx-4.4.4/src/uipp/dxuilib/AutoAxesDialog.C:2246:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char  	*color[5], cr0[256], cr1[256], cr2[256], cr3[256];
data/dx-4.4.4/src/uipp/dxuilib/AutoAxesDialog.C:2431:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char       value[256];
data/dx-4.4.4/src/uipp/dxuilib/AutoAxesDialog.C:2432:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char       colors[256];
data/dx-4.4.4/src/uipp/dxuilib/AutoAxesDialog.C:2841:6:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	    strcat(value, "\"background\"");
data/dx-4.4.4/src/uipp/dxuilib/AutoAxesDialog.C:2856:6:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	    strcat(value, "\"grid\"");
data/dx-4.4.4/src/uipp/dxuilib/AutoAxesDialog.C:2871:6:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	    strcat(value, "\"ticks\"");
data/dx-4.4.4/src/uipp/dxuilib/AutoAxesDialog.C:2886:6:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	    strcat(value, "\"labels\"");
data/dx-4.4.4/src/uipp/dxuilib/BuildIFDict.C:33:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char keystr[2];
data/dx-4.4.4/src/uipp/dxuilib/ColormapAddCtlDialog.C:228:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char          str[100];
data/dx-4.4.4/src/uipp/dxuilib/ColormapAddCtlDialog.C:247:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(str, "Data value(%g to %g):", min, max);
data/dx-4.4.4/src/uipp/dxuilib/CommentStyle.C:80:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char begin_stmnt[64];
data/dx-4.4.4/src/uipp/dxuilib/CommentStyle.C:81:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char end_stmnt[64];
data/dx-4.4.4/src/uipp/dxuilib/CommentStyle.C:98:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char print_buf[PBS];
data/dx-4.4.4/src/uipp/dxuilib/CommentStyle.C:172:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char begin_stmnt[64];
data/dx-4.4.4/src/uipp/dxuilib/CommentStyle.C:173:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char end_stmnt[64];
data/dx-4.4.4/src/uipp/dxuilib/CommentStyle.C:185:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char additional_text[256];
data/dx-4.4.4/src/uipp/dxuilib/CommentStyle.C:187:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char keyword[64];
data/dx-4.4.4/src/uipp/dxuilib/ConfigurationDialog.C:418:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char pname[128];
data/dx-4.4.4/src/uipp/dxuilib/ConfigurationDialog.C:1078:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char pname[128];
data/dx-4.4.4/src/uipp/dxuilib/ConfigurationDialog.C:1131:3:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
		strcat(s, ", ");
data/dx-4.4.4/src/uipp/dxuilib/ConfigurationDialog.C:1303:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char pname[128];
data/dx-4.4.4/src/uipp/dxuilib/ConfigurationDialog.C:1334:3:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
		strcat(s, ", ");
data/dx-4.4.4/src/uipp/dxuilib/ConfigurationDialog.C:1369:3:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
		strcat(destString, ", ");
data/dx-4.4.4/src/uipp/dxuilib/ConfigurationDialog.C:1980:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char pname[128];
data/dx-4.4.4/src/uipp/dxuilib/ConfigurationDialog.C:2186:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char supfile[1024];
data/dx-4.4.4/src/uipp/dxuilib/ConfigurationDialog.C:2200:13:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	if (!(fp = fopen(supfile,"r")))
data/dx-4.4.4/src/uipp/dxuilib/ControlPanel.C:912:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char buf[32];
data/dx-4.4.4/src/uipp/dxuilib/ControlPanel.C:913:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(buf,"set%dDOption",i);
data/dx-4.4.4/src/uipp/dxuilib/ControlPanel.C:1566:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char decoType[128];
data/dx-4.4.4/src/uipp/dxuilib/ControlPanel.C:1567:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char stylename[128];
data/dx-4.4.4/src/uipp/dxuilib/ControlPanel.C:1994:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char      title[512];
data/dx-4.4.4/src/uipp/dxuilib/ControlPanel.C:3816:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf (this->java_variable, "cp_%d", this->getInstanceNumber());
data/dx-4.4.4/src/uipp/dxuilib/ControlPanelWorkSpace.C:304:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char name[MAXHOSTNAMELEN + 10];
data/dx-4.4.4/src/uipp/dxuilib/ControlPanelWorkSpace.C:331:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf (&name[l], ":%d", getpid());
data/dx-4.4.4/src/uipp/dxuilib/DXAnchorWindow.C:232:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[256];
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:2075:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char s[1000];
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:2115:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char s[1000];
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:2204:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char msg[1024];
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:2757:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char path[1024];
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:3014:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char message[1000];
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:3016:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:3027:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char message[1000];
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:3029:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:3097:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char cmd[2048], args[2048];
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:3099:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(args, "-exonly -memory %d -local", 
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:3102:6:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	    strcpy(args, "-exonly -local");
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:3106:6:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	    strcat(args, " -exec ");
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:3111:6:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	    strcat(args, " -directory ");
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:3121:6:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	    strcat(args, " -mdf ");
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:3139:6:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	    strcat(args, " -license ");
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:3227:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
		strcpy(name, "Image");
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:3237:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char        name[500], netname[500];
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:3376:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char s[1000];
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:3550:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char message[1024];
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:3567:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(message,"Executive(\"version %d %d %d\");\n",
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:3571:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(message,"Executive(\"product version %d %d %d\");\n",
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:3653:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char s[1000];
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:3980:6:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	    strcpy(buf,"Executive(\"mdf string\",\"");
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:3999:6:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	    strcat(p,"\");\n");
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:4018:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char sbuf[1024];
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:4254:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char cryptbuf[1024];
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:4285:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char cryptbuf[1024];
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:4459:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char buf[1024];
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:4592:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char buf[64];
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:4601:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buf,"%d seconds", seconds);
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:4619:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[1024];	
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:4654:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	const char *dirs[2];
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:4660:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char *dirs[3];
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:4686:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char msg[4096];
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:4687:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char buf[1024];
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:4689:6:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	    strcpy(msg,"The following files have been written...\n\n");
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:4704:8:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
			    sprintf(basename,"network_%d",++cnt);
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:4710:8:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
			    strcat(msg," (error while writing)");
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:4778:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[1024];
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:4931:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *dirs[2];
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:4936:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *dirs[2] = { "\\tmp", NULL };
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:4941:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *dirs[3];
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:4952:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char buf[1024];
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:4971:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		    sprintf(basename,"network_%d",++cnt);
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:4985:7:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
		    strcat(msg," (error while writing)");
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:4995:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy(msg,"No files needed to be saved.\n");
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:5017:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char msg[4096];
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:5035:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char msg[4096];	
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:5079:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char achDate[64], szDay[32], szMonth[32], szYear[32];
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:5104:21:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    when->tm_mday = atoi(szDay);
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:5106:21:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    when->tm_year = atoi(szYear) - 1900;
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:5144:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char date_mask[512];
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:5181:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char date_file[512];
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:5196:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char date_time[128];
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:162:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char localHostname[BUFSIZ];
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:163:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char localhostHostname[BUFSIZ];
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:164:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char remoteHostname[BUFSIZ];
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:257:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char s[BUFSIZ];
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:258:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char script_name[500],cmd[1000];
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:454:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char evar[256], c;
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:455:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char eval[1024];
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:572:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char         Buff[BuffSize];
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:590:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(cmd,"CMD.EXE");
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:595:17:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
                strcpy(ptr,"/C");
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:621:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char         args[1000];
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:622:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char         exename[255];
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:659:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(cmd,"command.com /C "); // FIXME Different on NT and 95?
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:666:13:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
            strcat(cmd, "rsh ");
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:808:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char rstring[RSIZE];
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:899:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[1000];
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:922:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    char buf[256];
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:944:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[1000];
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:976:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[1000];
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:1010:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[1000];
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:1237:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *s, rdbuffer[BUFSIZ+1];
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:1241:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char rstring[RSIZE];
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:1296:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char buf[256];
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:1335:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    char buf[256];
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:1442:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                    char buf[256];
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:1519:25:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                        char buf[256];
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:1586:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char	achStr[READ_BUFFER_SIZE];
data/dx-4.4.4/src/uipp/dxuilib/DXDragSource.C:81:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char            netfilename[256];
data/dx-4.4.4/src/uipp/dxuilib/DXDragSource.C:82:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char            cfgfilename[256];
data/dx-4.4.4/src/uipp/dxuilib/DXDragSource.C:83:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char            header[256];
data/dx-4.4.4/src/uipp/dxuilib/DXDragSource.C:89:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char		hostname[MAXHOSTNAMELEN];
data/dx-4.4.4/src/uipp/dxuilib/DXDragSource.C:109:12:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    netf = fopen(netfilename, "a+");
data/dx-4.4.4/src/uipp/dxuilib/DXDragSource.C:125:17:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ((netf = fopen(netfilename, "rb")) == NULL)
data/dx-4.4.4/src/uipp/dxuilib/DXDragSource.C:127:17:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ((netf = fopen(netfilename, "r")) == NULL)
data/dx-4.4.4/src/uipp/dxuilib/DXDragSource.C:135:12:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    cfgf = fopen(cfgfilename, "rb");
data/dx-4.4.4/src/uipp/dxuilib/DXDragSource.C:137:12:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    cfgf = fopen(cfgfilename, "r");
data/dx-4.4.4/src/uipp/dxuilib/DXDropSite.C:58:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char            netfilename[1024];
data/dx-4.4.4/src/uipp/dxuilib/DXDropSite.C:59:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char            cfgfilename[1024];
data/dx-4.4.4/src/uipp/dxuilib/DXDropSite.C:65:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char		draghost[MAXHOSTNAMELEN], hostname[MAXHOSTNAMELEN];
data/dx-4.4.4/src/uipp/dxuilib/DXDropSite.C:99:12:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    netf = fopen(netfilename, "w");
data/dx-4.4.4/src/uipp/dxuilib/DXDropSite.C:114:16:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        cfgf = fopen(cfgfilename, "w");
data/dx-4.4.4/src/uipp/dxuilib/DXExecCtl.C:270:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char  command[1024];
data/dx-4.4.4/src/uipp/dxuilib/DXExecCtl.C:336:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char  command[30];
data/dx-4.4.4/src/uipp/dxuilib/DXExecCtl.C:370:7:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	     strcpy(command, "pause;\n");
data/dx-4.4.4/src/uipp/dxuilib/DXExecCtl.C:384:7:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	     strcpy(command, "pause;\n");
data/dx-4.4.4/src/uipp/dxuilib/DXExecCtl.C:392:7:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	     strcpy(command, "stop;\n");
data/dx-4.4.4/src/uipp/dxuilib/DXExecCtl.C:409:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(command, "@nextframe = %d;\n", sequencer->next);
data/dx-4.4.4/src/uipp/dxuilib/DXExecCtl.C:466:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char s[100];
data/dx-4.4.4/src/uipp/dxuilib/DXExecCtl.C:468:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(s, "();\n");
data/dx-4.4.4/src/uipp/dxuilib/DXExecCtl.C:564:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char s[100];
data/dx-4.4.4/src/uipp/dxuilib/DXExecCtl.C:566:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(s, "();\n");
data/dx-4.4.4/src/uipp/dxuilib/DXExecCtl.C:583:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char s[100];
data/dx-4.4.4/src/uipp/dxuilib/DXExecCtl.C:585:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(s, "();\n");
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:157:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char buffer[1024];
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:190:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char buffer[1024];
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:232:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char buffer[1024];
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:263:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char buffer[1024];
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:297:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char buffer[1024];
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:468:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char buffer[1024];
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:523:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char buffer[1024];
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:579:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char buffer[1024];
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:601:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char buffer[1024];
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:685:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char buffer[1024];
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:705:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char label[128];
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:768:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char macro[100];
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:769:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char module[100];
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:774:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char inout[10];
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:775:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[1024];
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:841:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char macro[100];
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:842:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char module[100];
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:846:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char inout[10];
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:847:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[1024];
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:994:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[1024];
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:995:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buffer,"UI version: %d %d %d\n",
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:1027:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char buffer[1024];
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:1042:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char probeName[100];
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:1082:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char arg0[256], arg1[256];
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:1121:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char buffer[1024];
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:1168:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char qualifier0[256];
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:1169:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char qualifier1[256];
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:1170:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char mode[256];
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:1185:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char buffer[1024];
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:1226:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char buffer[1024];
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:1254:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char buffer[1024];
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:1273:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char buffer[1024];
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:1302:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char buffer[1024];
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:1320:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char buffer[1024];
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:1375:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[1024];
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:1382:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(buffer, "execution state: %d", execState);
data/dx-4.4.4/src/uipp/dxuilib/DXPacketIF.C:82:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[512];
data/dx-4.4.4/src/uipp/dxuilib/DXPacketIF.C:111:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[512];
data/dx-4.4.4/src/uipp/dxuilib/DXPacketIF.C:127:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char buffer[512];
data/dx-4.4.4/src/uipp/dxuilib/DXPacketIF.C:296:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[1024];  // FIXME: how to allocate this
data/dx-4.4.4/src/uipp/dxuilib/DXWindow.C:739:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char fname[256];
data/dx-4.4.4/src/uipp/dxuilib/Decorator.C:224:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char decoStyle[128];
data/dx-4.4.4/src/uipp/dxuilib/Decorator.C:225:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char stylename[128];
data/dx-4.4.4/src/uipp/dxuilib/Decorator.C:508:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char lbuf[256];
data/dx-4.4.4/src/uipp/dxuilib/Decorator.C:555:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char red[3], blue[3], green[3];
data/dx-4.4.4/src/uipp/dxuilib/DescrDialog.C:68:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[100];
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:2509:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char msg[128];
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:2510:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf (msg, "Really open %d configuration dialogs?", selected_count);
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:2556:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char msg[128];
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:2557:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf (msg, "Really open %d configuration dialogs?", cdb_count);
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:4338:18:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    FILE *fout = fopen(filename,"w");
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:4606:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char footer[128];
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:5218:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char page_name[64];
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:5243:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf (page_name, "Untitled_%d", next_page_no++);
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:5702:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
			    char msg[512];
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:5706:8:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
			    strcat (msg, 
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:5747:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
			    char msg[512];
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:5751:8:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
			    strcat (msg, "Suggestion: "
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:5905:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char msg[128];
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:5931:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char del_buf[16];
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:5932:26:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    if (delete_property) strcpy ((char*)del_buf, "TRUE");
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:5933:10:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    else strcpy ((char*)del_buf, "FALSE");
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:5973:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char netfilename[256];
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:5974:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char cfgfilename[256];
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:5976:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char msg[128];
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:6012:17:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ((netf = fopen(netfilename, "a+")) == NULL) {
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:6030:17:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ((netf = fopen(netfilename, RD_FLAG)) == NULL) {
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:6040:15:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	FILE *cfgf = fopen(cfgfilename, RD_FLAG);
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:6178:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	unsigned char del_buf[16];
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:6179:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy ((char*)del_buf, "FALSE");
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:6278:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char msg[128];
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:6283:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char net_file_name[256];
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:6284:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char cfg_file_name[256];
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:6308:17:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ((netf = fopen(net_file_name, "w")) == NULL) {
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:6323:14:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	if ((netf = fopen(cfg_file_name, "w")) == NULL) {
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:7204:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char uniq_file[512];
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:7207:17:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	FILE* holder = fopen(holder_file, "w");
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:7209:17:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	FILE* uniq_f = fopen(uniq_file, "w");
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:7511:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char button_label[64];
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:7512:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy (button_label, "Undo");
data/dx-4.4.4/src/uipp/dxuilib/FindStack.C:27:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   name[64];		// FIXME: these should be duplicated
data/dx-4.4.4/src/uipp/dxuilib/FindStack.C:28:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   label[64];		// FIXME: these should be duplicated
data/dx-4.4.4/src/uipp/dxuilib/FindToolDialog.C:513:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   name[500];
data/dx-4.4.4/src/uipp/dxuilib/FindToolDialog.C:514:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   label[500];
data/dx-4.4.4/src/uipp/dxuilib/FindToolDialog.C:553:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   name[50];
data/dx-4.4.4/src/uipp/dxuilib/FindToolDialog.C:554:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   label[50];
data/dx-4.4.4/src/uipp/dxuilib/FindToolDialog.h:63:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   lastName[40];
data/dx-4.4.4/src/uipp/dxuilib/GetSetConversionDialog.C:605:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char msg[128];
data/dx-4.4.4/src/uipp/dxuilib/GetSetConversionDialog.C:607:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf (msg, "  macro contains:\n%4d Get(s)\n%4d Set(s)", gcnt, scnt);
data/dx-4.4.4/src/uipp/dxuilib/GetSetConversionDialog.C:609:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf (msg, "network contains:\n%4d Get(s)\n%4d Set(s)", gcnt, scnt);
data/dx-4.4.4/src/uipp/dxuilib/GroupedObject.C:120:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char buf[128];
data/dx-4.4.4/src/uipp/dxuilib/ImageFormat.C:53:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char formstr[128];
data/dx-4.4.4/src/uipp/dxuilib/ImageFormatDialog.C:558:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[1024];
data/dx-4.4.4/src/uipp/dxuilib/ImageFormatDialog.C:584:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[1024];
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:156:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char s[32];
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:157:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(s, "%d", use);
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:163:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char s[100];
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:164:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(s, "%d", x);
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:170:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char s[100];
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:171:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(s, "%f", aspect);
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:415:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[512];
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:416:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf (buf, "[ %f %f %f ]", x,y,z);
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:469:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[1024];   
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:470:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf (buf, "{[ %f %f %f ] [ %f %f %f ]}", 
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:715:12:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	    *t1 = atoi(cp);
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:720:12:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	    *t2 = atoi(cp);
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:725:12:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	    *t3 = atoi(cp);
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:851:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char buf[128];
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:852:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf (buf, "{ %d %d %d }", t1, t2, t3);
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:858:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char buf[32];
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:859:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf (buf, "%d", t);
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:874:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char tmpbuf[16];
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:878:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
		strcpy (buffer, "{ ");
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:881:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
		strcpy (&buffer[buflen], ", "); buflen+= 2;
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:884:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf (tmpbuf, "%f", t[i]);
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:888:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy (&buffer[buflen], " }"); buflen+= 2;
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:1010:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char buf[64];
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:1011:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf (buf, "%d", d);
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:1073:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char buf[64];
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:1074:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf (buf, "%f", d);
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:1280:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char tmpbuf[FMBUFSIZE];
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:1347:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[256];
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:1486:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buf,"        buttonDownDensity) [instance: 1, cache: %d];\n", cacheflag);
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:1502:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buf,"            backgroundColor) [instance: 1, cache: %d];\n",
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:1516:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buf,"            backgroundColor) [instance: 1, cache: %d];\n",
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:1522:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buf,"            background=backgroundColor) [instance: 1, cache: %d];\n",
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:1528:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buf,"            \"is null + 1\") [instance: 1, cache: %d];\n",
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:1536:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buf,"            autoCamera) [instance: 1, cache: %d];\n",
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:1543:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buf,"            \"is null + 1\") [instance: 2, cache: %d];\n",
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:1551:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buf,"            0) [instance: 2, cache: %d];\n", cacheflag);
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:1558:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buf,"            useVector) [instance: 1, cache: %d];\n",
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:1566:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buf,"            realCamera) [instance: 3, cache: %d];\n",
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:1593:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buf,"            AAzTickLabels) [instance: 1, cache: %d];\n", cacheflag);
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:1597:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buf,"	     AAenable) [instance: 2, cache: %d];\n", cacheflag);
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:1603:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buf,"	     AAobject) [instance:4, cache: %d];\n", cacheflag);
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:1613:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buf,"            buttonDownApprox) [instance: 5, cache: %d];\n",
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:1624:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buf,"            buttonDownDensity) [instance: 6, cache: %d];\n",
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:1635:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buf,"            buttonUpApprox) [instance: 1, cache: %d];\n",
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:1646:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buf,"            buttonUpDensity) [instance: 2, cache: %d];\n",
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:1652:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buf,"	     renderMode) [instance: 3, cache: %d];\n",
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:1660:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buf,              " [instance: 7, cache: %d];\n", cacheflag);
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:1666:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buf,"            HWdensity_options) [instance: 8, cache: %d];\n",
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:1672:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buf,"            \"hardware\")[instance: 9, cache: %d];\n",
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:1678:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buf,"            \"object tag\")[instance: 3, cache: %d];\n",
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:1691:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buf,"            %d,\n", cacheflag == InternalsFullyCached ? 1 : 0);
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:1704:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buf,"            renderModeString) [instance: 1, cache: %d];\n",
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:1711:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buf,"            \"is null + 1\") [instance: 4, cache: %d];\n",
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:1718:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buf,"            \"camera resolution\") [instance: 5, cache: %d];\n",
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:1726:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buf,"            ImageResolution) [instance: 10, cache: %d];\n",
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:1733:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buf,"            \"is null + 1\") [instance: 6, cache: %d];\n",
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:1741:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buf,"            \"camera aspect\") [instance: 7, cache: %d];\n",
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:1749:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buf,"            ImageAspect) [instance: 11, cache: %d];\n",
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:1760:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buf,"	     ImageAspect) [instance: 4, cache: %d];\n",
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:1774:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buf,"        throttle) [instance: 1, cache: %d];\n", cacheflag);
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:1784:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buf,"            camera) [instance: 1, cache: %d];\n", cacheflag);
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:1791:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buf,"        throttle) [instance: 2, cache: %d];\n", cacheflag);
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:1797:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buf,"        RECformat) [instance: 1, cache: %d];\n", cacheflag);
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:1809:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buf,"        throttle) [instance: 1, cache: %d];\n", 0/*cacheflag*/);
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:1813:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buf,"        rec_where) [instance: 1, cache: %d];\n", cacheflag);
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:1819:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buf,"        RECformat) [instance: 1, cache: %d];\n", cacheflag);
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:1832:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buf,"	    aspect=RECaspect) [instance: 2, cache: %d];\n",
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:1840:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buf,"        throttle) [instance: 1, cache: %d];\n", cacheflag);
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:1848:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buf,"	    camera) [instance: 1, cache: %d];\n", cacheflag);
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:1854:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buf,"            RECupdateCamera) [instance: 2, cache: %d];\n",
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:1861:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buf,"        RECformat) [instance: 2, cache: %d];\n", cacheflag);
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:1622:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char    nodename[HOST_NAMELEN];
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:1631:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char      host[64];
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:1632:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char      unit[16];
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:1633:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	static char      string[512];
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:2570:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&temp, &event->xclient.data.l[0], sizeof(float));
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:2572:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&temp, &event->xclient.data.l[1], sizeof(float));
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:2574:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&temp, &event->xclient.data.l[2], sizeof(float));
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:2580:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&itemp, &event->xclient.data.l[0], sizeof(int));
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:2590:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&itemp, &event->xclient.data.l[0], sizeof(int));
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:2626:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&temp, &event->xclient.data.l[0], sizeof(float));
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:2628:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&temp, &event->xclient.data.l[1], sizeof(float));
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:2630:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&temp, &event->xclient.data.l[2], sizeof(float));
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:2659:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&x, &event->xclient.data.l[0], sizeof(float));
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:2660:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&y, &event->xclient.data.l[1], sizeof(float));
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:2661:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&z, &event->xclient.data.l[2], sizeof(float));
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:2711:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&obj->state.hardwareCamera.projection, 
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:2714:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&temp, &event->xclient.data.l[1], sizeof(float));
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:2716:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&temp, &event->xclient.data.l[2], sizeof(float));
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:2718:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&temp, &event->xclient.data.l[3], sizeof(float));
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:2720:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&temp, &event->xclient.data.l[4], sizeof(float));
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:2756:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&temp, &event->xclient.data.l[0], sizeof(float));
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:2758:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&temp, &event->xclient.data.l[1], sizeof(float));
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:2760:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&temp, &event->xclient.data.l[2], sizeof(float));
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:2762:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&temp, &event->xclient.data.l[3], sizeof(float));
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:2793:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&temp, &event->xclient.data.l[2], sizeof(float));
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:2795:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&temp, &event->xclient.data.l[3], sizeof(float));
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:2797:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&temp, &event->xclient.data.l[4], sizeof(float));
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:2815:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&temp, &event->xclient.data.l[1], sizeof(float));
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:2817:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&temp, &event->xclient.data.l[2], sizeof(float));
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:2819:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&temp, &event->xclient.data.l[3], sizeof(float));
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:2821:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&temp, &event->xclient.data.l[4], sizeof(float));
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:2832:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&temp, &event->xclient.data.l[0], sizeof(float));
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:2834:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&temp, &event->xclient.data.l[1], sizeof(float));
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:2836:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&temp, &event->xclient.data.l[2], sizeof(float));
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:2838:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&temp, &event->xclient.data.l[3], sizeof(float));
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:2840:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&temp, &event->xclient.data.l[4], sizeof(float));
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:2849:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&temp, &event->xclient.data.l[0], sizeof(float));
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:2852:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&temp, &event->xclient.data.l[2], sizeof(float));
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:2854:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&temp, &event->xclient.data.l[3], sizeof(float));
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:2955:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&x, &event->xclient.data.l[0], sizeof(float));
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:2956:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&y, &event->xclient.data.l[1], sizeof(float));
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:5469:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy((void*)&l[1], (void*)&tmpfloat, sizeof(float));
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:5769:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&e.xclient.data.l[i], &floats[i], sizeof(float));
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:5927:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(&l[2], &tmpfloat, sizeof(float));
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:5929:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(&l[3], &tmpfloat, sizeof(float));
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:5931:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(&l[4], &tmpfloat, sizeof(float));
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:5972:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(&l[2], &tmpfloat, sizeof(float));
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:5974:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(&l[3], &tmpfloat, sizeof(float));
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:5976:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(&l[4], &tmpfloat, sizeof(float));
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:6788:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char msg[256];
data/dx-4.4.4/src/uipp/dxuilib/ImageWindow.C:6790:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf (msg, "An image depth of %d is not supported on this hardware. The default image depth (%d) will be used.", depth, new_depth);
data/dx-4.4.4/src/uipp/dxuilib/InteractorInstance.C:419:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char lbuf[256];
data/dx-4.4.4/src/uipp/dxuilib/JavaNet.C:192:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tbuf[32];
data/dx-4.4.4/src/uipp/dxuilib/JavaNet.C:233:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char msg[4096];
data/dx-4.4.4/src/uipp/dxuilib/JavaNet.C:234:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char tbuf[512];
data/dx-4.4.4/src/uipp/dxuilib/JavaNet.C:236:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf (tbuf,
data/dx-4.4.4/src/uipp/dxuilib/JavaNet.C:287:20:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    this->html_f = fopen (this->html_file, "w");
data/dx-4.4.4/src/uipp/dxuilib/JavaNet.C:301:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char version_string[64]; 
data/dx-4.4.4/src/uipp/dxuilib/JavaNet.C:302:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf (version_string, "%d.%d.%d", dx_major,dx_minor,dx_micro);
data/dx-4.4.4/src/uipp/dxuilib/JavaNet.C:538:20:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    this->make_f = fopen (this->make_file, "w");
data/dx-4.4.4/src/uipp/dxuilib/JavaNet.C:764:22:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    this->applet_f = fopen(this->applet_file, "w");
data/dx-4.4.4/src/uipp/dxuilib/JavaNet.C:925:20:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    this->bean_f = fopen(this->bean_file, "w");
data/dx-4.4.4/src/uipp/dxuilib/LabelDecorator.C:309:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char text[1024];
data/dx-4.4.4/src/uipp/dxuilib/LabelDecorator.C:310:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char font[64];
data/dx-4.4.4/src/uipp/dxuilib/LabelDecorator.C:318:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char keyword[64];
data/dx-4.4.4/src/uipp/dxuilib/LabelDecorator.C:536:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char line1[128], line2[128];
data/dx-4.4.4/src/uipp/dxuilib/LabelDecorator.C:785:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf (&hostname[len], ":%d", getpid());
data/dx-4.4.4/src/uipp/dxuilib/LabelDecorator.C:922:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char lvar[128];
data/dx-4.4.4/src/uipp/dxuilib/LabelDecorator.h:52:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char 		   font[20];
data/dx-4.4.4/src/uipp/dxuilib/MoveNodesDialog.C:226:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char name[64];
data/dx-4.4.4/src/uipp/dxuilib/MoveNodesDialog.C:243:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char msg[128];
data/dx-4.4.4/src/uipp/dxuilib/MoveNodesDialog.C:247:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf (msg, "Page doesn't exist.");
data/dx-4.4.4/src/uipp/dxuilib/MoveNodesDialog.C:256:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char msg[128];
data/dx-4.4.4/src/uipp/dxuilib/MsgWin.C:506:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char net[100];
data/dx-4.4.4/src/uipp/dxuilib/MsgWin.C:549:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
					char modName[100];
data/dx-4.4.4/src/uipp/dxuilib/MsgWin.C:552:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
					char netName[100];
data/dx-4.4.4/src/uipp/dxuilib/MsgWin.C:848:18:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	this->logFile = fopen(file, "w");
data/dx-4.4.4/src/uipp/dxuilib/MsgWin.C:867:12:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	FILE *f = fopen(file, "w");
data/dx-4.4.4/src/uipp/dxuilib/MsgWin.C:975:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char netName[100];
data/dx-4.4.4/src/uipp/dxuilib/MsgWin.C:976:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char nodeName[100];
data/dx-4.4.4/src/uipp/dxuilib/MsgWin.C:994:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char prefix[100];
data/dx-4.4.4/src/uipp/dxuilib/MsgWin.C:1029:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char prefix[100];
data/dx-4.4.4/src/uipp/dxuilib/Network.C:1269:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char _current_module[64];
data/dx-4.4.4/src/uipp/dxuilib/Network.C:1478:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char msg[1024];
data/dx-4.4.4/src/uipp/dxuilib/Network.C:1718:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char name[1024];
data/dx-4.4.4/src/uipp/dxuilib/Network.C:1745:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char type[1024],name[1024],path[1024];
data/dx-4.4.4/src/uipp/dxuilib/Network.C:1769:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char buf[2048];
data/dx-4.4.4/src/uipp/dxuilib/Network.C:1810:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char buf[1024];
data/dx-4.4.4/src/uipp/dxuilib/Network.C:1814:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		sprintf (buf, "Saving Data Explorer %d.%d.%d program file in "
data/dx-4.4.4/src/uipp/dxuilib/Network.C:1841:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		sprintf (buf, "Saving Data Explorer program file in "
data/dx-4.4.4/src/uipp/dxuilib/Network.C:1944:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buf[1024];
data/dx-4.4.4/src/uipp/dxuilib/Network.C:1950:17:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
                strcpy(buf,"This visual program");
data/dx-4.4.4/src/uipp/dxuilib/Network.C:1952:13:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
            strcpy(buf,"This configuration file");
data/dx-4.4.4/src/uipp/dxuilib/Network.C:1988:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char category[1024];
data/dx-4.4.4/src/uipp/dxuilib/Network.C:2016:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char description[1024];
data/dx-4.4.4/src/uipp/dxuilib/Network.C:2081:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char       name[1024];
data/dx-4.4.4/src/uipp/dxuilib/Network.C:2129:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	int inputs = atoi(p);
data/dx-4.4.4/src/uipp/dxuilib/Network.C:2146:16:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	int outputs = atoi(p);
data/dx-4.4.4/src/uipp/dxuilib/Network.C:2189:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char       name[1024];
data/dx-4.4.4/src/uipp/dxuilib/Network.C:2608:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char       type[128];
data/dx-4.4.4/src/uipp/dxuilib/Network.C:2609:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char       module[512];
data/dx-4.4.4/src/uipp/dxuilib/Network.C:2611:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char macro[250];
data/dx-4.4.4/src/uipp/dxuilib/Network.C:2920:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char       type[128];
data/dx-4.4.4/src/uipp/dxuilib/Network.C:2921:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char       string[256];
data/dx-4.4.4/src/uipp/dxuilib/Network.C:2922:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char       macro[256];
data/dx-4.4.4/src/uipp/dxuilib/Network.C:3207:13:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
            strcpy(buf, "savednet ");
data/dx-4.4.4/src/uipp/dxuilib/Network.C:3274:9:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    f = fopen (cfgfile, "r");
data/dx-4.4.4/src/uipp/dxuilib/Network.C:3320:18:  [2] (tmpfile) tmpfile:
  Function tmpfile() has a security flaw on some systems (e.g., older System
  V systems) (CWE-377).
    char *file, *tmpfile, *netfile;
data/dx-4.4.4/src/uipp/dxuilib/Network.C:3338:6:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	f = fopen(netfile,"a+");
data/dx-4.4.4/src/uipp/dxuilib/Network.C:3340:6:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	f = fopen(netfile,"a");
data/dx-4.4.4/src/uipp/dxuilib/Network.C:3358:9:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    f = fopen (file, "w");
data/dx-4.4.4/src/uipp/dxuilib/Network.C:3372:6:  [2] (tmpfile) tmpfile:
  Function tmpfile() has a security flaw on some systems (e.g., older System
  V systems) (CWE-377).
	if (tmpfile) {
data/dx-4.4.4/src/uipp/dxuilib/Network.C:3373:13:  [2] (tmpfile) tmpfile:
  Function tmpfile() has a security flaw on some systems (e.g., older System
  V systems) (CWE-377).
	    rename(tmpfile,netfile);
data/dx-4.4.4/src/uipp/dxuilib/Network.C:3382:9:  [2] (tmpfile) tmpfile:
  Function tmpfile() has a security flaw on some systems (e.g., older System
  V systems) (CWE-377).
    if (tmpfile) delete tmpfile;
data/dx-4.4.4/src/uipp/dxuilib/Network.C:3382:25:  [2] (tmpfile) tmpfile:
  Function tmpfile() has a security flaw on some systems (e.g., older System
  V systems) (CWE-377).
    if (tmpfile) delete tmpfile;
data/dx-4.4.4/src/uipp/dxuilib/Network.C:3393:18:  [2] (tmpfile) tmpfile:
  Function tmpfile() has a security flaw on some systems (e.g., older System
  V systems) (CWE-377).
    char *file, *tmpfile, *cfgfile; 
data/dx-4.4.4/src/uipp/dxuilib/Network.C:3418:13:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        f = fopen(cfgfile,"a+");
data/dx-4.4.4/src/uipp/dxuilib/Network.C:3420:13:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        f = fopen(cfgfile,"a");
data/dx-4.4.4/src/uipp/dxuilib/Network.C:3438:9:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    f = fopen (file, "w");
data/dx-4.4.4/src/uipp/dxuilib/Network.C:3583:7:  [2] (tmpfile) tmpfile:
  Function tmpfile() has a security flaw on some systems (e.g., older System
  V systems) (CWE-377).
		if (tmpfile)
data/dx-4.4.4/src/uipp/dxuilib/Network.C:3584:14:  [2] (tmpfile) tmpfile:
  Function tmpfile() has a security flaw on some systems (e.g., older System
  V systems) (CWE-377).
		    unlink(tmpfile);
data/dx-4.4.4/src/uipp/dxuilib/Network.C:3587:15:  [2] (tmpfile) tmpfile:
  Function tmpfile() has a security flaw on some systems (e.g., older System
  V systems) (CWE-377).
	    else if (tmpfile)
data/dx-4.4.4/src/uipp/dxuilib/Network.C:3588:10:  [2] (tmpfile) tmpfile:
  Function tmpfile() has a security flaw on some systems (e.g., older System
  V systems) (CWE-377).
		rename(tmpfile, cfgfile);
data/dx-4.4.4/src/uipp/dxuilib/Network.C:3595:9:  [2] (tmpfile) tmpfile:
  Function tmpfile() has a security flaw on some systems (e.g., older System
  V systems) (CWE-377).
    if (tmpfile) delete tmpfile;
data/dx-4.4.4/src/uipp/dxuilib/Network.C:3595:25:  [2] (tmpfile) tmpfile:
  Function tmpfile() has a security flaw on some systems (e.g., older System
  V systems) (CWE-377).
    if (tmpfile) delete tmpfile;
data/dx-4.4.4/src/uipp/dxuilib/Network.C:3703:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char s[1000];
data/dx-4.4.4/src/uipp/dxuilib/Network.C:3796:7:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
						strcat(types, " or ");
data/dx-4.4.4/src/uipp/dxuilib/Network.C:3830:7:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
						strcpy (s, "// OPTIONS");
data/dx-4.4.4/src/uipp/dxuilib/Network.C:3859:7:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
						strcat(types, " or ");
data/dx-4.4.4/src/uipp/dxuilib/Network.C:4394:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char	interactor_name[1024];	// FIXME: allocate this
data/dx-4.4.4/src/uipp/dxuilib/Network.C:5075:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buttonName[32];
data/dx-4.4.4/src/uipp/dxuilib/Network.C:5103:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(buttonName,"panel%d",inst);
data/dx-4.4.4/src/uipp/dxuilib/Network.C:5126:11:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    	    sprintf(buttonName,"group%d",i);
data/dx-4.4.4/src/uipp/dxuilib/Network.C:5702:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[1024];
data/dx-4.4.4/src/uipp/dxuilib/Network.C:5703:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char cmd[1024];
data/dx-4.4.4/src/uipp/dxuilib/Network.C:5704:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char envbuf[1024];
data/dx-4.4.4/src/uipp/dxuilib/Network.C:5716:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(envbuf,"__=%d", getpid());
data/dx-4.4.4/src/uipp/dxuilib/Network.C:5725:12:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    code = atoi(fgets(buf,80,f)); //check my pid is first thing in mesg
data/dx-4.4.4/src/uipp/dxuilib/Network.C:5776:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char errbuf[1024];
data/dx-4.4.4/src/uipp/dxuilib/Network.C:5781:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[1024];
data/dx-4.4.4/src/uipp/dxuilib/Network.C:5782:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char cmd[1024];
data/dx-4.4.4/src/uipp/dxuilib/Network.C:5805:13:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
            strcpy(p,".ntz");
data/dx-4.4.4/src/uipp/dxuilib/Network.C:5812:13:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        f = fopen (netfile, "r");
data/dx-4.4.4/src/uipp/dxuilib/Network.C:5848:6:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	f = fopen (netfile, "r");
data/dx-4.4.4/src/uipp/dxuilib/Network.C:5891:15:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    FILE *f = fopen(nf,"w");
data/dx-4.4.4/src/uipp/dxuilib/Network.C:6189:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char decoType[128];
data/dx-4.4.4/src/uipp/dxuilib/Network.C:6190:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char stylename[128];
data/dx-4.4.4/src/uipp/dxuilib/Network.C:6222:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
			char buf[128];
data/dx-4.4.4/src/uipp/dxuilib/Network.C:6424:10:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    	    char s[1024];
data/dx-4.4.4/src/uipp/dxuilib/Network.C:6455:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char s2[1024];
data/dx-4.4.4/src/uipp/dxuilib/Network.C:6582:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tbuf[128];
data/dx-4.4.4/src/uipp/dxuilib/Network.C:6590:6:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	    strcpy(msg, "The following Transmitters were renamed due to name conflicts:");
data/dx-4.4.4/src/uipp/dxuilib/Network.C:6597:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char new_name[128];
data/dx-4.4.4/src/uipp/dxuilib/Network.C:6753:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char newname[64];
data/dx-4.4.4/src/uipp/dxuilib/Network.C:6754:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char tmp[64];
data/dx-4.4.4/src/uipp/dxuilib/OpenNetworkDialog.C:90:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[BUFSIZE];
data/dx-4.4.4/src/uipp/dxuilib/PacketIF.C:842:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		sprintf(echo_string, "-1: ");
data/dx-4.4.4/src/uipp/dxuilib/PacketIF.C:927:7:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	id = atoi(token);
data/dx-4.4.4/src/uipp/dxuilib/PacketIF.C:981:16:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	data_length = atoi(token);
data/dx-4.4.4/src/uipp/dxuilib/PacketIF.C:1147:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char string[1024];
data/dx-4.4.4/src/uipp/dxuilib/PacketIF.C:1148:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char buffer[4096 + 1];
data/dx-4.4.4/src/uipp/dxuilib/PacketIF.C:1247:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy((void*)this->line, (void*)(buffer+i), leftover);
data/dx-4.4.4/src/uipp/dxuilib/PacketIF.C:1383:14:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		rq_bufsz = atoi(s);
data/dx-4.4.4/src/uipp/dxuilib/PacketIF.C:1441:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		sprintf(userver.sun_path, "/tmp/.DX-unix/DX%d", port);
data/dx-4.4.4/src/uipp/dxuilib/PacketIF.C:1503:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy((void*)&server.sin_addr, &locaddr, sizeof(unsigned long));
data/dx-4.4.4/src/uipp/dxuilib/PacketIF.C:1513:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy((void*)&server.sin_addr, hostp->h_addr, hostp->h_length);
data/dx-4.4.4/src/uipp/dxuilib/PacketIF.C:1522:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy((void*)&server.sin_addr, hostp->h_addr, hostp->h_length);
data/dx-4.4.4/src/uipp/dxuilib/PacketIF.C:1664:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(userver.sun_path, "/tmp/.DX-unix/DX%d", port);
data/dx-4.4.4/src/uipp/dxuilib/PageGroupManager.C:56:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char name[128];
data/dx-4.4.4/src/uipp/dxuilib/PageSelector.C:806:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf (errMsg, "Page names cannot be blank");
data/dx-4.4.4/src/uipp/dxuilib/PageSelector.C:819:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf (errMsg, "The name \'Untitled\' is reserved.");
data/dx-4.4.4/src/uipp/dxuilib/PageSelector.C:1131:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy (this->old_event, e, sizeof(XEvent));
data/dx-4.4.4/src/uipp/dxuilib/PageSelector.C:1243:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char errMsg[256];
data/dx-4.4.4/src/uipp/dxuilib/PanelAccessManager.C:153:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char gname[64];
data/dx-4.4.4/src/uipp/dxuilib/PanelAccessManager.C:286:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char gname[64], name[32];
data/dx-4.4.4/src/uipp/dxuilib/PanelAccessManager.C:308:17:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	int instance = atoi(p);
data/dx-4.4.4/src/uipp/dxuilib/PanelGroupManager.C:217:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *p, *c, name[128];
data/dx-4.4.4/src/uipp/dxuilib/PanelGroupManager.C:247:9:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	inst = atoi(p) + 1;
data/dx-4.4.4/src/uipp/dxuilib/Parameter.C:401:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		    sprintf(p," %g", data[i]); 
data/dx-4.4.4/src/uipp/dxuilib/Parameter.C:402:40:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
		    if (i != (count-1) && count > 1) strcat(p,", ");
data/dx-4.4.4/src/uipp/dxuilib/Parameter.C:404:3:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
		strcat(p,"};\n");
data/dx-4.4.4/src/uipp/dxuilib/Parameter.C:411:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		    sprintf(p," %d", (int)data[i]); 
data/dx-4.4.4/src/uipp/dxuilib/Parameter.C:412:40:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
		    if (i != (count-1) && count > 1) strcat(p,", ");
data/dx-4.4.4/src/uipp/dxuilib/Parameter.C:414:3:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
		strcat(p,"};\n");
data/dx-4.4.4/src/uipp/dxuilib/Parameter.C:441:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		    sprintf(p," %g", values[i]);
data/dx-4.4.4/src/uipp/dxuilib/Parameter.C:442:40:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
		    if (i != (count-1) && count > 1) strcat(p,", ");
data/dx-4.4.4/src/uipp/dxuilib/Parameter.C:444:3:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
		strcat(p,"};\n");
data/dx-4.4.4/src/uipp/dxuilib/Parameter.C:451:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		    sprintf(p," %g", values[i]);
data/dx-4.4.4/src/uipp/dxuilib/Parameter.C:452:40:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
		    if (i != (count-1) && count > 1) strcat(p,", ");
data/dx-4.4.4/src/uipp/dxuilib/Parameter.C:454:3:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
		strcat(p,"};\n");
data/dx-4.4.4/src/uipp/dxuilib/ParameterCDB.C:416:6:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	    strcat(s, " or ");
data/dx-4.4.4/src/uipp/dxuilib/ParameterCDB.C:478:6:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	    strcat(s, " or ");
data/dx-4.4.4/src/uipp/dxuilib/ParameterCDB.C:531:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char oval[1024];
data/dx-4.4.4/src/uipp/dxuilib/ParameterCDB.C:532:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char tbuf[128];
data/dx-4.4.4/src/uipp/dxuilib/ParameterCDB.C:653:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char buf[64];
data/dx-4.4.4/src/uipp/dxuilib/ParameterCDB.C:655:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
		strcpy(buf,"input_");
data/dx-4.4.4/src/uipp/dxuilib/ParameterCDB.C:657:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
		strcpy(buf,"output_");
data/dx-4.4.4/src/uipp/dxuilib/ParameterCDB.C:664:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		   	sprintf(buf+buflen,"%d",position); 
data/dx-4.4.4/src/uipp/dxuilib/ParseMDF.C:221:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[1000];
data/dx-4.4.4/src/uipp/dxuilib/ParseMDF.C:326:12:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    *val = atoi(c);
data/dx-4.4.4/src/uipp/dxuilib/ParseMDF.C:630:25:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    begin_attributes = (char *) strchr(substring[0],'[');
data/dx-4.4.4/src/uipp/dxuilib/ParseMDF.C:817:25:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    begin_attributes = (char *) strchr(substring[0],'[');
data/dx-4.4.4/src/uipp/dxuilib/ParseMDF.C:1011:13:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    value = atoi(&line[current]);
data/dx-4.4.4/src/uipp/dxuilib/ParseMDF.C:1101:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char       line[2048];
data/dx-4.4.4/src/uipp/dxuilib/ParseMDF.C:1693:10:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	input = fopen(file, "r");
data/dx-4.4.4/src/uipp/dxuilib/ParseMDF.C:1721:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char    pathname[256];
data/dx-4.4.4/src/uipp/dxuilib/ParseMDF.C:1745:10:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	input = fopen(program->user_module, "r");
data/dx-4.4.4/src/uipp/dxuilib/PixelImageFormat.C:113:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char size_val[64];
data/dx-4.4.4/src/uipp/dxuilib/PixelImageFormat.C:213:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf (size_val, "%dx%d", this->width, height);
data/dx-4.4.4/src/uipp/dxuilib/PostScriptImageFormat.C:166:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tbuf[64];
data/dx-4.4.4/src/uipp/dxuilib/PostScriptImageFormat.C:336:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char size_val[64];
data/dx-4.4.4/src/uipp/dxuilib/PostScriptImageFormat.C:532:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf (size_val, "%dx%d", this->width, height);
data/dx-4.4.4/src/uipp/dxuilib/PostScriptImageFormat.C:557:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char tbuf[128];
data/dx-4.4.4/src/uipp/dxuilib/PostScriptImageFormat.C:627:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char ori[128];
data/dx-4.4.4/src/uipp/dxuilib/PostScriptImageFormat.C:659:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char psize[64];
data/dx-4.4.4/src/uipp/dxuilib/PostScriptImageFormat.C:705:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tbuf[64];
data/dx-4.4.4/src/uipp/dxuilib/PostScriptImageFormat.C:905:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char msg[256];
data/dx-4.4.4/src/uipp/dxuilib/PostScriptImageFormat.C:1020:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char tbuf[64];
data/dx-4.4.4/src/uipp/dxuilib/PostScriptImageFormat.C:1062:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char formstr[512];
data/dx-4.4.4/src/uipp/dxuilib/PostScriptImageFormat.C:1063:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char tbuf[128];
data/dx-4.4.4/src/uipp/dxuilib/PostScriptImageFormat.C:1072:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf (tbuf, "gamma=%.3g", this->dialog->getGamma());
data/dx-4.4.4/src/uipp/dxuilib/PostScriptImageFormat.C:1079:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf (tbuf, "dpi=%d", this->dpi);
data/dx-4.4.4/src/uipp/dxuilib/PostScriptImageFormat.C:1087:6:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	    strcpy(tbuf, "orient=landscape");
data/dx-4.4.4/src/uipp/dxuilib/PostScriptImageFormat.C:1089:6:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	    strcpy(tbuf, "orient=portrait");
data/dx-4.4.4/src/uipp/dxuilib/PostScriptImageFormat.C:1091:6:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	    strcpy(tbuf, "orient=portrait");
data/dx-4.4.4/src/uipp/dxuilib/PostScriptImageFormat.C:1093:6:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	    strcpy(tbuf, "orient=landscape");
data/dx-4.4.4/src/uipp/dxuilib/PostScriptImageFormat.C:1111:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy (tbuf, "delayed=1");
data/dx-4.4.4/src/uipp/dxuilib/PostScriptImageFormat.C:1122:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tbuf[64];
data/dx-4.4.4/src/uipp/dxuilib/PrintImageDialog.C:132:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char cmd[512];
data/dx-4.4.4/src/uipp/dxuilib/PrintProgramFileDialog.C:74:13:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
            strcpy(c,".ps");
data/dx-4.4.4/src/uipp/dxuilib/PrintProgramFileDialog.C:76:13:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
            strcat(newfile,".ps");
data/dx-4.4.4/src/uipp/dxuilib/ProcessGroupOptionsDialog.C:82:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char newS[1000];
data/dx-4.4.4/src/uipp/dxuilib/ProcessGroupOptionsDialog.C:125:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char args[1024];
data/dx-4.4.4/src/uipp/dxuilib/ProcessGroupOptionsDialog.C:129:6:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	    strcat(args, "-exec ");
data/dx-4.4.4/src/uipp/dxuilib/ProcessGroupOptionsDialog.C:135:6:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	    strcat(args, "-directory ");
data/dx-4.4.4/src/uipp/dxuilib/ProcessGroupOptionsDialog.C:147:6:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	    strcat(args, " -memory ");
data/dx-4.4.4/src/uipp/dxuilib/ProcessGroupOptionsDialog.C:343:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char        *str_type[20];
data/dx-4.4.4/src/uipp/dxuilib/ProcessGroupOptionsDialog.C:344:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char	*argv[100];
data/dx-4.4.4/src/uipp/dxuilib/ResourceManager.C:137:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char spec[4096];
data/dx-4.4.4/src/uipp/dxuilib/ResourceManager.C:195:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char fname[256];
data/dx-4.4.4/src/uipp/dxuilib/ResourceManager.C:206:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char rspec[256];
data/dx-4.4.4/src/uipp/dxuilib/ResourceManager.C:223:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char fname[256];
data/dx-4.4.4/src/uipp/dxuilib/ResourceManager.C:234:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char rspec[256];
data/dx-4.4.4/src/uipp/dxuilib/ResourceManager.C:244:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char buf[256];
data/dx-4.4.4/src/uipp/dxuilib/SaveAsCCodeDialog.C:66:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat(cname,".c");
data/dx-4.4.4/src/uipp/dxuilib/ScalarInstance.C:122:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char comp_val[128];
data/dx-4.4.4/src/uipp/dxuilib/ScalarInstance.C:127:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy(s,"[ ");
data/dx-4.4.4/src/uipp/dxuilib/ScalarInstance.C:227:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		    sprintf(*reason,"Integer values must be greater than or "
data/dx-4.4.4/src/uipp/dxuilib/ScalarInstance.C:243:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		    sprintf(*reason,"Scalar values must be greater than or "
data/dx-4.4.4/src/uipp/dxuilib/ScalarInstance.C:256:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		    sprintf(*reason,"Vector values must be %d dimensional.",
data/dx-4.4.4/src/uipp/dxuilib/ScalarInstance.C:268:8:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
			    sprintf(*reason,
data/dx-4.4.4/src/uipp/dxuilib/ScalarListInstance.C:63:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[1024];
data/dx-4.4.4/src/uipp/dxuilib/SelectionAttrDialog.C:263:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char first_value[1024], label[1024],*text = this->getListItem(1);
data/dx-4.4.4/src/uipp/dxuilib/SelectionAttrDialog.C:331:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char  	*text, value[1024], label[1024];
data/dx-4.4.4/src/uipp/dxuilib/SelectionAttrDialog.C:339:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy(vallist,"{ ");
data/dx-4.4.4/src/uipp/dxuilib/SelectionAttrDialog.C:340:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy(strlist,"{ ");
data/dx-4.4.4/src/uipp/dxuilib/SelectionAttrDialog.C:348:9:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	       strcat(strlist,", ");
data/dx-4.4.4/src/uipp/dxuilib/SelectionAttrDialog.C:349:9:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	       strcat(vallist,", ");
data/dx-4.4.4/src/uipp/dxuilib/SelectionAttrDialog.C:359:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy(vallist,"NULL");
data/dx-4.4.4/src/uipp/dxuilib/SelectionAttrDialog.C:360:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy(strlist,"NULL");
data/dx-4.4.4/src/uipp/dxuilib/SelectionInstance.C:69:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char title[128];
data/dx-4.4.4/src/uipp/dxuilib/SeparatorDecorator.C:281:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char svar[128];
data/dx-4.4.4/src/uipp/dxuilib/SequencerWindow.C:182:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   command[64];
data/dx-4.4.4/src/uipp/dxuilib/SequencerWindow.C:200:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(command, "@nextframe = %d;\n", node->next);
data/dx-4.4.4/src/uipp/dxuilib/SequencerWindow.C:205:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(command, "@startframe = %d;\n", node->getStartValue());
data/dx-4.4.4/src/uipp/dxuilib/SequencerWindow.C:210:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(command, "@endframe = %d;\n", node->getStopValue());
data/dx-4.4.4/src/uipp/dxuilib/SequencerWindow.C:215:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(command, "@deltaframe = %d;\n", node->getDeltaValue());
data/dx-4.4.4/src/uipp/dxuilib/SequencerWindow.C:228:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(command, "@startframe = %d;\n", node->getStartValue());
data/dx-4.4.4/src/uipp/dxuilib/SequencerWindow.C:241:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(command, "@endframe = %d;\n", node->getStopValue());
data/dx-4.4.4/src/uipp/dxuilib/SetDecoratorTextDialog.C:649:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char *align_names[4]; 
data/dx-4.4.4/src/uipp/dxuilib/SetPageNameDialog.C:327:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char errMsg[256];
data/dx-4.4.4/src/uipp/dxuilib/SetScalarAttrDialog.C:1031:9:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
        strcat(message, " increment");
data/dx-4.4.4/src/uipp/dxuilib/SetSeparatorAttrDlg.C:162:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char tscolor[32], bscolor[32];
data/dx-4.4.4/src/uipp/dxuilib/SetSeparatorAttrDlg.C:186:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf (tscolor, "#%4.4x%4.4x%4.4x", cdef.red, cdef.green, cdef.blue);
data/dx-4.4.4/src/uipp/dxuilib/SetSeparatorAttrDlg.C:190:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf (tscolor, "#%4.4x%4.4x%4.4x", cdef.red, cdef.green, cdef.blue);
data/dx-4.4.4/src/uipp/dxuilib/SetSeparatorAttrDlg.C:194:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf (bscolor, "#%4.4x%4.4x%4.4x", cdef.red, cdef.green, cdef.blue);
data/dx-4.4.4/src/uipp/dxuilib/StandIn.C:548:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char             str1[64];
data/dx-4.4.4/src/uipp/dxuilib/StandIn.C:549:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char             str2[64];
data/dx-4.4.4/src/uipp/dxuilib/StandIn.C:1892:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buffer[128];
data/dx-4.4.4/src/uipp/dxuilib/StandIn.C:2925:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char buf[1024];
data/dx-4.4.4/src/uipp/dxuilib/StandIn.C:2932:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		    char dup_val[64];
data/dx-4.4.4/src/uipp/dxuilib/StandIn.C:2933:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		    char escaped_val[128];
data/dx-4.4.4/src/uipp/dxuilib/StandIn.C:2951:4:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
			strcat(dup_val,"...");
data/dx-4.4.4/src/uipp/dxuilib/StandIn.C:3090:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
		strcpy (&esc_label[max_len], "...");
data/dx-4.4.4/src/uipp/dxuilib/StandIn.C:3182:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf (&hostname[len], ":%d", getpid());
data/dx-4.4.4/src/uipp/dxuilib/StartOptionsDialog.C:81:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char newS[1000];
data/dx-4.4.4/src/uipp/dxuilib/StartOptionsDialog.C:399:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char s[100];
data/dx-4.4.4/src/uipp/dxuilib/StartOptionsDialog.C:400:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(s, "%d", memorySize);
data/dx-4.4.4/src/uipp/dxuilib/TickLabelList.C:440:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy (buf, "{ ");
data/dx-4.4.4/src/uipp/dxuilib/TickLabelList.C:448:6:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	    strcpy (&buf[bufLen], ", "); bufLen+= 2;
data/dx-4.4.4/src/uipp/dxuilib/TickLabelList.C:462:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy (&buf[bufLen], " }"); bufLen+= 2;
data/dx-4.4.4/src/uipp/dxuilib/UndoDeletion.C:134:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char msg[128];
data/dx-4.4.4/src/uipp/dxuilib/UndoDeletion.C:140:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char net_file_name[256];
data/dx-4.4.4/src/uipp/dxuilib/UndoDeletion.C:141:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char cfg_file_name[256];
data/dx-4.4.4/src/uipp/dxuilib/UndoDeletion.C:142:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char directory[256];
data/dx-4.4.4/src/uipp/dxuilib/UndoDeletion.C:169:17:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if ((netf = fopen(net_file_name, mode)) == NULL) {
data/dx-4.4.4/src/uipp/dxuilib/netyacc.c:274:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char                s[4096];	/* 4096 == YYLMAX in net.lex */
data/dx-4.4.4/src/uipp/java/server/DXLink.c:103:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char cmdstr[256];
data/dx-4.4.4/src/uipp/java/server/DXLink.c:148:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char tmpbuf[128];
data/dx-4.4.4/src/uipp/mb/MBGenerate.C:154:10:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    fd = fopen(buf, "w");
data/dx-4.4.4/src/uipp/mb/MBGenerate.C:356:10:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    fd = fopen(buf, "w");
data/dx-4.4.4/src/uipp/mb/MBGenerate.C:522:49:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    int        i, nin, nout, n_GF_in, n_GF_out, open;
data/dx-4.4.4/src/uipp/mb/MBGenerate.C:533:10:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    fd = fopen(buf, "w");
data/dx-4.4.4/src/uipp/mb/MBGenerate.C:584:38:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
fprintf(fd, "%s   int, int, int *", (open)?COMMA_AND_NEWLINE:"");
data/dx-4.4.4/src/uipp/mb/MBGenerate.C:589:39:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
fprintf(fd, "%s    int, int, int *", (open)?COMMA_AND_NEWLINE:"");
data/dx-4.4.4/src/uipp/mb/MBGenerate.C:597:33:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
fprintf(fd, "%s    int, %s *", (open)?COMMA_AND_NEWLINE:"", type);
data/dx-4.4.4/src/uipp/mb/MBGenerate.C:605:33:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
fprintf(fd, "%s    int, %s *", (open)?COMMA_AND_NEWLINE:"", type);
data/dx-4.4.4/src/uipp/mb/MBGenerate.C:1673:45:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
fprintf(fd, "%s    c_knt, c_nv, c_counts", (open)?COMMA_AND_NEWLINE:"");
data/dx-4.4.4/src/uipp/mb/MBGenerate.C:1678:57:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
fprintf(fd, "%s    c_knt, c_nv, (int *)c_connections", (open)?COMMA_AND_NEWLINE:"");
data/dx-4.4.4/src/uipp/mb/MBGenerate.C:1686:53:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
fprintf(fd, "%s    in_knt[%d], (%s *)in_data[%d]", (open)?COMMA_AND_NEWLINE:"", i, type, i);
data/dx-4.4.4/src/uipp/mb/MBGenerate.C:1694:55:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
fprintf(fd, "%s    out_knt[%d], (%s *)out_data[%d]", (open)?COMMA_AND_NEWLINE:"", i, type, i);
data/dx-4.4.4/src/uipp/mb/MBGenerate.C:1746:58:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
fprintf(fd, "%s    int c_knt, int c_nv, int *c_counts", (open)?COMMA_AND_NEWLINE:"");
data/dx-4.4.4/src/uipp/mb/MBGenerate.C:1751:63:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
fprintf(fd, "%s    int c_knt, int c_nv, int *c_connections", (open)?COMMA_AND_NEWLINE:"");
data/dx-4.4.4/src/uipp/mb/MBGenerate.C:1759:47:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
fprintf(fd, "%s    int %s_knt, %s *%s_data", (open)?COMMA_AND_NEWLINE:"", in[i]->name, type, in[i]->name);
data/dx-4.4.4/src/uipp/mb/MBGenerate.C:1767:47:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
fprintf(fd, "%s    int %s_knt, %s *%s_data", (open)?COMMA_AND_NEWLINE:"", out[i]->name, type, out[i]->name);
data/dx-4.4.4/src/uipp/mb/MBGenerate.C:1911:10:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    in = fopen(buf, "r");
data/dx-4.4.4/src/uipp/mb/MBGenerate.C:1974:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char linebuf[MAXLINE];
data/dx-4.4.4/src/uipp/mb/MBGenerate.C:2069:10:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    fd = fopen(buf, "r");
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:1419:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   *name[2];
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:1450:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   *name[8];
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:1485:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   *name[10];
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:1521:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   *name[10];
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:1558:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   *name[3];
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:1588:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   *name[3];
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:1618:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   *name[6];
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:1651:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   *name[3];
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:1740:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   *name[20];
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:1862:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char        name_string[64];
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:1889:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf(name_string,"input_%d",i+1);
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:1934:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char        name_string[64];
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:1961:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf(name_string,"output_%d",i+1);
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:2415:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tmp[4096];
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:2451:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tmp[4096];
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:2484:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tmp[4096];
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:2813:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char title[256];
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:2849:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(title, "Module Builder: ");
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:3324:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char line[4096];
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:3326:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char title[256];
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:3351:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(title, "Module Builder: ");
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:3860:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char new_string[4096];
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:3983:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char	  title[512];
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:3984:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char	  build_name[512];
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:3985:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char	  exists_msg[512];
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:4016:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat(title, "Module Builder: ");
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:4037:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(title, "Module Builder: ");
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:4044:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(exists_msg, "Overwrite existing file(s)?\n");
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:4144:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char	  gen_msg[512];
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:4145:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char	  system_command[256];
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:4183:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(gen_msg, "The following files have been generated:\n");
data/dx-4.4.4/src/uipp/prompter/Browser.C:829:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char mark_str[2];
data/dx-4.4.4/src/uipp/prompter/Browser.C:933:13:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	line_num = atoi(str);
data/dx-4.4.4/src/uipp/prompter/Browser.C:947:13:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	line_num = atoi(str) + browser->marker_line_no;
data/dx-4.4.4/src/uipp/prompter/Browser.C:1024:8:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	pos = atoi(str);
data/dx-4.4.4/src/uipp/prompter/Browser.C:1054:8:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	pos = atoi(str);
data/dx-4.4.4/src/uipp/prompter/Browser.C:1089:8:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	pos = atoi(str) + browser->marker_pos;
data/dx-4.4.4/src/uipp/prompter/Browser.C:1161:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char		string[256];
data/dx-4.4.4/src/uipp/prompter/Browser.C:1193:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(string, "%ld", line_no);
data/dx-4.4.4/src/uipp/prompter/Browser.C:1199:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(string, "%ld", position);
data/dx-4.4.4/src/uipp/prompter/Browser.C:1205:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(string, "%d", start_of_line_offset);
data/dx-4.4.4/src/uipp/prompter/Browser.C:1213:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(string, "%ld", marker_byte_offset);
data/dx-4.4.4/src/uipp/prompter/Browser.C:1279:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(string, "%ld", line_no);
data/dx-4.4.4/src/uipp/prompter/Browser.C:1329:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char title[512];
data/dx-4.4.4/src/uipp/prompter/Browser.C:1356:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(title, "File Browser: ");
data/dx-4.4.4/src/uipp/prompter/Browser.h:81:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char marker_char[2];
data/dx-4.4.4/src/uipp/prompter/CommandTextPopup.C:58:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char help_msg[128];
data/dx-4.4.4/src/uipp/prompter/CommandTextPopup.C:62:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char *more_items[MAXITEMS];
data/dx-4.4.4/src/uipp/prompter/CommandTextPopup.C:76:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf (help_msg, "The raw data file.");
data/dx-4.4.4/src/uipp/prompter/CommandTextPopup.C:120:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat(sampDat, "samples/data");
data/dx-4.4.4/src/uipp/prompter/CommandTextPopup.C:122:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat(sampDat, "/samples/data");
data/dx-4.4.4/src/uipp/prompter/FileContents.C:126:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char junk_file[512];
data/dx-4.4.4/src/uipp/prompter/FileContents.C:133:15:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	FILE* junk = fopen(this->sans_extension, "w");
data/dx-4.4.4/src/uipp/prompter/FileContents.C:143:19:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    FILE* in_fp = fopen(this->in_file_name, "r");
data/dx-4.4.4/src/uipp/prompter/FileContents.C:160:20:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    this->out_fp = fopen (this->out_file_name, "w");
data/dx-4.4.4/src/uipp/prompter/GARApplication.C:570:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char tmpstr[256];
data/dx-4.4.4/src/uipp/prompter/GARApplication.C:748:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[1024];
data/dx-4.4.4/src/uipp/prompter/GARChooserWindow.C:447:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		    char msg[256];
data/dx-4.4.4/src/uipp/prompter/GARChooserWindow.C:448:7:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		    sprintf (msg, "File extension / Data type mismatch.");
data/dx-4.4.4/src/uipp/prompter/GARChooserWindow.C:702:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char tbuf[512];
data/dx-4.4.4/src/uipp/prompter/GARChooserWindow.C:758:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(dirspec, "\\*");
data/dx-4.4.4/src/uipp/prompter/GARChooserWindow.C:760:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(dirspec, "/*");
data/dx-4.4.4/src/uipp/prompter/GARChooserWindow.C:799:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy (&cfg_file[cfg_spot], ".cfg");
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:2451:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char	line[4096];
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:2936:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char        name[100];
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:3071:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char        name[100];
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:3303:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   	*name[3];
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:3463:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char     *name[3];
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:3575:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *name[2];
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:3856:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   *name[12];
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:3910:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   *name[10];
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:3952:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   *name[2];
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:3984:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *name[2];
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:4068:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *name[2];
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:4095:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *name[4];
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:4319:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char tmpbuf[32];
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:4359:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char newname[256];
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:4366:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(newname, "field%d", n);
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:4713:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	    char filter[256];
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:4717:6:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	    strcat(filter,"/*");
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:4903:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tmp[4096];
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:4926:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy(tmp, "0.");
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:4994:26:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
         num_elements *= atoi(XmTextGetString(gmw->grid_text[i]));
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:5024:9:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	       atoi(XmTextGetString(gmw->grid_text[i]));
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:5677:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char tmpbuf[32];
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:5725:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char cp[64];
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:5731:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf (cp, "string[%d]", size);
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:6112:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char title[256];
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:6120:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(title, "Data Prompter: ");
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:6717:32:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
               num_elements *= atoi(XmTextGetString(this->grid_text[i]));
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:6754:11:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
			       atoi(XmTextGetString(this->grid_text[i]));
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:6757:11:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
			       atoi(XmTextGetString(this->points_text));
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:6848:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char line[4096];
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:6851:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char title[256];
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:6861:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(title, "Data Prompter: ");
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:7019:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char str[4][1024];
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:7041:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char str[4][1024];
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:7178:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char final_str[256];
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:7586:26:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          num_elements = atoi(tmpstr);
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:7629:24:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	       num_elements = atoi(tmpstr);
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:7638:10:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	    	   strcat(posstr, ", ");
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:7655:11:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
   	      strcat(posstr, ", ");
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:7813:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char new_string[4096];
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:7844:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char name[32];
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:7849:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(name, "field%d", i+1);
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:8072:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   *name[2];
data/dx-4.4.4/src/uipp/prompter/GridChoice.C:384:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char structure[256];
data/dx-4.4.4/src/uipp/prompter/GridChoice.C:385:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(structure, "%d-vector", dim);
data/dx-4.4.4/src/uipp/prompter/GridChoice.C:396:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char fieldname[256];
data/dx-4.4.4/src/uipp/prompter/GridChoice.C:397:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(fieldname, "field%d", i);
data/dx-4.4.4/src/uipp/prompter/GridChoice.C:452:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char structure[256];
data/dx-4.4.4/src/uipp/prompter/GridChoice.C:453:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(structure, "%d-vector", dim);
data/dx-4.4.4/src/uipp/prompter/GridChoice.C:464:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char fieldname[256];
data/dx-4.4.4/src/uipp/prompter/GridChoice.C:465:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(fieldname, "field%d", i);
data/dx-4.4.4/src/uipp/prompter/GridChoice.C:539:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char msg[128];
data/dx-4.4.4/src/uipp/prompter/GridChoice.C:545:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf (msg, "The file is available but is not ascii.");
data/dx-4.4.4/src/uipp/prompter/GridChoice.C:551:21:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
                    sprintf (msg,
data/dx-4.4.4/src/uipp/prompter/GridChoice.C:554:21:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
                    sprintf (msg, 
data/dx-4.4.4/src/uipp/prompter/GridChoice.C:561:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf (msg, "Only files which the import module can read can be tested.");
data/dx-4.4.4/src/uipp/prompter/GridChoice.C:568:21:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
                    sprintf (msg,
data/dx-4.4.4/src/uipp/prompter/GridChoice.C:571:21:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
                    sprintf (msg, 
data/dx-4.4.4/src/uipp/prompter/GridChoice.C:578:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf (msg, "Only files which the import module can read can be tested.");
data/dx-4.4.4/src/uipp/prompter/GridChoice.C:651:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char net_file[512];
data/dx-4.4.4/src/uipp/prompter/GridChoice.C:679:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char net_file[512];
data/dx-4.4.4/src/uipp/prompter/ImageChoice.C:171:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char net_file[512];
data/dx-4.4.4/src/uipp/prompter/ImageChoice.C:179:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *args[4];
data/dx-4.4.4/src/uipp/prompter/ImportableChoice.C:53:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char msg[256];
data/dx-4.4.4/src/uipp/prompter/SpreadSheetChoice.C:392:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char net_file[512];
data/dx-4.4.4/src/uipp/prompter/SpreadSheetChoice.C:428:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char tbuf[16];
data/dx-4.4.4/src/uipp/prompter/SpreadSheetChoice.C:429:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf (tbuf, "%d", start);
data/dx-4.4.4/src/uipp/prompter/SpreadSheetChoice.C:431:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf (tbuf, "%d", end);
data/dx-4.4.4/src/uipp/prompter/SpreadSheetChoice.C:433:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf (tbuf, "%d", delta);
data/dx-4.4.4/src/uipp/prompter/SpreadSheetChoice.C:520:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char net_file[512];
data/dx-4.4.4/src/uipp/prompter/SpreadSheetChoice.C:573:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char tbuf[16];
data/dx-4.4.4/src/uipp/prompter/SpreadSheetChoice.C:574:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf (tbuf, "%d", start);
data/dx-4.4.4/src/uipp/prompter/SpreadSheetChoice.C:578:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf (tbuf, "%d", end);
data/dx-4.4.4/src/uipp/prompter/SpreadSheetChoice.C:582:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf (tbuf, "%d", delta);
data/dx-4.4.4/src/uipp/prompter/TypeChoice.C:646:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char net_file[512];
data/dx-4.4.4/src/uipp/prompter/TypeChoice.C:672:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char net_file[512];
data/dx-4.4.4/src/uipp/startup/StartupWindow.C:415:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char *args[30], *cmdstr;
data/dx-4.4.4/src/uipp/startup/StartupWindow.C:620:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char path[512];
data/dx-4.4.4/src/uipp/startup/StartupWindow.C:681:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(url, "file://");
data/dx-4.4.4/src/uipp/startup/StartupWindow.C:683:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(url, "/html/pages/qikgu011.htm");
data/dx-4.4.4/src/uipp/startup/StartupWindow.C:691:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char *args[5], *cmdstr;
data/dx-4.4.4/src/uipp/startup/StartupWindow.C:789:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char helpfile[1024];
data/dx-4.4.4/src/uipp/startup/StartupWindow.C:792:16:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    if (!(fp = fopen(helpfile, "r"))) {
data/dx-4.4.4/src/uipp/startup/StartupWindow.C:834:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char cmdstr[2048];
data/dx-4.4.4/src/uipp/startup/StartupWindow.C:908:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[1024];
data/dx-4.4.4/src/uipp/startup/StartupWindow.C:933:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[1024];
data/dx-4.4.4/src/uipp/tutor/TutorApplication.C:355:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[BUFSIZ];
data/dx-4.4.4/src/uipp/tutor/TutorApplication.C:356:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char mesg[BUFSIZ];
data/dx-4.4.4/src/uipp/tutor/TutorApplication.C:357:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char number[32];
data/dx-4.4.4/src/uipp/tutor/TutorApplication.C:366:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(number, "%d", event->request_code);
data/dx-4.4.4/src/uipp/tutor/TutorApplication.C:369:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(buffer, "Extension %d", event->request_code);
data/dx-4.4.4/src/uipp/tutor/TutorApplication.C:376:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(mesg, "Extension %d.%d",
data/dx-4.4.4/src/uipp/widgets/ColorMapEditor.c:952:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy (new->color_map_editor.g.color, 
data/dx-4.4.4/src/uipp/widgets/ColorMapEditor.c:1116:14:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if ( (fp = fopen(filename, "w")) == NULL)
data/dx-4.4.4/src/uipp/widgets/ColorMapEditor.c:1238:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(cmew->color_map_editor.bins, bins, num_bins * sizeof(bins[0]));
data/dx-4.4.4/src/uipp/widgets/ControlColor.c:67:10:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
unsigned char 	uncomp[256];
data/dx-4.4.4/src/uipp/widgets/ControlColor.c:68:10:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
unsigned char 	comp[256];
data/dx-4.4.4/src/uipp/widgets/ControlColor.c:244:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    qsort((char *)sort, RR*GG*BB, sizeof(sort[0]), compare);
data/dx-4.4.4/src/uipp/widgets/ControlField.c:65:11:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    (void)memcpy(wargs, args, num_args * sizeof(Arg));
data/dx-4.4.4/src/uipp/widgets/ControlField.c:303:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char string[256];	/* buffer to recieve ASCII code	     */
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:199:8:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	(void)memcpy((char *)&map->points[i], (char *)&map->points[i-1], 
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:201:8:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	(void)memcpy((char *)&map->boxes[i], (char *)&map->boxes[i-1], 
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:351:8:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	(void)memcpy((char *)&map->points[i-1], (char *)&map->points[i], 
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:353:8:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	(void)memcpy((char *)&map->boxes[i-1], (char *)&map->boxes[i], 
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:1764:14:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if ( (fp = fopen(filename, "r")) == NULL)
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:1767:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(message, "Cannot open color map file \"");
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:1769:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(message, "\".");
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:1798:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(message, "Error occurred while reading color map file \"");
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:1800:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(message, "\".");
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:1810:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(message, "Error occurred while reading color map file \"");
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:1812:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(message, "\".");
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:1850:2:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	strcpy(message, "Error occurred while reading color map file \"");
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:1852:2:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	strcat(message, "\".");
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:1864:6:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	    strcpy(message, "Error occurred while reading color map file \"");
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:1866:6:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	    strcat(message, "\".");
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:1876:6:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	    strcpy(message, "Error occurred while reading color map file \"");
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:1878:6:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	    strcat(message, "\".");
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:1888:6:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	    strcpy(message, "Error occurred while reading color map file \"");
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:1890:6:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	    strcat(message, "\".");
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:1900:6:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	    strcpy(message, "Error occurred while reading color map file \"");
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:1902:6:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	    strcat(message, "\".");
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:1912:6:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	    strcpy(message, "Error occurred while reading color map file \"");
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:1914:6:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
	    strcat(message, "\".");
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:1966:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
		strcpy(message,
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:1969:3:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
		strcat(message, "\".");
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:1979:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
		strcpy(message,
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:1982:3:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
		strcat(message, "\".");
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:1992:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
		strcpy(message,
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:1995:3:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
		strcat(message, "\".");
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:2005:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
		strcpy(message,
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:2008:3:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
		strcat(message, "\".");
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:2018:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
		strcpy(message,
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:2021:3:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
		strcat(message, "\".");
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:2046:7:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
      strcpy(message,
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:2049:7:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
      strcat(message, "\".");
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:2664:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char	    string[256];
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:2675:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(string, "%g", cmew->color_map_editor.value_minimum +
data/dx-4.4.4/src/uipp/widgets/FrameControl.c:282:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char string[100];
data/dx-4.4.4/src/uipp/widgets/FrameControl.c:407:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(string,"Current: %d    ",new->frame_control.current_value);
data/dx-4.4.4/src/uipp/widgets/FrameControl.c:411:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(string,"Current:        ");
data/dx-4.4.4/src/uipp/widgets/FrameControl.c:438:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char string[100];
data/dx-4.4.4/src/uipp/widgets/FrameControl.c:449:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(string,"Current: %d",new->frame_control.current_value);
data/dx-4.4.4/src/uipp/widgets/FrameControl.c:453:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(string,"Current:");
data/dx-4.4.4/src/uipp/widgets/FrameControl.c:467:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(string,"Current: %d",new->frame_control.current_value);
data/dx-4.4.4/src/uipp/widgets/FrameControl.c:471:6:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    sprintf(string,"Current:");
data/dx-4.4.4/src/uipp/widgets/Grid.c:46:11:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    (void)memcpy((char *)wargs, (char *)args, num_args * sizeof(Arg));
data/dx-4.4.4/src/uipp/widgets/MultiText.c:674:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char  buf[MAX_STR_LEN];
data/dx-4.4.4/src/uipp/widgets/MultiText.c:813:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char    buf[MAX_STR_LEN];
data/dx-4.4.4/src/uipp/widgets/MultiText.c:1065:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char           buf[32];
data/dx-4.4.4/src/uipp/widgets/MultiText.c:1096:10:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  static char                      mondoBuffer[MAX_BUFF_SIZE], *space = " ", *cr = "\n";
data/dx-4.4.4/src/uipp/widgets/MultiText.c:1574:11:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
  switch (atoi(*argv))
data/dx-4.4.4/src/uipp/widgets/MultiText.c:1610:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
  sprintf(str, "testing%d", i++);
data/dx-4.4.4/src/uipp/widgets/MultiText.c:3049:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buf[MAX_STR_LEN];
data/dx-4.4.4/src/uipp/widgets/Number.c:686:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char string[2*MAX_EDITOR_STRLEN];	/* buffer to recieve ASCII code	     */
data/dx-4.4.4/src/uipp/widgets/Number.c:821:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char temp_string[MAX_EDITOR_STRLEN];
data/dx-4.4.4/src/uipp/widgets/Number.c:858:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char temp_string[MAX_EDITOR_STRLEN];
data/dx-4.4.4/src/uipp/widgets/Number.c:1069:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char message[100];
data/dx-4.4.4/src/uipp/widgets/Number.c:1079:8:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	(void)sprintf(message, "Negative value not permitted.");
data/dx-4.4.4/src/uipp/widgets/Number.c:1087:10:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	place = sprintf(message, "Invalid character.");
data/dx-4.4.4/src/uipp/widgets/Number.c:1090:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		(void)sprintf(&message[place - 1], ": '%c'\n",
data/dx-4.4.4/src/uipp/widgets/Number.c:1093:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		(void)sprintf(&message[place - 1], ": <%o>\n",
data/dx-4.4.4/src/uipp/widgets/Number.c:1108:8:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	(void)sprintf(message, "Value must be integer.");
data/dx-4.4.4/src/uipp/widgets/Number.c:1113:8:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	(void)sprintf(message, "Exponential notation not permitted.");
data/dx-4.4.4/src/uipp/widgets/Number.c:1118:8:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	(void)sprintf(message, 
data/dx-4.4.4/src/uipp/widgets/Number.c:1125:8:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	(void)sprintf(message, "Value is greater than the maximum: %g.",
data/dx-4.4.4/src/uipp/widgets/Number.c:1131:8:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	(void)sprintf(message, "Value is less than the minimum: %g.",
data/dx-4.4.4/src/uipp/widgets/Number.c:1139:8:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	(void)sprintf(message, "Input not parseable.");
data/dx-4.4.4/src/uipp/widgets/NumberInput.h:41:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char string[MAX_EDITOR_STRLEN];
data/dx-4.4.4/src/uipp/widgets/NumberOutput.c:101:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char string[32];
data/dx-4.4.4/src/uipp/widgets/NumberOutput.c:243:8:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	(void)sprintf(nw->number.format, "%%%1d.%1df",
data/dx-4.4.4/src/uipp/widgets/NumberOutput.c:247:8:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	(void)sprintf(nw->number.format, "%%%1dd", nw->number.char_places );
data/dx-4.4.4/src/uipp/widgets/NumberOutput.c:404:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char format[128];
data/dx-4.4.4/src/uipp/widgets/NumberOutput.c:411:12:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
	    (void)strcpy(string, "0.0");
data/dx-4.4.4/src/uipp/widgets/NumberOutput.c:415:12:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	    (void)sprintf(format, "%%.%df", nw->number.decimal_places);
data/dx-4.4.4/src/uipp/widgets/NumberP.h:83:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   char		format[12];	/* Print format for fixed point or integer    */
data/dx-4.4.4/src/uipp/widgets/NumberP.h:113:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   char string[MAX_EDITOR_STRLEN+1];
data/dx-4.4.4/src/uipp/widgets/NumericList.c:447:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char 			string[100];
data/dx-4.4.4/src/uipp/widgets/NumericList.c:450:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char			tmp[100];
data/dx-4.4.4/src/uipp/widgets/NumericList.c:500:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(tmp, "%de", nlw->numeric_list.local_decimal_places[i]);
data/dx-4.4.4/src/uipp/widgets/NumericList.c:506:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(tmp, "%df", nlw->numeric_list.local_decimal_places[i]);
data/dx-4.4.4/src/uipp/widgets/NumericList.c:874:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char		tmp[100];
data/dx-4.4.4/src/uipp/widgets/NumericList.c:877:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char		string[100];
data/dx-4.4.4/src/uipp/widgets/NumericList.c:931:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(tmp, "%de", nlw->numeric_list.local_decimal_places[i]);
data/dx-4.4.4/src/uipp/widgets/NumericList.c:937:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(tmp, "%df", nlw->numeric_list.local_decimal_places[i]);
data/dx-4.4.4/src/uipp/widgets/NumericList.c:1327:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(s, "SW");
data/dx-4.4.4/src/uipp/widgets/Picture.c:516:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char			dash_list[2];
data/dx-4.4.4/src/uipp/widgets/Picture.c:655:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char		dash_list[2];
data/dx-4.4.4/src/uipp/widgets/Picture.c:3157:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char           buffer[20];
data/dx-4.4.4/src/uipp/widgets/Picture.c:3234:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char           buffer[20];
data/dx-4.4.4/src/uipp/widgets/Picture.c:4116:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char tmp_bits[8];
data/dx-4.4.4/src/uipp/widgets/Picture.c:8017:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char	    string[10];
data/dx-4.4.4/src/uipp/widgets/Picture.c:8189:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char	text[256];
data/dx-4.4.4/src/uipp/widgets/Picture.c:8219:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(text, "( %8g, %8g, %8g )", cb.x, cb.y, cb.z);
data/dx-4.4.4/src/uipp/widgets/SlideBar.c:956:16:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
   increment = atoi(*argv);
data/dx-4.4.4/src/uipp/widgets/Stepper.c:467:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy (prop, resp, sizeof(XtWidgetGeometry));
data/dx-4.4.4/src/uipp/widgets/Stepper.c:1046:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char string[32];
data/dx-4.4.4/src/uipp/widgets/Stepper.c:1078:8:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
       sprintf(string, "%8.1e", sw->stepper.value_step.d);
data/dx-4.4.4/src/uipp/widgets/Stepper.c:1108:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char   	string[100];
data/dx-4.4.4/src/uipp/widgets/Stepper.c:1154:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(string, "%8.1e", value);
data/dx-4.4.4/src/uipp/widgets/VCRControl.c:748:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char                 string[100];
data/dx-4.4.4/src/uipp/widgets/VCRControl.c:764:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(string, "55555");
data/dx-4.4.4/src/uipp/widgets/VCRControl.c:778:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(string, "%5d", vcr->vcr_control.current_value);
data/dx-4.4.4/src/uipp/widgets/VCRControl.c:780:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(string, "     ");
data/dx-4.4.4/src/uipp/widgets/VCRControl.c:1251:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char string[100];
data/dx-4.4.4/src/uipp/widgets/VCRControl.c:1258:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(string, "%4d", vcr->vcr_control.current_value);
data/dx-4.4.4/src/uipp/widgets/WorkspaceW.c:3929:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char msg[512];
data/dx-4.4.4/src/uipp/widgets/WorkspaceW.c:5401:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ww->workspace.collide_list_x, cl_ptr, block_size);
data/dx-4.4.4/src/uipp/widgets/WorkspaceW.c:5424:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ww->workspace.collide_list_y, cl_ptr, block_size);
data/dx-4.4.4/src/uipp/widgets/XmDX.h:579:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&((a).value), &c, sizeof(double));
data/dx-4.4.4/src/uipp/widgets/XmDX.h:582:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	(memcpy(&dx_l, &a, sizeof(double)), dx_l)
data/dx-4.4.4/include/dx/arch.h:766:20:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
#define GETC(file) getc(file)
data/dx-4.4.4/src/exec/dpexec/cachegraph.c:66:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	size = strlen ((char *)p);
data/dx-4.4.4/src/exec/dpexec/cachegraph.c:300:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if ( strlen(mod) > sizeof(mod_cache_str)-1 )
data/dx-4.4.4/src/exec/dpexec/cachegraph.c:502:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		size = strlen (n->procgroupid);
data/dx-4.4.4/src/exec/dpexec/ccm.c:155:60:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    length = sizeof (userver) - sizeof(userver.sun_path) + strlen (userver.sun_path);
data/dx-4.4.4/src/exec/dpexec/ccm.c:157:16:  [1] (access) umask:
  Ensure that umask is given most restrictive possible setting (e.g., 066 or
  077) (CWE-732).
    oldUmask = umask(0);
data/dx-4.4.4/src/exec/dpexec/ccm.c:160:5:  [1] (access) umask:
  Ensure that umask is given most restrictive possible setting (e.g., 066 or
  077) (CWE-732).
    umask(oldUmask);
data/dx-4.4.4/src/exec/dpexec/ccm.c:286:57:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	length = sizeof (userver) - sizeof(userver.sun_path) + strlen (userver.sun_path);
data/dx-4.4.4/src/exec/dpexec/command.c:348:72:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                _dxf_ExDistributeMsg(DM_DELETEPEER, (Pointer)savehost, strlen(savehost)+1, TOSLAVES);
data/dx-4.4.4/src/exec/dpexec/command.c:435:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            optlen = strlen(options) + 1;
data/dx-4.4.4/src/exec/dpexec/command.c:495:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                            if(optlen > (strlen(index->options) + 1));
data/dx-4.4.4/src/exec/dpexec/command.c:527:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                            if(optlen > (strlen(index->options) + 1))
data/dx-4.4.4/src/exec/dpexec/command.c:723:9:  [1] (buffer) sscanf:
  It's unclear if the %s limit in the format string is small enough
  (CWE-120). Check that the limit is sufficiently small, or use a different
  input function.
    if (sscanf (next, "%1023s", buf) != 1) {
data/dx-4.4.4/src/exec/dpexec/command.c:737:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for (next = next + strlen (buf); next && *next && isspace (*next); next++)
data/dx-4.4.4/src/exec/dpexec/command.c:851:12:  [1] (buffer) sscanf:
  It's unclear if the %s limit in the format string is small enough
  (CWE-120). Check that the limit is sufficiently small, or use a different
  input function.
	    ret = sscanf (c, "%1023s", help);
data/dx-4.4.4/src/exec/dpexec/command.c:862:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    for (c = c + strlen (help); *c && isspace (*c); c++)
data/dx-4.4.4/src/exec/dpexec/command.c:1058:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            hostlen = strlen(hoststr);
data/dx-4.4.4/src/exec/dpexec/command.c:1077:6:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	    strncpy(hostname, hoststr, hostlen);
data/dx-4.4.4/src/exec/dpexec/command.c:1085:17:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
                strncpy(username, userstr, userlen);
data/dx-4.4.4/src/exec/dpexec/command.c:1099:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy(pgassign.pgname, str, grouplen);
data/dx-4.4.4/src/exec/dpexec/command.c:1257:66:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    return _dxf_ExRunOn (1, _dxfLoadUserInteractors, (Pointer)c, strlen(c)+1);
data/dx-4.4.4/src/exec/dpexec/command.c:1338:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen (c) + 1;
data/dx-4.4.4/src/exec/dpexec/command.c:1570:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        n = strlen(buf);
data/dx-4.4.4/src/exec/dpexec/distconnect.c:193:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            dpslaveid.namelen = strlen(dpslaveid.name) + 1;
data/dx-4.4.4/src/exec/dpexec/distconnect.c:275:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(_dxd_exHostName) + 1;
data/dx-4.4.4/src/exec/dpexec/distconnect.c:329:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            len = strlen(index->prochostname) + 1;
data/dx-4.4.4/src/exec/dpexec/distconnect.c:370:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(index2->prochostname) + 1;
data/dx-4.4.4/src/exec/dpexec/distconnect.c:407:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            len = strlen(index->prochostname) + 1;
data/dx-4.4.4/src/exec/dpexec/distpacket.c:116:8:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	sts = read(fd, ((char*)buffer) + already, size);
data/dx-4.4.4/src/exec/dpexec/distpacket.c:471:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          len = strlen(name) + 1;
data/dx-4.4.4/src/exec/dpexec/distpacket.c:536:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(pkg->varname) + 1;
data/dx-4.4.4/src/exec/dpexec/dpparse.c:519:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		str = DXAllocate(strlen(p->v.id.id) + 1);
data/dx-4.4.4/src/exec/dpexec/dpparse.c:525:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		str = DXAllocate(strlen(p->v.id.id) + 1);
data/dx-4.4.4/src/exec/dpexec/dpparse.c:544:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	str = DXAllocate(strlen("MacroStart") + 1);
data/dx-4.4.4/src/exec/dpexec/dpparse.c:548:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	str = DXAllocate(strlen("cache") + 1);
data/dx-4.4.4/src/exec/dpexec/dpparse.c:602:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		str = DXAllocate(strlen(p->v.id.id) + 1);
data/dx-4.4.4/src/exec/dpexec/dpparse.c:608:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		str = DXAllocate(strlen(p->v.id.id) + 1);
data/dx-4.4.4/src/exec/dpexec/dpparse.c:626:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	str = DXAllocate(strlen("MacroEnd") + 1);
data/dx-4.4.4/src/exec/dpexec/dpparse.c:630:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	str = DXAllocate(strlen("cache") + 1);
data/dx-4.4.4/src/exec/dpexec/dxThreadMain.cpp:290:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		largv[i] = new char[strlen(argv[i])+1];
data/dx-4.4.4/src/exec/dpexec/dxThreadMain.cpp:841:17:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
                read(RQ_fd, &c, 1);
data/dx-4.4.4/src/exec/dpexec/dxThreadMain.cpp:1026:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    write(fileno (stdout), EMESS, strlen(EMESS));
data/dx-4.4.4/src/exec/dpexec/dxThreadMain.cpp:1030:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        write (fileno (stdout), cp, strlen (cp));
data/dx-4.4.4/src/exec/dpexec/dxThreadMain.cpp:1034:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        write(fileno (stdout), message, strlen (message));
data/dx-4.4.4/src/exec/dpexec/dxThreadMain.cpp:1676:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
               strlen (DXD_COPYRIGHT_STRING));
data/dx-4.4.4/src/exec/dpexec/dxThreadMain.cpp:1752:5:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
    strcat(buf, "\n");
data/dx-4.4.4/src/exec/dpexec/dxThreadMain.cpp:1753:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    write(fileno(stdout),buf,strlen(buf));
data/dx-4.4.4/src/exec/dpexec/dxThreadMain.cpp:1899:11:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    ret = read(fd, &c, 1);
data/dx-4.4.4/src/exec/dpexec/dxmain.c:563:17:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
                read(RQ_fd, &c, 1);
data/dx-4.4.4/src/exec/dpexec/dxmain.c:778:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    write(fileno (stdout), EMESS, strlen(EMESS));
data/dx-4.4.4/src/exec/dpexec/dxmain.c:782:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        write (fileno (stdout), cp, strlen (cp));
data/dx-4.4.4/src/exec/dpexec/dxmain.c:786:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        write(fileno (stdout), message, strlen (message));
data/dx-4.4.4/src/exec/dpexec/dxmain.c:995:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
               strlen (DXD_COPYRIGHT_STRING));
data/dx-4.4.4/src/exec/dpexec/dxmain.c:1096:5:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
    strcat(buf, "\n");
data/dx-4.4.4/src/exec/dpexec/dxmain.c:1097:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    write(fileno(stdout),buf,strlen(buf));
data/dx-4.4.4/src/exec/dpexec/dxmain.c:1720:11:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    ret = read(fd, &c, 1);
data/dx-4.4.4/src/exec/dpexec/dxpfsmgr.c:132:2:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	strcat(dname, ":");
data/dx-4.4.4/src/exec/dpexec/dxpfsmgr.c:181:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	strcpy(buf+strlen(partname), gm_buf + i * PFS_NAME_LEN);
data/dx-4.4.4/src/exec/dpexec/evalgraph.c:1000:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        *len = strlen(bell);
data/dx-4.4.4/src/exec/dpexec/evalgraph.c:1340:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy(buf + 2, n->name, 30);
data/dx-4.4.4/src/exec/dpexec/evalgraph.c:2977:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    dphostent.name = (char *)DXAllocate(strlen(prochost) + 1);
data/dx-4.4.4/src/exec/dpexec/function.c:351:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
					     strlen (exec) + 1, exec);
data/dx-4.4.4/src/exec/dpexec/function.c:355:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
					     strlen (h) + 1, h);
data/dx-4.4.4/src/exec/dpexec/graph.c:776:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
				len += strlen (DXGetString (string));
data/dx-4.4.4/src/exec/dpexec/graph.c:793:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
				p += strlen (p);
data/dx-4.4.4/src/exec/dpexec/graph.c:796:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
				  buffer, strlen (buffer));
data/dx-4.4.4/src/exec/dpexec/graph.c:839:5:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
    strcat (opstr, "(");
data/dx-4.4.4/src/exec/dpexec/graph.c:875:5:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
    strcat (opstr, ")");
data/dx-4.4.4/src/exec/dpexec/graph.c:1256:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        modname = DXAllocateLocal(strlen(name) + 1);
data/dx-4.4.4/src/exec/dpexec/graph.c:2663:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  new = (char *) DXAllocate (strlen (name) + 1);
data/dx-4.4.4/src/exec/dpexec/graph.c:2707:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        tail += strlen(tail);
data/dx-4.4.4/src/exec/dpexec/graph.c:2736:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    return strlen( _dxf_BuildInstanceNumString( instance ) );
data/dx-4.4.4/src/exec/dpexec/graph.c:2753:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
           strlen( *FETCH_LIST( *mod_name_str_table, path->modules[i] ) ) +
data/dx-4.4.4/src/exec/dpexec/graph.c:2771:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    p += strlen(p);
data/dx-4.4.4/src/exec/dpexec/graph.c:2774:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    p += strlen(p);
data/dx-4.4.4/src/exec/dpexec/graph.c:2838:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(str1);
data/dx-4.4.4/src/exec/dpexec/graph.c:2851:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  int   len = strlen(id);
data/dx-4.4.4/src/exec/dpexec/graph.c:2860:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  num_comp = strlen(str) / MODPATH_COMP_STR_LEN;
data/dx-4.4.4/src/exec/dpexec/graph2.c:104:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		len += strlen (_macro_stack[j]);
data/dx-4.4.4/src/exec/dpexec/graph2.c:106:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    len += strlen (warning);	/* for inital message		*/
data/dx-4.4.4/src/exec/dpexec/graph2.c:108:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    len += strlen (name);	/* for bad guy			*/
data/dx-4.4.4/src/exec/dpexec/help.c:49:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	ret = (char *) DXAllocate (strlen (buffer) + 1);
data/dx-4.4.4/src/exec/dpexec/help.c:105:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    ret = (char *) DXAllocate (strlen (buffer) + 1);
data/dx-4.4.4/src/exec/dpexec/lex.c:43:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int l = strlen(b);
data/dx-4.4.4/src/exec/dpexec/lex.c:801:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		yyLeng = strlen (yytext);
data/dx-4.4.4/src/exec/dpexec/license.c:168:5:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
    strcpy(messagebuf,"");
data/dx-4.4.4/src/exec/dpexec/license.c:253:6:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	i = read (out[0], auth_msg, AUTH_MSG_LEN);
data/dx-4.4.4/src/exec/dpexec/license.c:445:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(key,k,27);
data/dx-4.4.4/src/exec/dpexec/license.c:480:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(key) != 26) {
data/dx-4.4.4/src/exec/dpexec/license.c:647:5:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
    strcpy(host,"");
data/dx-4.4.4/src/exec/dpexec/license.c:660:3:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
		strcpy(host,"");
data/dx-4.4.4/src/exec/dpexec/loader.c:793:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    np->filename = (char *)DXAllocate(strlen(filename) + 1);
data/dx-4.4.4/src/exec/dpexec/loader.c:888:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	*outname = (char *)DXAllocateLocalZero(strlen(inname)+3);
data/dx-4.4.4/src/exec/dpexec/loader.c:925:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	*outname = (char *)DXAllocateLocalZero(strlen(inname) +
data/dx-4.4.4/src/exec/dpexec/loader.c:926:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
					       strlen(extension) + 4);
data/dx-4.4.4/src/exec/dpexec/loader.c:946:2:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	strcat(*outname, ".");
data/dx-4.4.4/src/exec/dpexec/loader.c:978:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    bytes = strlen(inname) + 5 + strlen(datadir) + 
data/dx-4.4.4/src/exec/dpexec/loader.c:978:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    bytes = strlen(inname) + 5 + strlen(datadir) + 
data/dx-4.4.4/src/exec/dpexec/loader.c:979:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	(extension ? strlen(extension) : 0);
data/dx-4.4.4/src/exec/dpexec/loader.c:1006:2:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	strcat(*outname, "/");
data/dx-4.4.4/src/exec/dpexec/loader.c:1015:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		for (i = 0; i < strlen(*outname); i++)
data/dx-4.4.4/src/exec/dpexec/loader.c:1032:6:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	    strcat(*outname, ".");
data/dx-4.4.4/src/exec/dpexec/log.c:139:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	        n = strlen(buf);
data/dx-4.4.4/src/exec/dpexec/log.c:151:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	        n = strlen(buf);
data/dx-4.4.4/src/exec/dpexec/log.c:161:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    n = strlen(buf);
data/dx-4.4.4/src/exec/dpexec/log.c:165:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    mlen = strlen(message);
data/dx-4.4.4/src/exec/dpexec/log.c:272:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy(pkg.data, buf, n+2);
data/dx-4.4.4/src/exec/dpexec/nodewriteb.c:176:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                len = strlen(n->v.id.id)+1;
data/dx-4.4.4/src/exec/dpexec/nodewriteb.c:182:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                len = strlen(n->v.exid.id)+1;
data/dx-4.4.4/src/exec/dpexec/packet.c:210:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(pck.data, packet, length+1);
data/dx-4.4.4/src/exec/dpexec/parsemdf.c:165:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    name = DXAllocateZero (strlen(map->thisarg) + 4);
data/dx-4.4.4/src/exec/dpexec/parsemdf.c:173:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    value = DXAllocateZero (strlen(map->deflt) + 1);
data/dx-4.4.4/src/exec/dpexec/parsemdf.c:247:6:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
				 strlen(mp->m_loadfile)+1) == ERROR) {
data/dx-4.4.4/src/exec/dpexec/parsemdf.c:357:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = (mp->m_name) ? strlen(mp->m_name) : 0;
data/dx-4.4.4/src/exec/dpexec/parsemdf.c:366:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	len = (map->thisarg) ? strlen(map->thisarg) : 0;
data/dx-4.4.4/src/exec/dpexec/parsemdf.c:378:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	len = (map->thisarg) ? strlen(map->thisarg) : 0;
data/dx-4.4.4/src/exec/dpexec/parsemdf.c:387:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = (mp->m_exec) ? strlen(mp->m_exec) : 0;
data/dx-4.4.4/src/exec/dpexec/parsemdf.c:391:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = (mp->m_host) ? strlen(mp->m_host) : 0;
data/dx-4.4.4/src/exec/dpexec/parsemdf.c:397:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = (mp->m_loadfile) ? strlen(mp->m_loadfile) : 0;
data/dx-4.4.4/src/exec/dpexec/parsemdf.c:649:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(newbuf, str, strend-str);
data/dx-4.4.4/src/exec/dpexec/parsemdf.c:679:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(newbuf, str, strend-str);
data/dx-4.4.4/src/exec/dpexec/parsemdf.c:1071:12:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    rlen = read(fd, cp, len);
data/dx-4.4.4/src/exec/dpexec/path.c:30:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int l = strlen (name);
data/dx-4.4.4/src/exec/dpexec/path.c:43:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        l = strlen(tail);
data/dx-4.4.4/src/exec/dpexec/pendingcmds.c:168:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    p->major = DXAllocate(strlen(major) + 1);
data/dx-4.4.4/src/exec/dpexec/pendingcmds.c:175:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(p->major, major, strlen(major) + 1);
data/dx-4.4.4/src/exec/dpexec/pendingcmds.c:175:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    strncpy(p->major, major, strlen(major) + 1);
data/dx-4.4.4/src/exec/dpexec/pendingcmds.c:179:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	p->minor = DXAllocate(strlen(minor) + 1);
data/dx-4.4.4/src/exec/dpexec/pendingcmds.c:183:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy(p->minor, minor, strlen(minor) + 1);
data/dx-4.4.4/src/exec/dpexec/pendingcmds.c:183:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	strncpy(p->minor, minor, strlen(minor) + 1);
data/dx-4.4.4/src/exec/dpexec/queue.c:218:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	(* q->print) (buf + strlen (buf), e->val);
data/dx-4.4.4/src/exec/dpexec/remote.c:121:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120). Risk is low because the source is a
  constant string.
            strncpy( fqdn, "localhost", MAXHOSTNAMELEN );
data/dx-4.4.4/src/exec/dpexec/remote.c:129:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy( fqdn, hp2->h_name, MAXHOSTNAMELEN );
data/dx-4.4.4/src/exec/dpexec/remote.c:204:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if (    strncmp (ep[i], "PATH=", strlen("PATH=")) == 0 ||
data/dx-4.4.4/src/exec/dpexec/remote.c:205:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		strncmp (ep[i], "PATH =", strlen("PATH =")) == 0) 
data/dx-4.4.4/src/exec/dpexec/remote.c:252:7:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
		    strcat (s, "/");
data/dx-4.4.4/src/exec/dpexec/remote.c:334:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		if (!strncmp(ep[i], eignore[j], strlen(eignore[j])))
data/dx-4.4.4/src/exec/dpexec/remote.c:342:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    if ((strncmp(ep[i],"DISPLAY=unix:",strlen("DISPLAY=unix:"))==0 ||
data/dx-4.4.4/src/exec/dpexec/remote.c:343:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		 strncmp(ep[i],"DISPLAY=:",    strlen("DISPLAY=:")) == 0) &&
data/dx-4.4.4/src/exec/dpexec/remote.c:409:9:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
        strcat(cmdpvs, " ");
data/dx-4.4.4/src/exec/dpexec/remote.c:412:5:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
    strcat(cmdpvs, "&");
data/dx-4.4.4/src/exec/dpexec/remote.c:527:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    nbytes = read(fd, buffer, 512);
data/dx-4.4.4/src/exec/dpexec/remote.c:604:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                     (strlen(myhost)+1)*sizeof(char));
data/dx-4.4.4/src/exec/dpexec/remote.c:622:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                     (strlen("-connect")+1)*sizeof(char));
data/dx-4.4.4/src/exec/dpexec/remote.c:630:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                  (strlen(myhost) + 6)*sizeof(char));
data/dx-4.4.4/src/exec/dpexec/remote.c:637:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        sprintf(nargv[r_argc+1]+strlen(myhost), ":%4d", dxport);
data/dx-4.4.4/src/exec/dpexec/remote.c:731:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if (read(fd, &i, sizeof(i)) <= 0) {
data/dx-4.4.4/src/exec/dpexec/remote.c:1160:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    d.del_namelen = strlen(name) + 1;
data/dx-4.4.4/src/exec/dpexec/remote.c:1230:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    nid = DXAllocate(strlen((char *)id) + 1);
data/dx-4.4.4/src/exec/dpexec/sfile.c:197:6:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	b = read(ssf->fd, buf+a, n);
data/dx-4.4.4/src/exec/dpexec/sfile.c:260:15:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	ssf->count = read(ssf->fd, ssf->buffer, BUFSIZ);
data/dx-4.4.4/src/exec/dpexec/socket.c:205:7:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	     strlen (userver.sun_path);
data/dx-4.4.4/src/exec/dpexec/socket.c:207:16:  [1] (access) umask:
  Ensure that umask is given most restrictive possible setting (e.g., 066 or
  077) (CWE-732).
    oldUmask = umask(0);
data/dx-4.4.4/src/exec/dpexec/socket.c:210:5:  [1] (access) umask:
  Ensure that umask is given most restrictive possible setting (e.g., 066 or
  077) (CWE-732).
    umask(oldUmask);
data/dx-4.4.4/src/exec/dpexec/socket.c:429:4:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		 strlen (userver.sun_path);
data/dx-4.4.4/src/exec/dpexec/socket.c:489:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	buffer[read(fd, buffer, 1000)] = '\0';
data/dx-4.4.4/src/exec/dpexec/socket.c:498:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	buffer[read(fd, buffer, 1000)] = '\0';
data/dx-4.4.4/src/exec/dpexec/task.c:621:8:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	len = strlen (emsg);
data/dx-4.4.4/src/exec/dpexec/task.c:623:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy (lbuf, emsg, len);
data/dx-4.4.4/src/exec/dpexec/tmainUtil.cpp:55:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	char *value = new char[strlen(in)+1];
data/dx-4.4.4/src/exec/dpexec/tmainUtil.cpp:56:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	strcpy_s(value, strlen(in)+1, in);
data/dx-4.4.4/src/exec/dpexec/tmainUtil.cpp:70:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for(q = &name[strlen(name)-1]; *q == ' ' && q != p; q--);
data/dx-4.4.4/src/exec/dpexec/tmainUtil.cpp:78:8:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if(strlen(p)) {
data/dx-4.4.4/src/exec/dpexec/tmainUtil.cpp:79:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	for(q = &value[strlen(value)-1]; *q == ' ' && q != p; q--);
data/dx-4.4.4/src/exec/dpexec/tmainUtil.cpp:81:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    newlen = strlen(s);
data/dx-4.4.4/src/exec/dpexec/tmainUtil.cpp:88:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    p = new char[strlen(s) + 1];
data/dx-4.4.4/src/exec/dpexec/tmainUtil.cpp:89:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    strcpy_s(p, strlen(s)+1, s);
data/dx-4.4.4/src/exec/dpexec/tmainUtil.cpp:262:17:  [1] (buffer) getchar:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
		for(i = 0; (c=getchar()) != EOF; i++)
data/dx-4.4.4/src/exec/dpexec/tmainUtil.cpp:604:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	s = new char[strlen(orig) + 1];
data/dx-4.4.4/src/exec/dpexec/tmainUtil.cpp:605:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	strcpy_s(s, strlen(orig)+1, orig);
data/dx-4.4.4/src/exec/dpexec/utils.c:50:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    n   = strlen (old);
data/dx-4.4.4/src/exec/dpexec/utils.c:66:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    n   = strlen (old);
data/dx-4.4.4/src/exec/dpexec/utils.c:113:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy (new, old, len);
data/dx-4.4.4/src/exec/dpexec/utils.c:128:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    new = (char *) DXAllocate (strlen (old) + 1);
data/dx-4.4.4/src/exec/dpexec/utils.c:147:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    size = strlen (old) + 1;
data/dx-4.4.4/src/exec/dpexec/yuiif.c:373:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    n = strlen (buf);
data/dx-4.4.4/src/exec/dpexec/yuiif.c:561:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    ipaths[i].len = strlen (ipaths[i].path);
data/dx-4.4.4/src/exec/dpexec/yuiif.c:605:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy (fname[*fnum], name, 128);
data/dx-4.4.4/src/exec/dpexec/yuiif.c:1568:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
#   define yystrlen strlen
data/dx-4.4.4/src/exec/dpexec/yuiif.c:3322:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy (prevfile, name, 255);
data/dx-4.4.4/src/exec/dxmods/_cat_util.c:44:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    n = strlen( s );
data/dx-4.4.4/src/exec/dxmods/_cat_util.c:68:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    n = strlen( s );
data/dx-4.4.4/src/exec/dxmods/_cat_util.c:89:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    n = strlen( s );
data/dx-4.4.4/src/exec/dxmods/_cat_util.c:111:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    n = strlen( s );
data/dx-4.4.4/src/exec/dxmods/_compinput.c:283:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    res->metaType.shape[0] = strlen(DXGetString((String) o))+1;
data/dx-4.4.4/src/exec/dxmods/_compinput.c:649:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char *ind = spaces + (strlen (spaces) - indent);
data/dx-4.4.4/src/exec/dxmods/_complex.c:286:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    if (strlen(_dxfcctext) > 10 || 
data/dx-4.4.4/src/exec/dxmods/_complex.c:287:4:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		(strlen(_dxfcctext) == 10 && strcmp(_dxfcctext, "2147483647") > 0)) {
data/dx-4.4.4/src/exec/dxmods/_complex.c:374:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
		strncpy (lvalp->s, _dxfcctext, MAX_PARSE_STRING_SIZE);
data/dx-4.4.4/src/exec/dxmods/_compoper.c:547:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	pt->metaType.shape[0] = strlen(DXGetString((String)os->inputs[pt->u.i]))+1;
data/dx-4.4.4/src/exec/dxmods/_compoper.c:998:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		sz1 = strlen(s1);
data/dx-4.4.4/src/exec/dxmods/_compoper.c:1000:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		sz2 = strlen(s2);
data/dx-4.4.4/src/exec/dxmods/_compoper.c:1038:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    out[i] = strlen(&in0[j*vectorLen0]);
data/dx-4.4.4/src/exec/dxmods/_compoper.c:1286:64:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    symbolTable[symbolTableUsed].name = (char*)DXAllocateLocal(strlen(name)+1);
data/dx-4.4.4/src/exec/dxmods/_compparse.c:781:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
#   define yystrlen strlen
data/dx-4.4.4/src/exec/dxmods/_compparse.c:1593:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    yyval.a->metaType.shape[0] = strlen(yyvsp[0].s)+1;
data/dx-4.4.4/src/exec/dxmods/_compputils.c:78:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy (res->u.s, func, MAX_CA_STRING);
data/dx-4.4.4/src/exec/dxmods/_compputils.c:281:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy (res->u.s, name, MAX_CA_STRING);
data/dx-4.4.4/src/exec/dxmods/_compputils.c:297:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy (res->u.s, name, MAX_CA_STRING);
data/dx-4.4.4/src/exec/dxmods/_compputils.c:308:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char *ind = spaces + (strlen (spaces) - indent);
data/dx-4.4.4/src/exec/dxmods/_getfield.c:436:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if ( ( output->name == NULL ) || ( strlen ( output->name ) == 0 ) )
data/dx-4.4.4/src/exec/dxmods/_im_image.c:164:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        for(i=strlen(iargs->basename);i>0;--i) {
data/dx-4.4.4/src/exec/dxmods/_im_image.c:195:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	miff_filename = (char *)DXAllocateLocal(strlen(iargs->basename)+strlen(tmpargs.format)+2);
data/dx-4.4.4/src/exec/dxmods/_im_image.c:195:66:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	miff_filename = (char *)DXAllocateLocal(strlen(iargs->basename)+strlen(tmpargs.format)+2);
data/dx-4.4.4/src/exec/dxmods/_im_image.c:197:2:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	strcat(miff_filename,".");
data/dx-4.4.4/src/exec/dxmods/_im_image.c:229:16:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
        (void) strcat(image_info->filename,".");
data/dx-4.4.4/src/exec/dxmods/_im_image.c:449:13:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
            strcat(image->filename,".");
data/dx-4.4.4/src/exec/dxmods/_im_image.c:546:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if ((strlen(basename) + strlen(framestr) + strlen(extension) + 2) > bufl)
data/dx-4.4.4/src/exec/dxmods/_im_image.c:546:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if ((strlen(basename) + strlen(framestr) + strlen(extension) + 2) > bufl)
data/dx-4.4.4/src/exec/dxmods/_im_image.c:546:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if ((strlen(basename) + strlen(framestr) + strlen(extension) + 2) > bufl)
data/dx-4.4.4/src/exec/dxmods/_im_image.c:645:5:  [1] (buffer) strncat:
  Easily used incorrectly (e.g., incorrectly computing the correct maximum
  size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
  or automatically resizing strings.
    strncat( image_info->filename, name, sizeof( image_info->filename ) - 1 );
data/dx-4.4.4/src/exec/dxmods/_im_image.c:746:5:  [1] (buffer) strncat:
  Easily used incorrectly (e.g., incorrectly computing the correct maximum
  size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
  or automatically resizing strings.
    strncat( image_info->filename, name, sizeof( image_info->filename ) - 1 );
data/dx-4.4.4/src/exec/dxmods/_normals.c:99:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    n = strlen(m)+1;
data/dx-4.4.4/src/exec/dxmods/_post.c:1168:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    origName = (char *)DXAllocate(12+strlen(name));
data/dx-4.4.4/src/exec/dxmods/_postscript.c:1066:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
               row_str_length = strlen(encbuff);
data/dx-4.4.4/src/exec/dxmods/_postscript.c:1073:60:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                   if ((encbuff) && (*encbuff) && (encbuff[strlen(encbuff)-1] != '\n')
data/dx-4.4.4/src/exec/dxmods/_postscript.c:1092:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
               row_str_length = strlen(encbuff);
data/dx-4.4.4/src/exec/dxmods/_postscript.c:1099:60:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                   if ((encbuff) && (*encbuff) && (encbuff[strlen(encbuff)-1] != '\n')
data/dx-4.4.4/src/exec/dxmods/_postscript.c:1121:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
               row_str_length = strlen(encbuff);
data/dx-4.4.4/src/exec/dxmods/_postscript.c:1128:60:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                   if ((encbuff) && (*encbuff) && (encbuff[strlen(encbuff)-1] != '\n')
data/dx-4.4.4/src/exec/dxmods/_postscript.c:1207:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
               row_str_length = strlen(encbuff);
data/dx-4.4.4/src/exec/dxmods/_postscript.c:1214:60:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                   if ((encbuff) && (*encbuff) && (encbuff[strlen(encbuff)-1] != '\n')
data/dx-4.4.4/src/exec/dxmods/_postscript.c:1235:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
               row_str_length = strlen(encbuff);
data/dx-4.4.4/src/exec/dxmods/_postscript.c:1242:60:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                   if ((encbuff) && (*encbuff) && (encbuff[strlen(encbuff)-1] != '\n')
data/dx-4.4.4/src/exec/dxmods/_postscript.c:1263:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
               row_str_length = strlen(encbuff);
data/dx-4.4.4/src/exec/dxmods/_postscript.c:1270:60:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                   if ((encbuff) && (*encbuff) && (encbuff[strlen(encbuff)-1] != '\n')
data/dx-4.4.4/src/exec/dxmods/_postscript.c:1483:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int i, len = strlen(fmt);
data/dx-4.4.4/src/exec/dxmods/_postscript.c:1729:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    l = strlen(b);
data/dx-4.4.4/src/exec/dxmods/_postscript.c:1742:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(t, &b[p], (q-p));
data/dx-4.4.4/src/exec/dxmods/_postscript.c:1750:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(v, &b[q], (r-q));
data/dx-4.4.4/src/exec/dxmods/_postscript.c:2039:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	   seqptr += strlen(NSCENES_STRING);
data/dx-4.4.4/src/exec/dxmods/_rgb_image.c:142:6:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if (strlen(iargs->basename) > MAX_IMAGE_NAMELEN - 5)
data/dx-4.4.4/src/exec/dxmods/_rgb_image.c:549:21:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        if ( ( rl = read ( fh, record, sizeof ( record ) ) ) <= 0 )
data/dx-4.4.4/src/exec/dxmods/_rgb_image.c:624:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if ( strlen ( record ) != write ( fh, (char*)record, strlen ( record ) ) )
data/dx-4.4.4/src/exec/dxmods/_rgb_image.c:624:58:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if ( strlen ( record ) != write ( fh, (char*)record, strlen ( record ) ) )
data/dx-4.4.4/src/exec/dxmods/_rw_image.c:211:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for ( i = strlen ( extended ) - 1;  i >= 0;  i-- )
data/dx-4.4.4/src/exec/dxmods/_rw_image.c:240:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for ( i = strlen ( basename ) - 1;
data/dx-4.4.4/src/exec/dxmods/_rw_image.c:331:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	patlen = strlen(pattern);
data/dx-4.4.4/src/exec/dxmods/_rw_image.c:332:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if (patlen > 255 || strlen(str) > 255) 
data/dx-4.4.4/src/exec/dxmods/_rw_image.c:343:9:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
        strcat(cpy,":");	/* A trailing colon cleans up the algorithm */
data/dx-4.4.4/src/exec/dxmods/_rw_image.c:351:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    len = strlen(p1);
data/dx-4.4.4/src/exec/dxmods/_rw_image.c:407:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for ( i = strlen (name) - 1; i >= 0; i-- )
data/dx-4.4.4/src/exec/dxmods/_rw_image.c:432:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for ( i = strlen (name) - 1; i >= 0; i-- )
data/dx-4.4.4/src/exec/dxmods/_rw_image.c:442:9:  [1] (buffer) strncat:
  Easily used incorrectly (e.g., incorrectly computing the correct maximum
  size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
  or automatically resizing strings.
        strncat( ext, &name[i+1], ext_size );
data/dx-4.4.4/src/exec/dxmods/_rw_image.c:490:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if ((strlen(basename) + strlen(framestr) + strlen (extension) + 2) > bufl)
data/dx-4.4.4/src/exec/dxmods/_rw_image.c:490:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if ((strlen(basename) + strlen(framestr) + strlen (extension) + 2) > bufl)
data/dx-4.4.4/src/exec/dxmods/_rw_image.c:490:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if ((strlen(basename) + strlen(framestr) + strlen (extension) + 2) > bufl)
data/dx-4.4.4/src/exec/dxmods/_rw_image.c:500:39:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
    if ( !strcat ( buf, framestr) || !strcat(buf,".") )
data/dx-4.4.4/src/exec/dxmods/_rw_image.h:153:28:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        ImageWriteFunction read;	
data/dx-4.4.4/src/exec/dxmods/_tiff.c:331:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if (read(fd,(char*)val, 4) == 4)
data/dx-4.4.4/src/exec/dxmods/_tiff.c:350:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if (read(fd,c,4) != 4)
data/dx-4.4.4/src/exec/dxmods/_tiff.c:372:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if (read(fd,(char*)val, 2) == 2)
data/dx-4.4.4/src/exec/dxmods/_tiff.c:391:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if (read(fd,c,2) != 2)
data/dx-4.4.4/src/exec/dxmods/_tiff.c:1191:15:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if ( 2 != read ( fh, &hdr->byte_order, 2 ) ) goto error;
data/dx-4.4.4/src/exec/dxmods/_tiff.c:1292:21:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
                if (read ( fh, &fld->value.value, fld->length ) != fld->length )
data/dx-4.4.4/src/exec/dxmods/_tiff.c:1565:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            ( &copyname [ strlen ( copyname ) ],
data/dx-4.4.4/src/exec/dxmods/_tiff.c:2274:18:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	        int n = read(fh, buf, width*file_data.samplesperpixel.val);
data/dx-4.4.4/src/exec/dxmods/_tiff.c:2292:7:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
		if (read(fh, fptr, width*file_data.samplesperpixel.val)
data/dx-4.4.4/src/exec/dxmods/_tiff.c:2364:7:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
		if (read(fh, fptr, width) != width)
data/dx-4.4.4/src/exec/dxmods/_tiff.c:2390:7:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
		if (read(fh, buf, width*file_data.samplesperpixel.val)
data/dx-4.4.4/src/exec/dxmods/autoaxes.c:597:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
   length = strlen(stringin);
data/dx-4.4.4/src/exec/dxmods/cachescene.c:45:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    buf = (char *)DXAllocate(strlen(tag) + strlen(".object") + 1);
data/dx-4.4.4/src/exec/dxmods/cachescene.c:45:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    buf = (char *)DXAllocate(strlen(tag) + strlen(".object") + 1);
data/dx-4.4.4/src/exec/dxmods/cachescene.c:61:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    buf = (char *)DXAllocate(strlen(tag) + strlen(".camera") + 1);
data/dx-4.4.4/src/exec/dxmods/cachescene.c:61:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    buf = (char *)DXAllocate(strlen(tag) + strlen(".camera") + 1);
data/dx-4.4.4/src/exec/dxmods/camera.c:735:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(dbuf, inval, MAXDIR-1);
data/dx-4.4.4/src/exec/dxmods/caption.c:219:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        newstring = (char *)DXAllocate(strlen(buf)+1);
data/dx-4.4.4/src/exec/dxmods/caption.c:232:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    newstring = (char *)DXAllocate(strlen(buf)+1);
data/dx-4.4.4/src/exec/dxmods/categorize.c:909:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if ( !( invalid = ( char * ) DXAllocate( strlen( dep ) + INVLEN ) ) )
data/dx-4.4.4/src/exec/dxmods/catstats.c:668:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!(invalid = (char *)DXAllocate(strlen(dep) + INVLEN)))
data/dx-4.4.4/src/exec/dxmods/changemember.c:498:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    outstr = (char *)DXAllocate(strlen(instr) + 1);
data/dx-4.4.4/src/exec/dxmods/colormap.c:350:4:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
   strcpy(ei.mp,"");
data/dx-4.4.4/src/exec/dxmods/colormap.c:378:8:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
   if (strlen(ei.msgbuf) > MAX_MSGLEN){
data/dx-4.4.4/src/exec/dxmods/colormap.c:385:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
       (iprint[5]==1 && strlen(label)>0) || strcmp(ei.msgbuf,""))
data/dx-4.4.4/src/exec/dxmods/colormap.c:396:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
   if (iprint[5]==1 && strlen(label)>0){
data/dx-4.4.4/src/exec/dxmods/colormap.c:399:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      ei.maxlen =(int)strlen(label);
data/dx-4.4.4/src/exec/dxmods/colormap.c:1188:4:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
   strcpy(ei.mp,"");
data/dx-4.4.4/src/exec/dxmods/colormap.c:1191:7:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
      strcpy(ei.mp,"{"); ei.mp++;
data/dx-4.4.4/src/exec/dxmods/colormap.c:1196:7:  [1] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source is a constant character.
      sprintf(ei.mp,"}"); ei.mp++;
data/dx-4.4.4/src/exec/dxmods/colormap.c:1199:8:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
   if (strlen(ei.msgbuf) > MAX_MSGLEN){
data/dx-4.4.4/src/exec/dxmods/compute.c:194:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(expression) == 0) {
data/dx-4.4.4/src/exec/dxmods/compute2.c:73:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if ((s) && strlen(s)) {			    \
data/dx-4.4.4/src/exec/dxmods/compute2.c:81:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    while (strlen(p)+strlen(s)+1 > sz) {    \
data/dx-4.4.4/src/exec/dxmods/compute2.c:81:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    while (strlen(p)+strlen(s)+1 > sz) {    \
data/dx-4.4.4/src/exec/dxmods/compute2.c:109:66:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    if (!in[i] || (bad_name = !DXExtractString(in[i],&name) || !strlen(name))) {
data/dx-4.4.4/src/exec/dxmods/compute2.c:116:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    if (strlen(name)+5 > NAME_SIZE) {
data/dx-4.4.4/src/exec/dxmods/compute2.c:135:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    if (!strlen(expression0)) {
data/dx-4.4.4/src/exec/dxmods/compute2.c:152:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!expression || !strlen(expression))
data/dx-4.4.4/src/exec/dxmods/describe.c:937:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!strncmp(cp, "cubes", 5) && (strlen(cp) > 5) && (n > 3))
data/dx-4.4.4/src/exec/dxmods/describe.c:982:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!(invalid = (char *)DXAllocate(strlen(dep) + INVLEN)))
data/dx-4.4.4/src/exec/dxmods/describe.c:1068:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	else if (!strncmp(elem, "cubes", 5) && (strlen(elem) > 5))
data/dx-4.4.4/src/exec/dxmods/describe.c:1108:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!(invalid = (char *)DXAllocate(strlen(dep) + INVLEN)))
data/dx-4.4.4/src/exec/dxmods/display.c:155:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(where)>=sizeof(copy)) {
data/dx-4.4.4/src/exec/dxmods/display.c:182:13:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
            strcat(type, ",");
data/dx-4.4.4/src/exec/dxmods/display.c:249:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        cacheTag = (char *)DXAllocate(strlen("CACHED_OBJECT_")
data/dx-4.4.4/src/exec/dxmods/display.c:250:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                      + strlen(where) + 32);
data/dx-4.4.4/src/exec/dxmods/display.c:622:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    tag = DXAllocate(strlen(CACHE_APPENDAGE) + strlen(where) + 10);
data/dx-4.4.4/src/exec/dxmods/display.c:622:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    tag = DXAllocate(strlen(CACHE_APPENDAGE) + strlen(where) + 10);
data/dx-4.4.4/src/exec/dxmods/dxlmessage.c:108:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	plr->message = (char *)DXAllocate(strlen(message)+1);
data/dx-4.4.4/src/exec/dxmods/dxlmessage.c:112:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	plr->messageType = (char *)DXAllocate(strlen(messageType)+1);
data/dx-4.4.4/src/exec/dxmods/dxlmessage.c:120:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	plr->major = (char *)DXAllocate(strlen(major)+1);
data/dx-4.4.4/src/exec/dxmods/dxlmessage.c:128:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy(plr->message, message, strlen(message)+1);
data/dx-4.4.4/src/exec/dxmods/dxlmessage.c:128:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	strncpy(plr->message, message, strlen(message)+1);
data/dx-4.4.4/src/exec/dxmods/dxlmessage.c:129:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy(plr->messageType, messageType, strlen(messageType)+1);
data/dx-4.4.4/src/exec/dxmods/dxlmessage.c:129:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	strncpy(plr->messageType, messageType, strlen(messageType)+1);
data/dx-4.4.4/src/exec/dxmods/dxlmessage.c:130:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy(plr->major, major, strlen(major)+1);
data/dx-4.4.4/src/exec/dxmods/dxlmessage.c:130:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	strncpy(plr->major, major, strlen(major)+1);
data/dx-4.4.4/src/exec/dxmods/echo.c:195:5:  [1] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source is a constant character.
    sprintf(ep->mp, "(");      while(*ep->mp) ep->mp++;
data/dx-4.4.4/src/exec/dxmods/echo.c:203:5:  [1] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source is a constant character.
    sprintf(ep->mp, ")");      while(*ep->mp) ep->mp++;
data/dx-4.4.4/src/exec/dxmods/echo.c:210:5:  [1] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source is a constant character.
    sprintf(ep->mp, "(");      while(*ep->mp) ep->mp++;
data/dx-4.4.4/src/exec/dxmods/echo.c:226:5:  [1] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source is a constant character.
    sprintf(ep->mp, ")");      while(*ep->mp) ep->mp++;
data/dx-4.4.4/src/exec/dxmods/echo.c:261:9:  [1] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source is a constant character.
        sprintf(ep->mp, " ");         while(*ep->mp) ep->mp++;
data/dx-4.4.4/src/exec/dxmods/echo.c:269:6:  [1] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source is a constant character.
	    sprintf(ep->mp, "[");        while(*ep->mp) ep->mp++;
data/dx-4.4.4/src/exec/dxmods/echo.c:275:7:  [1] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source is a constant character.
		    sprintf(ep->mp, " ");     while(*ep->mp) ep->mp++;
data/dx-4.4.4/src/exec/dxmods/echo.c:285:9:  [1] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source is a constant character.
        sprintf(ep->mp, "[");        while(*ep->mp) ep->mp++;
data/dx-4.4.4/src/exec/dxmods/echo.c:295:3:  [1] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source is a constant character.
		sprintf(ep->mp, "[");    while(*ep->mp) ep->mp++;
data/dx-4.4.4/src/exec/dxmods/echo.c:301:4:  [1] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source is a constant character.
			sprintf(ep->mp, " "); while(*ep->mp) ep->mp++;
data/dx-4.4.4/src/exec/dxmods/echo.c:305:3:  [1] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source is a constant character.
		sprintf(ep->mp, "]");    while(*ep->mp) ep->mp++;
data/dx-4.4.4/src/exec/dxmods/echo.c:310:9:  [1] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source is a constant character.
        sprintf(ep->mp, "]");        while(*ep->mp) ep->mp++;
data/dx-4.4.4/src/exec/dxmods/echo.c:315:9:  [1] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source is a constant character.
        sprintf(ep->mp, "[");            while(*ep->mp) ep->mp++;
data/dx-4.4.4/src/exec/dxmods/echo.c:319:13:  [1] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source is a constant character.
            sprintf(ep->mp, "[");        while(*ep->mp) ep->mp++;
data/dx-4.4.4/src/exec/dxmods/echo.c:329:7:  [1] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source is a constant character.
		    sprintf(ep->mp, "[");    while(*ep->mp) ep->mp++;
data/dx-4.4.4/src/exec/dxmods/echo.c:336:8:  [1] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source is a constant character.
			    sprintf(ep->mp, " "); while(*ep->mp) ep->mp++;
data/dx-4.4.4/src/exec/dxmods/echo.c:340:7:  [1] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source is a constant character.
		    sprintf(ep->mp, "]");    while(*ep->mp) ep->mp++;
data/dx-4.4.4/src/exec/dxmods/echo.c:345:13:  [1] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source is a constant character.
            sprintf(ep->mp, "]");        while(*ep->mp) ep->mp++;
data/dx-4.4.4/src/exec/dxmods/echo.c:349:9:  [1] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source is a constant character.
        sprintf(ep->mp, "]");            while(*ep->mp) ep->mp++;
data/dx-4.4.4/src/exec/dxmods/enumerate.c:108:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    lmethod = DXAllocateLocalZero(strlen(method)+1);
data/dx-4.4.4/src/exec/dxmods/exp_gai.c:587:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      if ((fill = width - (int)strlen(cp)) > 0){
data/dx-4.4.4/src/exec/dxmods/exp_gai.c:852:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    cmp = (char *)DXAllocate(strlen(name)+6);
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:188:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (!infofile && (strlen(infopath) > 0)) {
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:202:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    for (i=strlen(outname)-1 ; i>=0 ; i--) {
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:367:6:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
			  strncpy(r, &str[k], width);
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:607:10:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
			      strncpy(r, &str[kk], width);
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:876:10:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
			      strncpy(r, &str[kk], width);
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:1069:6:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
			  strncpy(r, &str[kk], width);
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:1243:3:  [1] (buffer) fscanf:
  It's unclear if the %s limit in the format string is small enough
  (CWE-120). Check that the limit is sufficiently small, or use a different
  input function.
		fscanf(fp,"%70s",string);
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:1265:8:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
   c = getc(fp);
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:1275:11:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      c = getc(fp);
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:1377:6:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	i = strlen(s)+1;
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:1380:6:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	i = strlen(s) + 1;
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:1412:13:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        c = getc(fp);
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:1430:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (s[strlen(s)-1] == '\n')
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:1510:11:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      c = getc(fp);
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:1548:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
   while ((int)strlen(str)>MAX_DSTR-2){
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:1554:54:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      line = (char *)DXReAllocate(line,(unsigned int)strlen(str)+n*MAX_DSTR);
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:1570:8:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
   int read[MAX_POS_DIMS*3];
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:1580:3:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	 read[i]=1;
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:1583:10:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
         read[i]=0;
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:1596:6:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	    read[i]=1;
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:1600:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		 (dataps->bytes+strlen(str))>_dxd_gi_fromfile[i]->begin.size){
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:1605:6:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	    read[i]=1;
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:1609:10:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	    if (read[i] == 1){	/* already hit this marker once */
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:1613:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    for( k=0; k<strlen(_dxd_gi_fromfile[i]->begin.marker);k++)
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:1618:6:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	    read[i]=1;
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:1622:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      dataps->bytes += strlen(str);
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:1627:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	      _dxd_gi_header.marker[strlen(_dxd_gi_header.marker-1)]=='\n')
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:1638:7:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	 if (read[i]==0){
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:1667:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy(r, &str[k], width);
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:1681:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    for (k=0; k<strlen(str); ){
data/dx-4.4.4/src/exec/dxmods/genimp_io.c:1684:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	       if (k>=strlen(str)) break; 
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:27:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                for(si = 0; si < strlen(str); si++)             \
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:172:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  headerfile = (char *)DXAllocateLocal(strlen(table) +1);
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:433:43:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    _dxd_gi_filename = (char *)DXAllocate(strlen(name) +1);
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:1490:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  _dxd_gi_filename = (char *)DXAllocate(strlen(p) +1);
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:1850:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
   _dxd_gi_filename = (char *)DXAllocate(strlen(*filename) +1);
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:1875:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      if (i > strlen(*filename)){
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:1879:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
      strncpy(*filename,file,i);
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:1921:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      length = strlen(pstart);
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:1928:10:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
         strncpy(ps.line,pstart,length);
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:1944:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	 if (!strncmp(para[i].name,pend,strlen(para[i].name))){
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:1952:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	       strncpy(statement,pstart,length);
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:2324:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
   while ((int)strlen(str)>MAX_DSTR-2){
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:2330:54:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      line = (char *)DXReAllocate(line,(unsigned int)strlen(str)+n*MAX_DSTR);
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:2333:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
   if ( strlen(line) >= 2 && line[strlen(line)-2] == '\r') 
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:2333:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
   if ( strlen(line) >= 2 && line[strlen(line)-2] == '\r') 
data/dx-4.4.4/src/exec/dxmods/genimp_parse.c:2334:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
     line[strlen(line)-2] = '\n';
data/dx-4.4.4/src/exec/dxmods/getscene.c:63:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	buf = (char *)DXAllocate(strlen(tag) + strlen(".object") + 1);
data/dx-4.4.4/src/exec/dxmods/getscene.c:63:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	buf = (char *)DXAllocate(strlen(tag) + strlen(".object") + 1);
data/dx-4.4.4/src/exec/dxmods/getscene.c:75:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	buf = (char *)DXAllocate(strlen(tag) + strlen(".camera") + 1);
data/dx-4.4.4/src/exec/dxmods/getscene.c:75:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	buf = (char *)DXAllocate(strlen(tag) + strlen(".camera") + 1);
data/dx-4.4.4/src/exec/dxmods/grid.c:166:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (! (*structure = (char *) DXAllocate (strlen (str) + 1)))
data/dx-4.4.4/src/exec/dxmods/histogram.c:1732:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!(invalid = (char *)DXAllocate(strlen(dep) + INVLEN)))
data/dx-4.4.4/src/exec/dxmods/imagemessage.c:553:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                p = buffer0 + strlen( buffer0 );
data/dx-4.4.4/src/exec/dxmods/imagemessage.c:1181:43:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    plr->message = ( char * ) DXAllocate( strlen( buf ) + 1 );
data/dx-4.4.4/src/exec/dxmods/imagemessage.c:1186:47:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    plr->messageType = ( char * ) DXAllocate( strlen( type ) + 1 );
data/dx-4.4.4/src/exec/dxmods/imagemessage.c:1196:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    plr->major = ( char * ) DXAllocate( strlen( major ) + 1 );
data/dx-4.4.4/src/exec/dxmods/imagemessage.c:1201:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    plr->minor = ( char * ) DXAllocate( strlen( minor ) + 1 );
data/dx-4.4.4/src/exec/dxmods/imagemessage.c:1211:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy( plr->message, buf, strlen( buf ) + 1 );
data/dx-4.4.4/src/exec/dxmods/imagemessage.c:1211:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    strncpy( plr->message, buf, strlen( buf ) + 1 );
data/dx-4.4.4/src/exec/dxmods/imagemessage.c:1215:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy( plr->major, major, strlen( major ) + 1 );
data/dx-4.4.4/src/exec/dxmods/imagemessage.c:1215:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    strncpy( plr->major, major, strlen( major ) + 1 );
data/dx-4.4.4/src/exec/dxmods/imagemessage.c:1217:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy( plr->minor, minor, strlen( minor ) + 1 );
data/dx-4.4.4/src/exec/dxmods/imagemessage.c:1217:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    strncpy( plr->minor, minor, strlen( minor ) + 1 );
data/dx-4.4.4/src/exec/dxmods/import.c:114:6:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	    strncpy(firstword, format, cp-format);
data/dx-4.4.4/src/exec/dxmods/import.c:123:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		if (!strncmp(firstword, *ftmp, strlen(*ftmp))) {
data/dx-4.4.4/src/exec/dxmods/import.c:368:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    tbuf = (char *)DXAllocate(strlen(p->filename) + 20);
data/dx-4.4.4/src/exec/dxmods/import.c:428:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    firsterr = (char *)DXAllocateLocal(strlen(DXGetErrorMessage()) + 1);
data/dx-4.4.4/src/exec/dxmods/import.c:538:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    tbuf = (char *)DXAllocate(strlen(p->filename) + 20);
data/dx-4.4.4/src/exec/dxmods/import.c:587:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
       for (j=0; j<strlen(p->fieldlist[0]); j++){
data/dx-4.4.4/src/exec/dxmods/import.c:591:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
       if (j==strlen(p->fieldlist[0])) digit=1;
data/dx-4.4.4/src/exec/dxmods/import.c:594:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	  for (j=0; j<strlen(p->fieldlist[i]); j++){
data/dx-4.4.4/src/exec/dxmods/import.c:598:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	  if (j==strlen(p->fieldlist[0]) && !digit){
data/dx-4.4.4/src/exec/dxmods/import.c:751:54:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    tryname = (char *)DXAllocateLocalZero((datadir ? strlen(datadir) : 0)
data/dx-4.4.4/src/exec/dxmods/import.c:752:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
					  + strlen(inname) + XTRA);
data/dx-4.4.4/src/exec/dxmods/import.c:766:2:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	strcat(tryname, "/");
data/dx-4.4.4/src/exec/dxmods/import_cdf.c:888:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  outname = (char *)DXAllocateLocalZero((datadir ? strlen(datadir) : 0) +
data/dx-4.4.4/src/exec/dxmods/import_cdf.c:889:4:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			strlen(filename) + XTRA);
data/dx-4.4.4/src/exec/dxmods/import_cdf.c:901:7:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
      strcat(outname, "/");
data/dx-4.4.4/src/exec/dxmods/import_cdf.c:1204:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      while (k<strlen(aname) && aname[k] != ' ')
data/dx-4.4.4/src/exec/dxmods/import_cdf.c:1869:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      while (k<strlen(ptr->name) && ptr->name[k] != ' ')
data/dx-4.4.4/src/exec/dxmods/import_cdf.c:1961:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
         if (!strncmp(ptr->name,varname[i],strlen(ptr->name))){
data/dx-4.4.4/src/exec/dxmods/import_cdf.c:1981:47:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            if (!strncmp(ptr->name,varname[i],strlen(ptr->name))){
data/dx-4.4.4/src/exec/dxmods/import_cdf.c:2002:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	 if (!strncmp(ptr->name,varname[i],strlen(ptr->name))){
data/dx-4.4.4/src/exec/dxmods/import_cdf.c:2017:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	 if (!strncmp(ptr->name,varname[i],strlen(ptr->name)))
data/dx-4.4.4/src/exec/dxmods/import_hdf.c:314:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(filename) >= MAXLEN) {
data/dx-4.4.4/src/exec/dxmods/import_hdf.c:324:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    foundname = (char *)DXAllocateLocalZero((dir ? strlen(dir) : 0) +
data/dx-4.4.4/src/exec/dxmods/import_hdf.c:325:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
					    strlen(filename) + XTRA);
data/dx-4.4.4/src/exec/dxmods/import_hdf.c:379:2:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	strcat(foundname, "/");
data/dx-4.4.4/src/exec/dxmods/import_hdf.c:416:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(foundname) > MAXLEN) {
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:363:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    ll = strlen(filename) + XTRA;
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:365:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    	ll += strlen(datadir);
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:374:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    foundname = (char *)DXAllocateLocalZero(strlen(filename)+1);
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:389:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    foundname = (char *)DXAllocateLocalZero(strlen(fname)+1);
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:403:6:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	    strcat(fname, "/");
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:411:43:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		foundname = (char *)DXAllocateLocalZero(strlen(fname)+1);
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:424:43:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		foundname = (char *)DXAllocateLocalZero(strlen(fname)+1);
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:490:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    fname = (char *)DXAllocateLocalZero((datadir ? strlen(datadir) : 0) +
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:491:6:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
					strlen(filename) + XTRA);
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:508:2:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	strcat(fname, "/");
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:578:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                     strlen(SERIESATTRIB), stringattr)))
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:1117:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    sp1 = DXAllocate(strlen(DXGetString((String)o)) + 
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:1118:7:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			   strlen(DXGetString((String)newo)));
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:1121:6:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	    strcat(sp1, ";");
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:1139:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    sp1 = DXAllocate(strlen(DXGetString((String)o)) + 
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:1140:7:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			   strlen(DXGetString((String)newo)));
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:1163:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    sp1 = DXAllocate(strlen(DXGetString((String)o)) + 
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:1164:7:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			   strlen(DXGetString((String)newo)));
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:1167:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    sprintf(sp1+strlen(sp1), ", position %g;", nvp->position);
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:1192:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    sp1 = DXAllocate(strlen(DXGetString((String)o)) + 
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:1193:7:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			   strlen(DXGetString((String)newo)));
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:1196:6:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	    strcat(sp1, ";");
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:1228:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	sp1 = (char *)DXAllocate(strlen(vp->name) + sizeof("name:") + 2);
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:1231:2:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	strcat(sp1, ";");
data/dx-4.4.4/src/exec/dxmods/import_ncdf.c:1437:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(stringattr,tmpattr,maxlen);
data/dx-4.4.4/src/exec/dxmods/import_ss.c:127:43:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (DXExtractString(in[1],&string) && strlen(string) == 1){
data/dx-4.4.4/src/exec/dxmods/import_ss.c:506:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(p) > 99) 
data/dx-4.4.4/src/exec/dxmods/import_ss.c:508:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(test[nc]->name,p,100);
data/dx-4.4.4/src/exec/dxmods/import_ss.c:517:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (p && nc == 0 && strlen(p) > 1)	/* to catch case where token returning */
data/dx-4.4.4/src/exec/dxmods/import_ss.c:687:3:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
  strcpy(inv_string," ");
data/dx-4.4.4/src/exec/dxmods/import_ss.c:1141:58:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      string[imp] = (char *)DXAllocate(sizeof(char) * (1+strlen(ds[i]->name)));
data/dx-4.4.4/src/exec/dxmods/import_ss.c:1315:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  while ((int)strlen(str)>MAX_DSTR-2 && str[MAX_DSTR-2] != '\n'){
data/dx-4.4.4/src/exec/dxmods/import_ss.c:1321:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    line = (char *)DXReAllocate(line,(unsigned int)strlen(str)+n*MAX_DSTR+slop);
data/dx-4.4.4/src/exec/dxmods/inquire.c:1507:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!(invalid = (char *)DXAllocate(strlen(dep) + INVLEN)))
data/dx-4.4.4/src/exec/dxmods/integer.c:315:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
   if (iprint[5] == 1) msglen += strlen(label);
data/dx-4.4.4/src/exec/dxmods/integer.c:337:4:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
   strcpy(ei.mp,"");
data/dx-4.4.4/src/exec/dxmods/integer.c:356:23:  [1] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source is a constant character.
         if (item==1){sprintf(ei.mp,"{"); while(*ei.mp) ei.mp++;}
data/dx-4.4.4/src/exec/dxmods/integer.c:361:29:  [1] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source is a constant character.
     if (islist && item==1){sprintf(ei.mp,"}"); while(*ei.mp) ei.mp++;}
data/dx-4.4.4/src/exec/dxmods/integer.c:363:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
   if (iprint[5]==1 && strlen(label)>0){
data/dx-4.4.4/src/exec/dxmods/integer.c:364:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      shape[0] = (int)strlen(label);
data/dx-4.4.4/src/exec/dxmods/integer.c:382:8:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
   if (strlen(ei.msgbuf) > MAX_MSGLEN){
data/dx-4.4.4/src/exec/dxmods/keyin.c:80:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    write(fh, s, strlen(s));
data/dx-4.4.4/src/exec/dxmods/keyin.c:83:2:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	read(fh, &c, 1);
data/dx-4.4.4/src/exec/dxmods/lookup.c:349:66:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        input_array = DXNewArray( TYPE_STRING, CATEGORY_REAL, 1, strlen( str ) + 1 );
data/dx-4.4.4/src/exec/dxmods/map.c:243:6:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	    strncpy(task.srcComponent, srcComponent, COMPONENT_LENGTH);
data/dx-4.4.4/src/exec/dxmods/map.c:244:6:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	    strncpy(task.dstComponent, dstComponent, COMPONENT_LENGTH);
data/dx-4.4.4/src/exec/dxmods/parse.c:77:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    tempspace = DXAllocate(MAX(sizeof(double), strlen(inputstring) + 1));
data/dx-4.4.4/src/exec/dxmods/parse.c:83:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    tempcontrol = DXAllocate(strlen(control) + 3);
data/dx-4.4.4/src/exec/dxmods/pick.c:744:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char *buf = (char *)DXAllocate(strlen(tag) + strlen(".picks") + 1);
data/dx-4.4.4/src/exec/dxmods/pick.c:744:50:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char *buf = (char *)DXAllocate(strlen(tag) + strlen(".picks") + 1);
data/dx-4.4.4/src/exec/dxmods/pick.c:760:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char *buf = (char *)DXAllocate(strlen(tag) + strlen(".picks") + 1);
data/dx-4.4.4/src/exec/dxmods/pick.c:760:50:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char *buf = (char *)DXAllocate(strlen(tag) + strlen(".picks") + 1);
data/dx-4.4.4/src/exec/dxmods/pick.c:956:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	buf = (char *)DXAllocate(strlen(tag) + strlen(".object") + 1);
data/dx-4.4.4/src/exec/dxmods/pick.c:956:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	buf = (char *)DXAllocate(strlen(tag) + strlen(".object") + 1);
data/dx-4.4.4/src/exec/dxmods/pick.c:968:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	buf = (char *)DXAllocate(strlen(tag) + strlen(".camera") + 1);
data/dx-4.4.4/src/exec/dxmods/pick.c:968:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	buf = (char *)DXAllocate(strlen(tag) + strlen(".camera") + 1);
data/dx-4.4.4/src/exec/dxmods/pie.c:72:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
           if (strlen(buf)>maxlen) maxlen=strlen(buf);                 \
data/dx-4.4.4/src/exec/dxmods/pie.c:72:43:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
           if (strlen(buf)>maxlen) maxlen=strlen(buf);                 \
data/dx-4.4.4/src/exec/dxmods/plot.c:186:5:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
    strcpy(marker, "");
data/dx-4.4.4/src/exec/dxmods/plot.c:187:5:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
    strcpy(plotlabel,"");
data/dx-4.4.4/src/exec/dxmods/programctl.c:77:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      mode = DXAllocate(strlen(tmpmode)+1);
data/dx-4.4.4/src/exec/dxmods/programctl.c:144:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      action = DXAllocate(strlen(tmpaction)+1);
data/dx-4.4.4/src/exec/dxmods/programctl.c:303:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  buf = DXAllocate(strlen(name)+50);
data/dx-4.4.4/src/exec/dxmods/programctl.c:518:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  buf = DXAllocate((strlen(name)+50));
data/dx-4.4.4/src/exec/dxmods/programctl.c:610:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  plr->message = (char *)DXAllocate(strlen(buf)+1);
data/dx-4.4.4/src/exec/dxmods/programctl.c:622:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  plr->major = (char *)DXAllocate(strlen(major)+1);
data/dx-4.4.4/src/exec/dxmods/programctl.c:626:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  plr->minor = (char *)DXAllocate(strlen(messageid)+1);
data/dx-4.4.4/src/exec/dxmods/programctl.c:634:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
  strncpy(plr->message, buf, strlen(buf)+1);
data/dx-4.4.4/src/exec/dxmods/programctl.c:634:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  strncpy(plr->message, buf, strlen(buf)+1);
data/dx-4.4.4/src/exec/dxmods/programctl.c:635:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120). Risk is low because the source is a
  constant string.
  strncpy(plr->messageType, "LINK", 5);
data/dx-4.4.4/src/exec/dxmods/programctl.c:636:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
  strncpy(plr->major, major, strlen(major)+1);
data/dx-4.4.4/src/exec/dxmods/programctl.c:636:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  strncpy(plr->major, major, strlen(major)+1);
data/dx-4.4.4/src/exec/dxmods/programctl.c:637:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
  strncpy(plr->minor, messageid, strlen(messageid)+1);
data/dx-4.4.4/src/exec/dxmods/programctl.c:637:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  strncpy(plr->minor, messageid, strlen(messageid)+1);
data/dx-4.4.4/src/exec/dxmods/readimage.c:52:6:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if (strlen(b)+strlen(c)<MAX_IMAGE_NAMELEN) \
data/dx-4.4.4/src/exec/dxmods/readimage.c:52:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if (strlen(b)+strlen(c)<MAX_IMAGE_NAMELEN) \
data/dx-4.4.4/src/exec/dxmods/readimage.c:236:6:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if (strlen(filename) > MAX_IMAGE_NAMELEN) {
data/dx-4.4.4/src/exec/dxmods/readimage.c:860:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			( &gifopts.name [ strlen( gifopts.name ) ],
data/dx-4.4.4/src/exec/dxmods/readimage.c:886:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			( &tiffopts.name [ strlen ( tiffopts.name ) ],
data/dx-4.4.4/src/exec/dxmods/readimage.c:912:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			( &miffopts.name [ strlen ( miffopts.name ) ],
data/dx-4.4.4/src/exec/dxmods/readimage.c:963:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		    sprintf( &imopts.name [ strlen ( imopts.name ) ],
data/dx-4.4.4/src/exec/dxmods/readimage.c:1101:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if (read(fh, anchor, oneframe) != oneframe)
data/dx-4.4.4/src/exec/dxmods/readimage.c:1199:11:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	    if ( read ( fh[c], buffer, oneframe ) != oneframe )
data/dx-4.4.4/src/exec/dxmods/readimage.c:1223:11:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	    if ( read ( fh[c], buffer, oneframe ) != oneframe )
data/dx-4.4.4/src/exec/dxmods/readimage.c:1417:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy(subpath, s, subpathsize);
data/dx-4.4.4/src/exec/dxmods/readimage.c:1421:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (*subpath && (subpath[strlen(subpath)-1] != '/'))
data/dx-4.4.4/src/exec/dxmods/readimage.c:1422:2:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	strcat(subpath,"/");
data/dx-4.4.4/src/exec/dxmods/scalar.c:314:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
   if (iprint[5] == 1) msglen += strlen(label);
data/dx-4.4.4/src/exec/dxmods/scalar.c:336:4:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
   strcpy(ei.mp,"");
data/dx-4.4.4/src/exec/dxmods/scalar.c:360:22:  [1] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source is a constant character.
        if (item==1){sprintf(ei.mp,"{"); while(*ei.mp) ei.mp++;}
data/dx-4.4.4/src/exec/dxmods/scalar.c:365:29:  [1] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source is a constant character.
     if (islist && item==1){sprintf(ei.mp,"}"); while(*ei.mp) ei.mp++;}
data/dx-4.4.4/src/exec/dxmods/scalar.c:379:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
   if (iprint[5]>0 && strlen(label)>0){
data/dx-4.4.4/src/exec/dxmods/scalar.c:380:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      shape[0]=(int)strlen(label);
data/dx-4.4.4/src/exec/dxmods/scalar.c:387:8:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
   if (strlen(ei.msgbuf) > MAX_MSGLEN){
data/dx-4.4.4/src/exec/dxmods/selector.c:200:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	msglen += (strlen(label) + 2);
data/dx-4.4.4/src/exec/dxmods/selector.c:237:3:  [1] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source is a constant character.
	 sprintf(ei.mp,"{");
data/dx-4.4.4/src/exec/dxmods/selector.c:245:3:  [1] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source is a constant character.
	 sprintf(ei.mp,"}");
data/dx-4.4.4/src/exec/dxmods/selector.c:269:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	 msglen += strlen(label) + 2;
data/dx-4.4.4/src/exec/dxmods/selector.c:295:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      shape[0] = (int)strlen(label);
data/dx-4.4.4/src/exec/dxmods/selector.c:303:8:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
   if (strlen(ei.msgbuf) > MAX_MSGLEN){
data/dx-4.4.4/src/exec/dxmods/selector.c:362:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    maxlen=strlen(string) + 1;
data/dx-4.4.4/src/exec/dxmods/selector.c:402:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    maxlen=strlen(string) +1;
data/dx-4.4.4/src/exec/dxmods/selector.c:473:15:  [1] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source is a constant character.
              sprintf(cp[i]," ");
data/dx-4.4.4/src/exec/dxmods/selector.c:649:12:  [1] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source is a constant character.
           sprintf(ep->mp,"{"); while(*ep->mp) ep->mp++;
data/dx-4.4.4/src/exec/dxmods/selector.c:652:37:  [1] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source is a constant character.
           while(*ep->mp) ep->mp++; sprintf(ep->mp,"}"); 
data/dx-4.4.4/src/exec/dxmods/separate.c:37:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
   cache_label = (char *)DXAllocate(strlen(id) + 32);
data/dx-4.4.4/src/exec/dxmods/separate.c:101:7:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
      strcpy(old_label,"j");
data/dx-4.4.4/src/exec/dxmods/separate.c:103:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
      strncpy(DXGetPrivateData(p),label,40);
data/dx-4.4.4/src/exec/dxmods/separate.c:115:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(DXGetPrivateData(p),label,40);
data/dx-4.4.4/src/exec/dxmods/separate.c:198:17:  [1] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source is a constant character.
   if (item>1) {sprintf(ep->mp,"{"); ep->mp++;}
data/dx-4.4.4/src/exec/dxmods/separate.c:201:31:  [1] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source is a constant character.
      if (type==TYPE_STRING) {sprintf(ep->mp,"\""); ep->mp++;}
data/dx-4.4.4/src/exec/dxmods/separate.c:202:13:  [1] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source is a constant character.
      else {sprintf(ep->mp,"["); ep->mp++;}
data/dx-4.4.4/src/exec/dxmods/separate.c:205:21:  [1] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source is a constant character.
     if (rank > 1) {sprintf(ep->mp,"["); ep->mp++;}
data/dx-4.4.4/src/exec/dxmods/separate.c:250:21:  [1] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source is a constant character.
     if (rank > 1) {sprintf(ep->mp,"]"); ep->mp++;}
data/dx-4.4.4/src/exec/dxmods/separate.c:254:30:  [1] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source is a constant character.
     if (type==TYPE_STRING) {sprintf(ep->mp,"\""); ep->mp++;}
data/dx-4.4.4/src/exec/dxmods/separate.c:255:12:  [1] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source is a constant character.
     else {sprintf(ep->mp,"]"); ep->mp++;}
data/dx-4.4.4/src/exec/dxmods/separate.c:257:5:  [1] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source is a constant character.
    sprintf(ep->mp," "); ep->mp++;
data/dx-4.4.4/src/exec/dxmods/separate.c:261:16:  [1] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source is a constant character.
  if (item>1) {sprintf(ep->mp,"}"); ep->mp++;}
data/dx-4.4.4/src/exec/dxmods/separate.c:272:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
   cache_label = (char *)DXAllocate(strlen(id) + 32);
data/dx-4.4.4/src/exec/dxmods/sequencer.c:190:4:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
   strcpy(ei.mp,"");
data/dx-4.4.4/src/exec/dxmods/showboundary.c:228:51:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
Object set_aux_offsets ( Object input, bounds_ptr read, Array write )
data/dx-4.4.4/src/exec/dxmods/showboundary.c:322:15:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    else if ( read != NULL ) /*----------------------------------------------*/
data/dx-4.4.4/src/exec/dxmods/socketconnect.c:82:23:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if (sizeof(len) < read(cfd, (void *)&len, sizeof(len)))
data/dx-4.4.4/src/exec/dxmods/socketconnect.c:95:15:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if (len < read(cfd, buf, len))
data/dx-4.4.4/src/exec/dxmods/socketconnect.c:156:55:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	length = sizeof (s.usrv) - sizeof(s.usrv.sun_path) + strlen(s.usrv.sun_path);
data/dx-4.4.4/src/exec/dxmods/stack.c:651:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if (strncmp("invalid", cp, strlen("invalid")) == 0)
data/dx-4.4.4/src/exec/dxmods/stack.c:674:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if (strncmp("invalid", ccp, strlen("invalid")) == 0)
data/dx-4.4.4/src/exec/dxmods/stack.c:677:51:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	si->compname[si->compcount] = (char *)DXAllocate(strlen(ccp)+1);
data/dx-4.4.4/src/exec/dxmods/stack.c:745:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		(char *)DXAllocate(strlen("invalid positions")+1);
data/dx-4.4.4/src/exec/dxmods/stack.c:753:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		(char *)DXAllocate(strlen("invalid connections")+1);
data/dx-4.4.4/src/exec/dxmods/stack.c:932:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    if (strncmp("invalid", si->compname[j], strlen("invalid")) == 0)
data/dx-4.4.4/src/exec/dxmods/stack.c:2551:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (strncmp(name, "invalid ", strlen("invalid ")) != 0) {
data/dx-4.4.4/src/exec/dxmods/stack.c:2560:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        a = (Array)DXGetComponentValue(f, name+strlen("invalid "));
data/dx-4.4.4/src/exec/dxmods/stack.c:2564:43:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                       seriesmember, name+strlen("invalid "));
data/dx-4.4.4/src/exec/dxmods/stack.c:2599:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strncmp(name, "invalid ", strlen("invalid ")) == 0) {
data/dx-4.4.4/src/exec/dxmods/stack.c:2609:53:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            na = (Array)DXGetComponentValue(f, name+strlen("invalid "));
data/dx-4.4.4/src/exec/dxmods/stack.c:2613:47:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                           seriesmember, name+strlen("invalid "));
data/dx-4.4.4/src/exec/dxmods/stringlegend.c:80:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                            strlen(DXGetString((String)in[0]))+1);
data/dx-4.4.4/src/exec/dxmods/stringlegend.c:115:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                              strlen(DXGetString((String)in[1])+1));
data/dx-4.4.4/src/exec/dxmods/superstate.c:77:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy(new, where, (left - where));
data/dx-4.4.4/src/exec/dxmods/superstate.c:79:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy(old, left+1, (right - (left+1)));
data/dx-4.4.4/src/exec/dxmods/superstate.c:115:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    cameraCacheTag = (char *)DXAllocate(strlen(where)+strlen(CACHE_CAMERA)+2);
data/dx-4.4.4/src/exec/dxmods/superstate.c:115:55:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    cameraCacheTag = (char *)DXAllocate(strlen(where)+strlen(CACHE_CAMERA)+2);
data/dx-4.4.4/src/exec/dxmods/superstate.c:153:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    objectCacheTag = (char *)DXAllocate(strlen(where)+strlen(CACHE_OBJECT)+2);
data/dx-4.4.4/src/exec/dxmods/superstate.c:153:55:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    objectCacheTag = (char *)DXAllocate(strlen(where)+strlen(CACHE_OBJECT)+2);
data/dx-4.4.4/src/exec/dxmods/superwin.c:305:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char *buf = (char *)DXAllocate(strlen(name) + strlen("_DXWINDOW") + 4);
data/dx-4.4.4/src/exec/dxmods/superwin.c:305:51:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char *buf = (char *)DXAllocate(strlen(name) + strlen("_DXWINDOW") + 4);
data/dx-4.4.4/src/exec/dxmods/superwin.c:363:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iw->displayString = (char *)DXAllocate(strlen(displayString)+1);
data/dx-4.4.4/src/exec/dxmods/superwin.c:366:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iw->title = (char *)DXAllocate(strlen(title)+1);
data/dx-4.4.4/src/exec/dxmods/superwin.c:387:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    iw->where = DXAllocate(strlen(buf) + 1);
data/dx-4.4.4/src/exec/dxmods/system.c:33:50:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	char *buf = (char *)DXAllocate(sizeof(format) + strlen(cmd) + 1);
data/dx-4.4.4/src/exec/dxmods/system.c:35:51:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	char *buf2 = (char *)DXAllocate(sizeof(format) + strlen(cmd) + 1);
data/dx-4.4.4/src/exec/dxmods/system.c:66:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    buf2[strlen(buf2)-1] = '\0';
data/dx-4.4.4/src/exec/dxmods/toggle.c:90:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      ei.maxlen = (int)strlen(label)+SLOP;
data/dx-4.4.4/src/exec/dxmods/toggle.c:96:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      shape[0] = (int)strlen(label);
data/dx-4.4.4/src/exec/dxmods/toggle.c:149:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
         shape[0] = (int)strlen(set_string);
data/dx-4.4.4/src/exec/dxmods/tracevisual.c:337:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    sprintf(d->title + strlen(d->title), " (1 square = %d bytes)", 
data/dx-4.4.4/src/exec/dxmods/vector.c:469:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
   if (ip[5] == 1) msglen += strlen(label);
data/dx-4.4.4/src/exec/dxmods/vector.c:493:4:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
   strcpy(ei.mp,"");
data/dx-4.4.4/src/exec/dxmods/vector.c:523:22:  [1] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source is a constant character.
        if (item==1){sprintf(ei.mp,"{"); while(*ei.mp) ei.mp++;}
data/dx-4.4.4/src/exec/dxmods/vector.c:528:29:  [1] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source is a constant character.
     if (islist && item==1){sprintf(ei.mp,"}"); while(*ei.mp) ei.mp++;}
data/dx-4.4.4/src/exec/dxmods/vector.c:542:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
   if (ip[5]==1 && strlen(label)>0){
data/dx-4.4.4/src/exec/dxmods/vector.c:543:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      shape[0]=(int)strlen(label);
data/dx-4.4.4/src/exec/dxmods/vector.c:550:8:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
   if (strlen(ei.msgbuf) > MAX_MSGLEN){
data/dx-4.4.4/src/exec/dxmods/visualobject.c:818:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(ptag) + 1;
data/dx-4.4.4/src/exec/dxmods/visualobject.c:836:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(ctag) + 1;
data/dx-4.4.4/src/exec/dxmods/writeimage.c:202:6:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if (strlen(filename) > MAX_IMAGE_NAMELEN)
data/dx-4.4.4/src/exec/dxmods/writeimage.c:331:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	original_length= strlen(basename);
data/dx-4.4.4/src/exec/dxmods/writeimage.c:334:5:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if(strlen(basename)!=original_length)
data/dx-4.4.4/src/exec/dxmods/writeimage.c:336:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		iargs.extension=basename + strlen(basename) + 1 ; 
data/dx-4.4.4/src/exec/dxmods/writeimage.c:424:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(buf, p, len);
data/dx-4.4.4/src/exec/dxmods/writeimage.c:450:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(buf, p, len-1);
data/dx-4.4.4/src/exec/dxmods/writeimage.c:473:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(buf, p, len);
data/dx-4.4.4/src/exec/dxmods/writeimage.c:496:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(buf, p, len);
data/dx-4.4.4/src/exec/hwrender/gl/hwLoad.c:54:3:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
  strcat(buff,"/");
data/dx-4.4.4/src/exec/hwrender/gl/hwLoad.c:144:11:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
          strcat(buff,"/");
data/dx-4.4.4/src/exec/hwrender/hwRender.c:221:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if(! (globals->cacheId = tdmAllocate(strlen(cacheId)+1))) {
data/dx-4.4.4/src/exec/hwrender/hwRender.c:382:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if(! (globals->cacheId = tdmAllocate(strlen(cacheId)+1))) {
data/dx-4.4.4/src/exec/hwrender/hwRender.c:589:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if(!strlen(hwWhere) || strcmp(format->where,hwWhere))
data/dx-4.4.4/src/exec/hwrender/hwRender.c:660:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            WHERE = (char *)DXAllocate(strlen(format->where) + 1);
data/dx-4.4.4/src/exec/hwrender/hwRender.c:666:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            ORIGINALWHERE = (char *)DXAllocate(strlen(format->originalWhere) + 1);
data/dx-4.4.4/src/exec/hwrender/hwRender.c:827:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	newcopy->thing = tdmAllocate(strlen(pFormat->thing) + 1); \
data/dx-4.4.4/src/exec/hwrender/hwRender.c:880:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        *cacheIdP = tdmAllocate(strlen((char *)(priv[0])) + 1);
data/dx-4.4.4/src/exec/hwrender/hwRender.c:902:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    pFormat->originalWhere = tdmAllocate(strlen(displayString)+1);
data/dx-4.4.4/src/exec/hwrender/hwRender.c:946:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                    strlen(pFormat->name) > 2 &&
data/dx-4.4.4/src/exec/hwrender/hwRender.c:973:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            (*cacheIdP = tdmAllocate(strlen(CACHEPREFIX)+
data/dx-4.4.4/src/exec/hwrender/hwRender.c:974:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                     strlen(pFormat->type)+
data/dx-4.4.4/src/exec/hwrender/hwRender.c:975:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                     strlen(pFormat->fullHost)+
data/dx-4.4.4/src/exec/hwrender/hwRender.c:976:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                     strlen(pFormat->Xserver)+
data/dx-4.4.4/src/exec/hwrender/hwRender.c:977:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                     strlen(pFormat->name)+
data/dx-4.4.4/src/exec/hwrender/hwRender.c:991:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            (*cacheIdP = tdmAllocate(strlen(CACHEPREFIX)+
data/dx-4.4.4/src/exec/hwrender/hwRender.c:992:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                     strlen(pFormat->type)+
data/dx-4.4.4/src/exec/hwrender/hwRender.c:993:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                     strlen(pFormat->name)+
data/dx-4.4.4/src/exec/hwrender/hwRender.c:1011:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    priv[0] = (ubyte *)tdmAllocate(strlen(*cacheIdP) + 1);
data/dx-4.4.4/src/exec/hwrender/hwRender.c:1071:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if((strlen(pFormat->where) == 0) ||
data/dx-4.4.4/src/exec/hwrender/hwRender.c:1238:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
        strncpy(ret,str,offset);
data/dx-4.4.4/src/exec/hwrender/hwRender.c:1296:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        ret = tdmAllocate(strlen(h_ent->h_name)+1);
data/dx-4.4.4/src/exec/hwrender/hwRender.c:1302:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        ret = tdmAllocate(strlen(shortName) + 1);
data/dx-4.4.4/src/exec/hwrender/hwRender.c:1322:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            ret = tdmAllocate(strlen(givenXserver)+4);
data/dx-4.4.4/src/exec/hwrender/hwRender.c:1325:13:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
            strcpy(ret,":");
data/dx-4.4.4/src/exec/hwrender/hwRender.c:1329:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            ret = tdmAllocate(strlen(givenXserver)+2);
data/dx-4.4.4/src/exec/hwrender/hwRender.c:1332:13:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
            strcpy(ret,":");
data/dx-4.4.4/src/exec/hwrender/hwRender.c:1337:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            ret = tdmAllocate(strlen(givenXserver)+3);
data/dx-4.4.4/src/exec/hwrender/hwRender.c:1343:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            ret = tdmAllocate(strlen(givenXserver)+1);
data/dx-4.4.4/src/exec/hwrender/hwUserInteractor.c:542:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	tag = DXAllocate(strlen(CACHE_OBJECT_TAG) + strlen(baseTag) + 10);
data/dx-4.4.4/src/exec/hwrender/hwUserInteractor.c:542:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	tag = DXAllocate(strlen(CACHE_OBJECT_TAG) + strlen(baseTag) + 10);
data/dx-4.4.4/src/exec/hwrender/hwUserInteractor.c:555:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	tag = DXAllocate(strlen(CACHE_CAMERA_TAG) + strlen(baseTag) + 10);
data/dx-4.4.4/src/exec/hwrender/hwUserInteractor.c:555:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	tag = DXAllocate(strlen(CACHE_CAMERA_TAG) + strlen(baseTag) + 10);
data/dx-4.4.4/src/exec/hwrender/hwWindow.c:353:49:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        oglWindowClassName = (char *)DXAllocate(strlen("DXOGLWin_") + 10);
data/dx-4.4.4/src/exec/hwrender/hwWindow.c:711:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for (i = strlen(winName)-1 ; i >= 0 ; i--)
data/dx-4.4.4/src/exec/hwrender/hwWindow.c:738:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for (i = strlen(winName)-1 ; i >= 0 ; i--)
data/dx-4.4.4/src/exec/hwrender/hwWindow.c:2145:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for (i = strlen(winName)-1 ; i >= 0 ; i--)
data/dx-4.4.4/src/exec/hwrender/hwWindow.c:2175:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for (i = strlen(winName)-1 ; i >= 0 ; i--)
data/dx-4.4.4/src/exec/hwrender/hwXfield.c:1282:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(optionsString,down,200);
data/dx-4.4.4/src/exec/hwrender/hwXfield.c:1286:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if(!strlen(up)) up = down;
data/dx-4.4.4/src/exec/hwrender/opengl/hwInteractorEchoOGL.c:884:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  len = strlen(text) ;
data/dx-4.4.4/src/exec/hwrender/opengl/hwLoadOGL.c:84:7:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
      strcat(buff,"/");
data/dx-4.4.4/src/exec/hwrender/opengl/hwLoadOGL.c:149:3:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
  strcat(buff,"/");
data/dx-4.4.4/src/exec/hwrender/opengl/hwLoadOGL.c:205:7:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
      strcat(buff,"/");
data/dx-4.4.4/src/exec/hwrender/opengl/hwLoadOGL.c:209:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  for (i = 0; i < strlen(buff); i++)
data/dx-4.4.4/src/exec/hwrender/opengl/hwLoadOGL.c:213:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (stricmp(buff+(strlen(buff)-4), ".dll"))
data/dx-4.4.4/src/exec/hwrender/opengl/hwPortUtilOGL.c:2180:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      terminator = where + strlen(extension);
data/dx-4.4.4/src/exec/hwrender/starbase/hwLoad.c:60:5:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
    strcpy(HWpath,"");
data/dx-4.4.4/src/exec/hwrender/xgl/hwLoad.c:99:2:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	strcat(HWpath,"/");
data/dx-4.4.4/src/exec/hwrender/xgl/hwLoad.c:109:2:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	strcat(HWpath,"/");
data/dx-4.4.4/src/exec/hwrender/xgl/hwLoad.c:117:5:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
    strcat(HWpath,"/");
data/dx-4.4.4/src/exec/libdx/array.c:805:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if ((l=strlen(s[count])) > maxlen)
data/dx-4.4.4/src/exec/libdx/array.c:821:9:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	s[i] ? strncpy(p, s[i], maxlen+1) : memset(p, '\0', maxlen+1);
data/dx-4.4.4/src/exec/libdx/axes.c:1754:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
       lastz = strlen(fmt)-1;
data/dx-4.4.4/src/exec/libdx/client.c:74:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if(!host || !strlen(host) || !_stricmp("localhost", host) || !_stricmp("localPC", host))
data/dx-4.4.4/src/exec/libdx/client.c:81:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if(!tmpHost || !strlen(tmpHost) || !_stricmp("localhost", tmpHost) || !_stricmp("localPC", tmpHost))
data/dx-4.4.4/src/exec/libdx/client.c:150:57:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	length = sizeof (userver) - sizeof(userver.sun_path) + strlen (userver.sun_path);
data/dx-4.4.4/src/exec/libdx/component.c:1424:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(cp) + 1;
data/dx-4.4.4/src/exec/libdx/displayutil.c:240:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    arg0 = copy = (char *)DXAllocate(strlen(where)+1);
data/dx-4.4.4/src/exec/libdx/displayutil.c:262:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	*a0 = (char *)DXAllocate(strlen(copy)+1);
data/dx-4.4.4/src/exec/libdx/displayutil.c:265:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy(*a0, arg0, strlen(arg0)+1);
data/dx-4.4.4/src/exec/libdx/displayutil.c:265:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	strncpy(*a0, arg0, strlen(arg0)+1);
data/dx-4.4.4/src/exec/libdx/displayutil.c:283:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	*a1 = (char *)DXAllocate(strlen(arg1)+1);
data/dx-4.4.4/src/exec/libdx/displayutil.c:286:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy(*a1, arg1, strlen(arg1)+1);
data/dx-4.4.4/src/exec/libdx/displayutil.c:286:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	strncpy(*a1, arg1, strlen(arg1)+1);
data/dx-4.4.4/src/exec/libdx/displayutil.c:294:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	*a2 = (char *)DXAllocate(strlen(arg2)+1);
data/dx-4.4.4/src/exec/libdx/displayutil.c:297:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy(*a2, arg2, strlen(arg2)+1);
data/dx-4.4.4/src/exec/libdx/displayutil.c:297:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	strncpy(*a2, arg2, strlen(arg2)+1);
data/dx-4.4.4/src/exec/libdx/displayutil.c:302:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	*a3 = (char *)DXAllocate(strlen(arg3)+1);
data/dx-4.4.4/src/exec/libdx/displayutil.c:305:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy(*a3, arg3, strlen(arg3)+1);
data/dx-4.4.4/src/exec/libdx/displayutil.c:305:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	strncpy(*a3, arg3, strlen(arg3)+1);
data/dx-4.4.4/src/exec/libdx/displayutil.c:310:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	*a4 = (char *)DXAllocate(strlen(arg4)+1);
data/dx-4.4.4/src/exec/libdx/displayutil.c:313:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy(*a4, arg4, strlen(arg4)+1);
data/dx-4.4.4/src/exec/libdx/displayutil.c:313:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	strncpy(*a4, arg4, strlen(arg4)+1);
data/dx-4.4.4/src/exec/libdx/displayw.c:158:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		SWWindowClassName = (char *)DXAllocate(strlen("SoftwareRenderer_") + 20);
data/dx-4.4.4/src/exec/libdx/displayw.c:448:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char *cacheid = (char *)DXAllocate(strlen(WINDOW_TEMPLATE) +
data/dx-4.4.4/src/exec/libdx/displayw.c:449:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
				        strlen(title) + 1);
data/dx-4.4.4/src/exec/libdx/displayw.c:468:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    cacheid = (char *)DXAllocate(strlen(WINDOW_ID_TEMPLATE) +
data/dx-4.4.4/src/exec/libdx/displayw.c:469:6:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
				 strlen(modid) + 1);
data/dx-4.4.4/src/exec/libdx/displayw.c:496:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    tmp = (char *)DXAllocate(strlen(title) + 1);
data/dx-4.4.4/src/exec/libdx/displayw.c:532:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    tmp = (char *)DXAllocate(strlen(p_data) + 1);
data/dx-4.4.4/src/exec/libdx/displayw.c:1159:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			w->title = (char *)DXAllocate(strlen(title) + 1);
data/dx-4.4.4/src/exec/libdx/displayw.c:1162:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			w->cacheid = (char *)DXAllocate(strlen(cachetag) + 1);
data/dx-4.4.4/src/exec/libdx/displayx.c:2182:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	int len = strlen(buf) + 1;
data/dx-4.4.4/src/exec/libdx/displayx.c:2270:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char *cacheid = (char *)DXAllocate(strlen(WINDOW_TEMPLATE) +
data/dx-4.4.4/src/exec/libdx/displayx.c:2271:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
				       strlen(host) +
data/dx-4.4.4/src/exec/libdx/displayx.c:2272:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
				       strlen(title) + 1);
data/dx-4.4.4/src/exec/libdx/displayx.c:2291:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    cacheid = (char *)DXAllocate(strlen(WINDOW_ID_TEMPLATE) +
data/dx-4.4.4/src/exec/libdx/displayx.c:2292:6:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
				 strlen(modid) + 1);
data/dx-4.4.4/src/exec/libdx/displayx.c:2310:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    tmp = (char *)DXAllocate(strlen(title) + 1);
data/dx-4.4.4/src/exec/libdx/displayx.c:2346:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    tmp = (char *)DXAllocate(strlen(p_data) + 1);
data/dx-4.4.4/src/exec/libdx/displayx.c:2624:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    w->title = (char *)DXAllocate(strlen(title) + 1);
data/dx-4.4.4/src/exec/libdx/displayx.c:2627:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    w->cacheid = (char *)DXAllocate(strlen(cachetag) + 1);
data/dx-4.4.4/src/exec/libdx/edfdict.c:184:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(word) >= LONGESTKEY)
data/dx-4.4.4/src/exec/libdx/edfdict.c:245:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    ki.contents = dictplace(d, strlen(word)+1);
data/dx-4.4.4/src/exec/libdx/edfdict.c:472:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    di.contents = dictplace(d, strlen(word)+1);
data/dx-4.4.4/src/exec/libdx/edfio.c:332:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char *cmd = (char *)DXAllocateLocal(strlen("mknod ") +
data/dx-4.4.4/src/exec/libdx/edfio.c:333:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
				      strlen(path) +
data/dx-4.4.4/src/exec/libdx/edfio.c:334:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
				      strlen(" p; chmod ") + 
data/dx-4.4.4/src/exec/libdx/edfio.c:336:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
				      strlen(path) + 1);
data/dx-4.4.4/src/exec/libdx/edfio.c:346:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char *cmd = (char *)DXAllocateLocal(strlen("rm -f") +
data/dx-4.4.4/src/exec/libdx/edfio.c:347:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
				      strlen(path) + 1);
data/dx-4.4.4/src/exec/libdx/edfio.c:531:10:  [1] (buffer) fgetc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	if ((rc=fgetc(fd)) == EOF) {
data/dx-4.4.4/src/exec/libdx/edfio.c:537:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	*outname = (char *)DXAllocateLocalZero(strlen(inname)+1);
data/dx-4.4.4/src/exec/libdx/edfio.c:558:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        bytes = strlen("(%s) > %s &") + 
data/dx-4.4.4/src/exec/libdx/edfio.c:559:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                strlen(inname) + 1 +
data/dx-4.4.4/src/exec/libdx/edfio.c:560:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                strlen(TEMPLATE) + 6;
data/dx-4.4.4/src/exec/libdx/edfio.c:565:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if ((*outname = (char *)DXAllocateLocalZero(strlen(TEMPLATE) + 6)) == NULL)
data/dx-4.4.4/src/exec/libdx/edfio.c:614:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	*outname = (char *)DXAllocateLocalZero(strlen(inname)+1);
data/dx-4.4.4/src/exec/libdx/edfio.c:629:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    bytes = strlen(inname) + XXTRA;
data/dx-4.4.4/src/exec/libdx/edfio.c:631:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	bytes += strlen(auxname);
data/dx-4.4.4/src/exec/libdx/edfio.c:635:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	bytes += strlen(datadir);
data/dx-4.4.4/src/exec/libdx/edfio.c:718:2:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	strcat(*outname, "/");
data/dx-4.4.4/src/exec/libdx/edflex.c:33:40:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
#define input()     (pp->byteoffset++, getc(fp->fd))
data/dx-4.4.4/src/exec/libdx/edflex.c:43:12:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    return getc(fp);
data/dx-4.4.4/src/exec/libdx/edfobj.c:118:45:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        new->name = (char *)DXAllocateLocal(strlen(name)+1);
data/dx-4.4.4/src/exec/libdx/edfparse.c:3480:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    (*gpp)->fname = DXAllocateLocal(strlen(cp) + 1);
data/dx-4.4.4/src/exec/libdx/edfparse.c:3514:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	(*gpp)->gbuf = DXAllocateLocal(2*sizeof(char *) + strlen(cp)+1);
data/dx-4.4.4/src/exec/libdx/edfparse.c:3538:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!input || (strlen(input) <= 0))
data/dx-4.4.4/src/exec/libdx/edfparse.c:3541:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    *buf = (char *)DXAllocateLocal(strlen(input)+16);
data/dx-4.4.4/src/exec/libdx/edfprint.c:151:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    fname = (char *)DXAllocateLocal(strlen(filename) + 20);
data/dx-4.4.4/src/exec/libdx/edfprint.c:154:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    fname2 = (char *)DXAllocateLocal(strlen(filename) + 20);
data/dx-4.4.4/src/exec/libdx/edfprint.c:343:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    sprintf(fname2 + strlen(fname2), "%d", getpid());
data/dx-4.4.4/src/exec/libdx/fileio.c:162:2:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	strcat(dname, ":");
data/dx-4.4.4/src/exec/libdx/fileio.c:444:12:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	if ((rc = read(fd, addr, cnt)) <= 0) {
data/dx-4.4.4/src/exec/libdx/group.c:35:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	int n = strlen(s) + 1;
data/dx-4.4.4/src/exec/libdx/image.c:87:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	!strncmp(format, "FLOAT",   strlen("FLOAT"))  ||
data/dx-4.4.4/src/exec/libdx/image.c:88:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	!strncmp(format, "DXFloat", strlen("DXFloat"))||
data/dx-4.4.4/src/exec/libdx/image.c:89:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	!strncmp(format, "DXFLOAT", strlen("DXFLOAT")))
data/dx-4.4.4/src/exec/libdx/image.c:93:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    else if (!strncmp(format, "BYTE",   strlen("BYTE"))   ||
data/dx-4.4.4/src/exec/libdx/image.c:94:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	     !strncmp(format, "DXByte", strlen("DXByte")) ||
data/dx-4.4.4/src/exec/libdx/image.c:95:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	     !strncmp(format, "DXBYTE", strlen("DXBYTE")))
data/dx-4.4.4/src/exec/libdx/image.c:99:47:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    else if (!strncmp(format, "DELAYEDCOLOR", strlen("DELAYEDCOLOR"))     ||
data/dx-4.4.4/src/exec/libdx/image.c:100:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	     !strncmp(format, "DXDELAYEDCOLOR", strlen("DXDELAYEDCOLOR")) ||
data/dx-4.4.4/src/exec/libdx/image.c:101:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	     !strncmp(format, "DXDelayedColor", strlen("DXDelayedColor")))
data/dx-4.4.4/src/exec/libdx/image.c:152:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (format[strlen(format)-1] == 'Z')
data/dx-4.4.4/src/exec/libdx/invalid.c:2396:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	handle->iName = (char *)DXAllocate(strlen(name) + 1);
data/dx-4.4.4/src/exec/libdx/lbcache.c:156:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	int size = sizeof(struct entry) + n*sizeof(int) + strlen(fun) + 1;
data/dx-4.4.4/src/exec/libdx/lbcolor.c:179:6:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
	    strcpy(laststring,"");
data/dx-4.4.4/src/exec/libdx/lbcolor.c:197:6:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
	    strcpy(laststring,"");
data/dx-4.4.4/src/exec/libdx/lbcolor.c:207:13:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
            strcpy(cp->colorname,"");
data/dx-4.4.4/src/exec/libdx/lbextract.c:1037:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if(dim == 0  &&  strlen(cp) > 1)
data/dx-4.4.4/src/exec/libdx/lbextract.c:1041:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            *count = strlen(cp);
data/dx-4.4.4/src/exec/libdx/lbextract.c:1121:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if(dim == 0  &&  strlen(sp) > 1)
data/dx-4.4.4/src/exec/libdx/lbextract.c:1124:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if(count != strlen(sp))
data/dx-4.4.4/src/exec/libdx/lbmessage.c:102:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if (read(fd, state->buf, size) < size) {
data/dx-4.4.4/src/exec/libdx/lbprint.c:1442:8:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	len = strlen(cp);
data/dx-4.4.4/src/exec/libdx/lbprint.c:1569:2:  [1] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source is a constant character.
	sprintf(mbuf, " ");
data/dx-4.4.4/src/exec/libdx/lbtext.c:78:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    tbuf = ( char * ) DXAllocateLocalZero( strlen( dir ) + strlen( name ) + XTRA );
data/dx-4.4.4/src/exec/libdx/lbtext.c:78:60:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    tbuf = ( char * ) DXAllocateLocalZero( strlen( dir ) + strlen( name ) + XTRA );
data/dx-4.4.4/src/exec/libdx/lbtext.c:164:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    dirbuf = ( char * ) DXAllocateLocalZero( strlen( dirlist ) + strlen( file ) + XTRA );
data/dx-4.4.4/src/exec/libdx/lbtext.c:164:66:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    dirbuf = ( char * ) DXAllocateLocalZero( strlen( dirlist ) + strlen( file ) + XTRA );
data/dx-4.4.4/src/exec/libdx/lbtext.c:182:9:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
        strcat( dirbuf, "/" );
data/dx-4.4.4/src/exec/libdx/lock.c:474:2:  [1] (obsolete) usleep:
  This C routine is considered obsolete (as opposed to the shell command by
  the same name). The interaction of this function with SIGALRM and other
  timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
  unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
	usleep(500 /* microseconds */);    /* spin loop waiting for lock */
data/dx-4.4.4/src/exec/libdx/memory.c:1369:18:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	    while ((n = read(fd[0], buf, sizeof(buf)-1)) > 0) {
data/dx-4.4.4/src/exec/libdx/memory.c:1538:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    write(2, buf, strlen(buf));
data/dx-4.4.4/src/exec/libdx/memory.c:1587:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    write(2, buf, strlen(buf));
data/dx-4.4.4/src/exec/libdx/memory.c:1706:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        write(fileno(stdout), tmpbuf, strlen(tmpbuf)); 
data/dx-4.4.4/src/exec/libdx/notify.c:59:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    _str = (struct _string *)DXAllocate(strlen(str) + sizeof(struct _string) + 3);
data/dx-4.4.4/src/exec/libdx/notify.c:92:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for (l = i = 0; i < strlen(name); i++, l ^= name[i], s+= name[i-1]);
data/dx-4.4.4/src/exec/libdx/qmessage.c:213:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    vsprintf(buf+strlen(buf), message, arg);
data/dx-4.4.4/src/exec/libdx/qmessage.c:215:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    n = strlen(buf);
data/dx-4.4.4/src/exec/libdx/rwobject.c:404:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define GetStrLen(name)		(name ? strlen(name) : 0)
data/dx-4.4.4/src/exec/libdx/rwobject.c:405:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define GetStrLenX(name)	(name ? (strlen(name)+1 + 3) & ~3 : 0)
data/dx-4.4.4/src/exec/libdx/rwobject.c:998:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			     INC_VOID(*header, strlen(value)+1); \
data/dx-4.4.4/src/exec/libdx/rwobject.c:999:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			     INC_BYTE(*byteoffset, strlen(value)+1); }
data/dx-4.4.4/src/exec/libdx/rwobject.c:1361:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			     INC_VOID(*header, strlen(value)+1); \
data/dx-4.4.4/src/exec/libdx/rwobject.c:1362:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			     INC_BYTE(*byteoffset, strlen(value)+1); }
data/dx-4.4.4/src/exec/libdx/stats.c:734:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	statname = (char *)DXAllocateLocal (strlen(compname) + STATLEN);
data/dx-4.4.4/src/exec/libdx/stats.c:949:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    *len = sizeof(struct argblock) + strlen(compname) + strlen(statname) + 2;
data/dx-4.4.4/src/exec/libdx/stats.c:949:57:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    *len = sizeof(struct argblock) + strlen(compname) + strlen(statname) + 2;
data/dx-4.4.4/src/exec/libdx/stats.c:961:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    cp += strlen(compname) + 1;
data/dx-4.4.4/src/exec/libdx/stats.c:1947:45:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!(invalid = (char *)DXAllocateLocal(strlen(dep) + INVLEN)))
data/dx-4.4.4/src/exec/libdx/stats.c:1982:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!(*invalid = (char *)DXAllocateLocal(strlen(dep) + INVLEN)))
data/dx-4.4.4/src/exec/libdx/string.c:51:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    n = strlen(s)+1;
data/dx-4.4.4/src/exec/libdx/timing.c:228:5:  [1] (obsolete) usleep:
  This C routine is considered obsolete (as opposed to the shell command by
  the same name). The interaction of this function with SIGALRM and other
  timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
  unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
    usleep((int)(1000000.0 * seconds));
data/dx-4.4.4/src/exec/libdx/timing.c:283:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(event->label, s, sizeof(event->label)-1);
data/dx-4.4.4/src/misc/dx.c:25:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(dst, src, strlen(src)+1);
data/dx-4.4.4/src/misc/dx.c:25:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    strncpy(dst, src, strlen(src)+1);
data/dx-4.4.4/src/misc/dx.c:32:6:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    	strncpy(s1, sPath, strlen(s1));			\
data/dx-4.4.4/src/misc/dx.c:32:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    	strncpy(s1, sPath, strlen(s1));			\
data/dx-4.4.4/src/misc/dx.c:288:3:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
		strcpy(value, "");
data/dx-4.4.4/src/misc/dx.c:329:5:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if(strlen(xenvvar)==0 || strcmp(xenvvar, "exceed")==0) {
data/dx-4.4.4/src/misc/dx.c:350:6:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if((strlen(xenvvar)==0 || strcmp(xenvvar, "xwin32")==0) && whichX == UNKNOWN) {
data/dx-4.4.4/src/misc/dx.c:360:6:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if((strlen(xenvvar)==0 || strcmp(xenvvar, "winaxe")==0) && whichX == UNKNOWN) {
data/dx-4.4.4/src/misc/dx.c:434:2:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	strcat(dxdata, ":");
data/dx-4.4.4/src/misc/dx.c:436:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if(dxroot[strlen(dxroot)-1] !='/')
data/dx-4.4.4/src/misc/dx.c:437:2:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	strcat(dxdata, "/");
data/dx-4.4.4/src/misc/dx.c:441:2:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	strcat(dxdata, ";");
data/dx-4.4.4/src/misc/dx.c:443:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if(dxroot[strlen(dxroot)-1] !='\\')
data/dx-4.4.4/src/misc/dx.c:444:2:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	strcat(dxdata, "\\");
data/dx-4.4.4/src/misc/dx.c:452:2:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	strcat(dxmacros, ":");
data/dx-4.4.4/src/misc/dx.c:454:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if(dxroot[strlen(dxroot)-1] !='/')
data/dx-4.4.4/src/misc/dx.c:455:2:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	strcat(dxmacros, "/");
data/dx-4.4.4/src/misc/dx.c:461:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if(dxroot[strlen(dxroot)-1] !='\\')
data/dx-4.4.4/src/misc/dx.c:462:6:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	    strcat(buf, "\\");
data/dx-4.4.4/src/misc/dx.c:466:17:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
                strcat(dxmacros, ";");
data/dx-4.4.4/src/misc/dx.c:490:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if(dxroot[strlen(dxroot)-1] == '\\') dxroot[strlen(dxroot)-1] = '\0';
data/dx-4.4.4/src/misc/dx.c:490:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if(dxroot[strlen(dxroot)-1] == '\\') dxroot[strlen(dxroot)-1] = '\0';
data/dx-4.4.4/src/misc/dx.c:512:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			if(exceeddir[strlen(exceeddir)-1] == '\\') 
data/dx-4.4.4/src/misc/dx.c:513:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
				exceeddir[strlen(exceeddir)-1] = '\0';
data/dx-4.4.4/src/misc/dx.c:514:4:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
			strcat(path, ";"); 
data/dx-4.4.4/src/misc/dx.c:529:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			if(starnetdir[strlen(starnetdir)-1] == '\\') 
data/dx-4.4.4/src/misc/dx.c:530:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
				starnetdir[strlen(starnetdir)-1] = '\0';
data/dx-4.4.4/src/misc/dx.c:531:4:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
			strcat(path,";"); 
data/dx-4.4.4/src/misc/dx.c:543:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			if(winaxedir[strlen(winaxedir)-1] == '\\') 
data/dx-4.4.4/src/misc/dx.c:544:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
				winaxedir[strlen(winaxedir)-1] = '\0';
data/dx-4.4.4/src/misc/dx.c:545:4:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
			strcat(path,";"); 
data/dx-4.4.4/src/misc/dx.c:560:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		if(exceeddir[strlen(exceeddir)-1] == '\\') 
data/dx-4.4.4/src/misc/dx.c:561:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			exceeddir[strlen(exceeddir)-1] = '\0';
data/dx-4.4.4/src/misc/dx.c:562:3:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
		strcat(path, ";"); 
data/dx-4.4.4/src/misc/dx.c:569:2:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	strcat(path, ";"); 
data/dx-4.4.4/src/misc/dx.c:575:2:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	strcat(path, ";"); 
data/dx-4.4.4/src/misc/dx.c:633:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if(dxroot[strlen(dxroot)-1] == '\\') dxroot[strlen(dxroot)-1] = '\0';
data/dx-4.4.4/src/misc/dx.c:633:49:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if(dxroot[strlen(dxroot)-1] == '\\') dxroot[strlen(dxroot)-1] = '\0';
data/dx-4.4.4/src/misc/dx.c:645:5:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
    strcat(path, ";"); strcat(path, temp);
data/dx-4.4.4/src/misc/dx.c:650:5:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
    strcat(path, ";"); strcat(path, temp);
data/dx-4.4.4/src/misc/dx.c:655:5:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
    strcat(path, ";"); strcat(path, temp);
data/dx-4.4.4/src/misc/dx.c:660:5:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
    strcat(path, ";"); strcat(path, temp);
data/dx-4.4.4/src/misc/dx.c:664:5:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
    strcat(path, ";"); strcat(path, magickhome);
data/dx-4.4.4/src/misc/dx.c:677:6:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
    	strcat(dxmacros, ";"); strcat(dxmacros, temp);
data/dx-4.4.4/src/misc/dx.c:680:5:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
    strcat(dxmacros, ";"); strcat(dxmacros, temp);
data/dx-4.4.4/src/misc/dx.c:689:6:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
    	strcat(dxdata, ";"); strcat(dxdata, temp);
data/dx-4.4.4/src/misc/dx.c:963:6:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	    strcat(argstr, " ");
data/dx-4.4.4/src/misc/dx.c:969:15:  [1] (buffer) getchar:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	for (i=0; (c=getchar()) != EOF; i++)
data/dx-4.4.4/src/misc/dx.c:1001:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy(dest, p, (int)(q-p));		/* load it */
data/dx-4.4.4/src/misc/dx.c:1031:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!strncmp(s, #str, strlen(#str))) {
data/dx-4.4.4/src/misc/dx.c:1034:8:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    (s[strlen(s)-1] == '*')
data/dx-4.4.4/src/misc/dx.c:1072:5:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
    strcat(val, " ");		\
data/dx-4.4.4/src/misc/dx.c:1236:3:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
		strcpy(exlog, "");
data/dx-4.4.4/src/misc/dx.c:1244:3:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
		strcpy(excache, "");
data/dx-4.4.4/src/misc/dx.c:1258:3:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
		strcpy(extrace, "");
data/dx-4.4.4/src/misc/dx.c:1266:3:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
		strcpy(exread, "");
data/dx-4.4.4/src/misc/dx.c:1280:3:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
		strcpy(extime, "");
data/dx-4.4.4/src/misc/dx.c:1292:3:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
		strcpy(exhilite, "");
data/dx-4.4.4/src/misc/dx.h:103:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	while ((kk = strlen(s)) && ((s[kk-1] == ';') || (s[kk-1] == ' ')))	\
data/dx-4.4.4/src/misc/utils.c:37:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for (i=0; s && *s && (i<strlen(s)); i++)
data/dx-4.4.4/src/misc/utils.c:47:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for (i=0; s && *s && (i<strlen(s)); i++)
data/dx-4.4.4/src/misc/utils.c:58:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    length=strlen(s);
data/dx-4.4.4/src/misc/utils.c:83:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    length=strlen(s);
data/dx-4.4.4/src/misc/utils.c:120:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for(q = &name[strlen(name)-1]; *q == ' ' && q != p; q--);
data/dx-4.4.4/src/misc/utils.c:123:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(s, p, len);
data/dx-4.4.4/src/misc/utils.c:125:5:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
    strcat(s, "=");
data/dx-4.4.4/src/misc/utils.c:132:8:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if(strlen(p)) {
data/dx-4.4.4/src/misc/utils.c:133:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	for(q = &value[strlen(value)-1]; *q == ' ' && q != p; q--);
data/dx-4.4.4/src/misc/utils.c:135:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    newlen = strlen(s);
data/dx-4.4.4/src/misc/utils.c:137:6:  [1] (buffer) strncat:
  Easily used incorrectly (e.g., incorrectly computing the correct maximum
  size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
  or automatically resizing strings.
	    strncat(s, p, len);
data/dx-4.4.4/src/misc/utils.c:142:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    p = malloc(strlen(s) + 1);
data/dx-4.4.4/src/uipp/base/Application.C:582:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int len = strlen(home);
data/dx-4.4.4/src/uipp/base/DXStrings.h:59:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define STRLEN(a)	((a != NULL) ? strlen(a) : 0)
data/dx-4.4.4/src/uipp/base/DXTensor.C:289:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		int cnt = strlen(buf);	
data/dx-4.4.4/src/uipp/base/DXValue.C:576:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(string) >= em_size) {
data/dx-4.4.4/src/uipp/base/DXValue.C:912:10:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
									strcat(p," ");
data/dx-4.4.4/src/uipp/base/DXValue.C:917:7:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
						strcat(p,"}");
data/dx-4.4.4/src/uipp/base/DXValue.C:1091:3:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
		strcat(buf,"0");
data/dx-4.4.4/src/uipp/base/DXValue.C:1097:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	int len = strlen(buf);
data/dx-4.4.4/src/uipp/base/DXValue.C:1210:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy(p,&s[start], len);
data/dx-4.4.4/src/uipp/base/DXValue.C:1451:5:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
    strcpy(value,"[");
data/dx-4.4.4/src/uipp/base/DXValue.C:1459:6:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	    strcat(p," ");
data/dx-4.4.4/src/uipp/base/DXValue.C:1468:6:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	    strcat(p," ");
data/dx-4.4.4/src/uipp/base/DXValue.C:1471:5:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
    strcat(p,"]");
data/dx-4.4.4/src/uipp/base/DXValue.C:1514:6:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
	    strcpy(clamped,"{");
data/dx-4.4.4/src/uipp/base/DXValue.C:1538:3:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
		strcat(p, " ");
data/dx-4.4.4/src/uipp/base/DXValue.C:1551:3:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
		strcat(p,"}");
data/dx-4.4.4/src/uipp/base/DXValue.C:1573:5:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	   strcat(itembuf,"[");
data/dx-4.4.4/src/uipp/base/DXValue.C:1597:3:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
		strcat(valbuf," ");
data/dx-4.4.4/src/uipp/base/DXValue.C:1604:21:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
               	    strcat(itembuf,"]");
data/dx-4.4.4/src/uipp/base/DXValue.C:1724:4:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
   strcpy(newlist,"{"); 
data/dx-4.4.4/src/uipp/base/DXValue.C:1731:2:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	strcat(p," ");	
data/dx-4.4.4/src/uipp/base/DXValue.C:1743:8:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
       strcat(p,"}");
data/dx-4.4.4/src/uipp/base/DXValue.C:1794:4:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
   strcpy(newlist,"{"); 
data/dx-4.4.4/src/uipp/base/DXValue.C:1803:2:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	strcat(p," ");	
data/dx-4.4.4/src/uipp/base/DXValue.C:1810:4:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
   strcat(p," ");
data/dx-4.4.4/src/uipp/base/DXValue.C:1818:5:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
   	strcat(p,"}");
data/dx-4.4.4/src/uipp/base/DXValue.C:1929:4:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
   strcpy(newlist,"{"); 
data/dx-4.4.4/src/uipp/base/DXValue.C:1938:2:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	strcat(p," ");	
data/dx-4.4.4/src/uipp/base/DXValue.C:1944:4:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
   strcat(p," ");
data/dx-4.4.4/src/uipp/base/DXValue.C:1951:5:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
   	strcat(p,"}");
data/dx-4.4.4/src/uipp/base/DragSource.C:289:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	PropModeReplace, (unsigned char *)hostname, strlen(hostname));
data/dx-4.4.4/src/uipp/base/DragSource.C:295:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    PropModeReplace, (unsigned char*)login, strlen(login));
data/dx-4.4.4/src/uipp/base/DropSite.C:297:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	PropModeReplace, (const unsigned char *)tbuf, strlen(tbuf));
data/dx-4.4.4/src/uipp/base/DynamicResource.C:42:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	this->resourceName = new char [1+strlen(resourceName)];
data/dx-4.4.4/src/uipp/base/DynamicResource.C:151:45:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    this->stringRepresentation = new char[1+strlen(value)];
data/dx-4.4.4/src/uipp/base/DynamicResource.C:327:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    full_resource = new char[strlen(comment)];
data/dx-4.4.4/src/uipp/base/DynamicResource.C:328:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    resource_value = new char[strlen(comment)];
data/dx-4.4.4/src/uipp/base/DynamicResource.C:338:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int len = strlen(full_resource);
data/dx-4.4.4/src/uipp/base/DynamicResource.C:350:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char *widgetName = new char[1+strlen(full_resource)];
data/dx-4.4.4/src/uipp/base/DynamicResource.C:406:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	cp = XtName(w); totlen+= 1+strlen(cp);
data/dx-4.4.4/src/uipp/base/DynamicResource.C:418:7:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	os+= strlen(names_of_dest[i]);
data/dx-4.4.4/src/uipp/base/DynamicResource.C:422:6:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
	    strcpy (&newname[os], "."); os++;
data/dx-4.4.4/src/uipp/base/DynamicResource.C:447:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	from.size = 1+strlen((char *)from.addr);
data/dx-4.4.4/src/uipp/base/DynamicResource.C:545:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    dest->resource_name = new char[1+strlen(src->resource_name)];
data/dx-4.4.4/src/uipp/base/DynamicResource.C:547:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    dest->resource_class = new char[1+strlen(src->resource_class)];
data/dx-4.4.4/src/uipp/base/DynamicResource.C:549:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    dest->resource_type = new char[1+strlen(src->resource_type)];
data/dx-4.4.4/src/uipp/base/DynamicResource.C:551:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    dest->default_type = new char[1+strlen(src->default_type)];
data/dx-4.4.4/src/uipp/base/DynamicResource.C:570:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    newlist[i] = new char[1+strlen(newname)];
data/dx-4.4.4/src/uipp/base/FileDialog.C:424:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      memmove(p, &p[3], strlen(&p[3])+1);
data/dx-4.4.4/src/uipp/base/FileDialog.C:431:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          memmove(s, &p1[3], strlen(&p1[3])+1);
data/dx-4.4.4/src/uipp/base/FileDialog.C:434:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      memmove(s, &s[2], strlen(&s[2])+1);
data/dx-4.4.4/src/uipp/base/FileDialog.C:467:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    i = ((*s1 == '/') || (*s1 == '\\') || (strlen(s1)>1 && s1[1] == ':'));
data/dx-4.4.4/src/uipp/base/FileDialog.C:480:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if (mask[strlen(mask)-1] != '\\')
data/dx-4.4.4/src/uipp/base/FileDialog.C:481:6:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	    strcat(mask, "\\");
data/dx-4.4.4/src/uipp/base/FileDialog.C:508:7:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
      strcpy(filter,"*");
data/dx-4.4.4/src/uipp/base/FileDialog.C:509:7:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
      strcat(dir,"/");
data/dx-4.4.4/src/uipp/base/FileDialog.C:518:7:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
      strcat(mask,"/");
data/dx-4.4.4/src/uipp/base/FileDialog.C:521:11:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
          strcpy(buff,"/");
data/dx-4.4.4/src/uipp/base/FileDialog.C:531:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (!s2 || !strlen(s2))
data/dx-4.4.4/src/uipp/base/FileDialog.C:700:3:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
  strcat(dirmask, "*");
data/dx-4.4.4/src/uipp/base/FileDialog.C:764:7:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	os+= strlen(text);
data/dx-4.4.4/src/uipp/base/HelpMenuCommand.C:62:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	char *url = new char[strlen(theIBMApplication->getUIRoot()) + 35];
data/dx-4.4.4/src/uipp/base/HelpWin.C:171:2:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	strcat(helpDirFileName, "/");
data/dx-4.4.4/src/uipp/base/HelpWin.C:179:2:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	strcat(helpDirFileName, "/");
data/dx-4.4.4/src/uipp/base/HelpWin.C:417:6:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
    	strcat(url, "/");
data/dx-4.4.4/src/uipp/base/IBMApplication.C:477:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char *url = new char[strlen(getUIRoot()) + 35];
data/dx-4.4.4/src/uipp/base/IBMApplication.C:826:43:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        helpDir = new char[STRLEN(root) + strlen("/help") + 1];
data/dx-4.4.4/src/uipp/base/IBMApplication.C:838:43:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        htmlDir = new char[STRLEN(root) + strlen("/html") + 1];
data/dx-4.4.4/src/uipp/base/IBMApplication.C:861:6:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	    strcat(tmpDirList, ";");
data/dx-4.4.4/src/uipp/base/IBMApplication.C:868:6:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	    strcat(tmpDirList, ";");
data/dx-4.4.4/src/uipp/base/IBMApplication.C:889:6:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	    strcat(tmpDirList, ";");
data/dx-4.4.4/src/uipp/base/IBMApplication.C:896:6:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	    strcat(tmpDirList, ";");
data/dx-4.4.4/src/uipp/base/IBMApplication.C:918:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!home || !strlen(home)) {
data/dx-4.4.4/src/uipp/base/IBMApplication.C:920:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if (!home || !strlen(home)) {
data/dx-4.4.4/src/uipp/base/IBMApplication.C:986:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int len = strlen(nwn);
data/dx-4.4.4/src/uipp/base/IBMApplication.C:1007:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	cp+= 1+strlen(name);
data/dx-4.4.4/src/uipp/base/IBMApplication.C:1055:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	totlen+= 1+strlen(name);
data/dx-4.4.4/src/uipp/base/IBMApplication.C:1061:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    totlen+= strlen(resource_fmt);
data/dx-4.4.4/src/uipp/base/IBMApplication.C:1069:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	nl_os+= strlen(name);
data/dx-4.4.4/src/uipp/base/License.C:303:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    i = read(child_out[0],auth_msg,AUTH_MSG_LEN);
data/dx-4.4.4/src/uipp/base/License.C:554:5:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
    strcpy(host,"");
data/dx-4.4.4/src/uipp/base/License.C:568:3:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
		strcpy(host,"");
data/dx-4.4.4/src/uipp/base/License.C:597:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy(key,k,27);
data/dx-4.4.4/src/uipp/base/License.C:618:7:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (strlen(key) != 26) {
data/dx-4.4.4/src/uipp/base/License.C:708:5:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
    strcpy(value, "");
data/dx-4.4.4/src/uipp/base/License.C:772:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(buf) != 20)
data/dx-4.4.4/src/uipp/base/License.C:921:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(username) + strlen(userco) < 6) {
data/dx-4.4.4/src/uipp/base/License.C:921:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(username) + strlen(userco) < 6) {
data/dx-4.4.4/src/uipp/base/ListEditor.C:105:9:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	       strcat(p," ");
data/dx-4.4.4/src/uipp/base/ListEditor.C:115:9:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
        strcat(list,"}");
data/dx-4.4.4/src/uipp/base/MainWindow.C:1089:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int len = strlen(tmp);
data/dx-4.4.4/src/uipp/base/SaveFileDialog.C:98:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if (!ext || (strlen(ext) != len))
data/dx-4.4.4/src/uipp/base/StartWebBrowser.C:125:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        sprintf(fname + strlen(fname), "%s.%s", tmpnam(NULL), ".htm");
data/dx-4.4.4/src/uipp/base/StartWebBrowser.C:135:13:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
            strcat(CmdLine, " ");
data/dx-4.4.4/src/uipp/base/Strings.C:119:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	unique = new char[strlen(path) + 12];
data/dx-4.4.4/src/uipp/base/Strings.C:243:15:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
        (void)strcat(path, "/");
data/dx-4.4.4/src/uipp/base/Strings.C:303:9:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
        strcat(path, "/");
data/dx-4.4.4/src/uipp/base/Strings.C:658:8:  [1] (buffer) fgetc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	fputc(fgetc(fpSrc), fpDest);
data/dx-4.4.4/src/uipp/base/TemporaryLicense.C:102:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(hostId) > 8 ||
data/dx-4.4.4/src/uipp/base/TemporaryLicense.C:106:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy(host, hostId+2, 8);
data/dx-4.4.4/src/uipp/base/TemporaryLicense.C:108:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy(host, hostId, 8);
data/dx-4.4.4/src/uipp/base/TemporaryLicense.C:151:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for (i = 0; i < strlen(cryptHost); ++i) {
data/dx-4.4.4/src/uipp/base/TemporaryLicense.C:176:13:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    bread = read(*fid, buff, 256);
data/dx-4.4.4/src/uipp/base/TemporaryLicense.C:179:21:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
            bread = read(*fid, buff, 256);
data/dx-4.4.4/src/uipp/base/TemporaryLicense.C:330:4:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
			strcpy(host,"");
data/dx-4.4.4/src/uipp/base/TemporaryLicense.C:359:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    char *envsetting = new char[strlen(cp) + strlen(key) + 1];
data/dx-4.4.4/src/uipp/base/TemporaryLicense.C:359:47:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    char *envsetting = new char[strlen(cp) + strlen(key) + 1];
data/dx-4.4.4/src/uipp/base/TemporaryLicense.C:363:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    envsetting = new char[strlen(cp) + 1];
data/dx-4.4.4/src/uipp/base/TextSelector.C:654:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	int plen = (cp?strlen(cp):0) + tbrec->length + 1;
data/dx-4.4.4/src/uipp/base/TextSelector.C:733:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int len = strlen(cp);
data/dx-4.4.4/src/uipp/base/TextSelector.C:762:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	int start = strlen(cp);
data/dx-4.4.4/src/uipp/base/TextSelector.C:765:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	int end = strlen(match);
data/dx-4.4.4/src/uipp/base/TransferStyle.C:26:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    this->name = new char[1+strlen(name)];
data/dx-4.4.4/src/uipp/base/TreeView.C:690:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	int len = strlen(cp);
data/dx-4.4.4/src/uipp/base/UIComponent.C:33:66:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define RES_CONVERT(res, str) XtVaTypedArg, res, XmRString, str, strlen(str)+1
data/dx-4.4.4/src/uipp/base/UIComponent.C:256:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for (int j=strlen(this->name)-1; j>=0; j--) {
data/dx-4.4.4/src/uipp/base/WizardDialog.C:130:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (uiroot[strlen(uiroot)-1] == FILE_SEPARATOR)
data/dx-4.4.4/src/uipp/base/XmUtility.h:19:66:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define RES_CONVERT(res, str) XtVaTypedArg, res, XmRString, str, strlen(str)+1
data/dx-4.4.4/src/uipp/base/help.c:326:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	LinkData = ref + strlen(ref) + 1; 
data/dx-4.4.4/src/uipp/base/help.c:360:11:  [1] (buffer) strncat:
  Easily used incorrectly (e.g., incorrectly computing the correct maximum
  size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
  or automatically resizing strings.
          strncat(tempname,fname,plpos);
data/dx-4.4.4/src/uipp/base/help.c:368:11:  [1] (buffer) strncat:
  Easily used incorrectly (e.g., incorrectly computing the correct maximum
  size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
  or automatically resizing strings.
          strncat(tempname,fname,gpos);
data/dx-4.4.4/src/uipp/base/help.c:720:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if ((tmplength=strlen(tmplate)) > 0)
data/dx-4.4.4/src/uipp/base/help.c:737:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                for (i=0; i<NX && i<strlen(numbuff); i++)
data/dx-4.4.4/src/uipp/base/helpstack.c:92:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  val = (char *) XtMalloc(strlen(value) + 1);
data/dx-4.4.4/src/uipp/base/lex.C:634:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		index = strlen(string);
data/dx-4.4.4/src/uipp/base/parse.c:60:15:  [1] (buffer) fgetc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
 while(((ch = fgetc(*mathfile)) != EOF) && ((ch == ' ') || ch == '\n')) ;
data/dx-4.4.4/src/uipp/base/parse.c:131:3:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
  strcpy(tabBuf, "\0");
data/dx-4.4.4/src/uipp/base/parse.c:132:3:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
  strcpy(link, "\0");
data/dx-4.4.4/src/uipp/base/parse.c:133:3:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
  strcpy(indent, "0");
data/dx-4.4.4/src/uipp/base/parse.c:134:3:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
  strcpy(ascname, "\0");
data/dx-4.4.4/src/uipp/base/parse.c:135:3:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
  strcpy(fascname, "\0");
data/dx-4.4.4/src/uipp/base/parse.c:168:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
               spot->refname = XtMalloc(strlen(buffer) + 1);
data/dx-4.4.4/src/uipp/base/parse.c:174:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                font[strlen(buffer) - TAGLEN] = '\0';
data/dx-4.4.4/src/uipp/base/parse.c:175:17:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
                strncpy(font,buffer+TAGLEN,strlen(buffer) - TAGLEN);
data/dx-4.4.4/src/uipp/base/parse.c:175:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                strncpy(font,buffer+TAGLEN,strlen(buffer) - TAGLEN);
data/dx-4.4.4/src/uipp/base/parse.c:179:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                color[strlen(buffer) - TAGLEN] = '\0';
data/dx-4.4.4/src/uipp/base/parse.c:180:17:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
                strncpy(color,buffer+TAGLEN,strlen(buffer) - TAGLEN);
data/dx-4.4.4/src/uipp/base/parse.c:180:45:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                strncpy(color,buffer+TAGLEN,strlen(buffer) - TAGLEN);
data/dx-4.4.4/src/uipp/base/parse.c:184:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                link[strlen(buffer) - TAGLEN] = '\0';
data/dx-4.4.4/src/uipp/base/parse.c:185:17:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
                strncpy(link,buffer+TAGLEN,strlen(buffer) - TAGLEN);
data/dx-4.4.4/src/uipp/base/parse.c:185:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                strncpy(link,buffer+TAGLEN,strlen(buffer) - TAGLEN);
data/dx-4.4.4/src/uipp/base/parse.c:200:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                psfile[strlen(buffer) - TAGLEN] = '\0';
data/dx-4.4.4/src/uipp/base/parse.c:201:17:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
                strncpy(psfile,buffer+TAGLEN,strlen(buffer) - TAGLEN);
data/dx-4.4.4/src/uipp/base/parse.c:201:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                strncpy(psfile,buffer+TAGLEN,strlen(buffer) - TAGLEN);
data/dx-4.4.4/src/uipp/base/parse.c:229:22:  [1] (buffer) strncat:
  Easily used incorrectly (e.g., incorrectly computing the correct maximum
  size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
  or automatically resizing strings.
                     strncat(ascname,psfile,psBpos);
data/dx-4.4.4/src/uipp/base/parse.c:255:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                            tabBuf[strlen(buffer) - TAGLEN] = '\0';
data/dx-4.4.4/src/uipp/base/parse.c:256:45:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
                                            strncpy(tabBuf,buffer+TAGLEN,strlen(buffer) - TAGLEN);
data/dx-4.4.4/src/uipp/base/parse.c:256:74:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                            strncpy(tabBuf,buffer+TAGLEN,strlen(buffer) - TAGLEN);
data/dx-4.4.4/src/uipp/base/parse.c:258:57:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                            for (i=0; i<strlen(tabBuf); i++)
data/dx-4.4.4/src/uipp/base/parse.c:268:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                        font[strlen(buffer) - TAGLEN] = '\0';
data/dx-4.4.4/src/uipp/base/parse.c:269:41:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
                                        strncpy(font,buffer+TAGLEN,strlen(buffer) - TAGLEN);
data/dx-4.4.4/src/uipp/base/parse.c:269:68:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                        strncpy(font,buffer+TAGLEN,strlen(buffer) - TAGLEN);
data/dx-4.4.4/src/uipp/base/parse.c:321:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                   tabBuf[strlen(buffer) - TAGLEN] = '\0';
data/dx-4.4.4/src/uipp/base/parse.c:322:20:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
                   strncpy(tabBuf,buffer+TAGLEN,strlen(buffer) - TAGLEN);
data/dx-4.4.4/src/uipp/base/parse.c:322:49:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                   strncpy(tabBuf,buffer+TAGLEN,strlen(buffer) - TAGLEN);
data/dx-4.4.4/src/uipp/base/parse.c:324:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                   for (i=0; i<strlen(tabBuf); i++)
data/dx-4.4.4/src/uipp/base/parse.c:334:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                indent[strlen(buffer) - TAGLEN] = '\0';
data/dx-4.4.4/src/uipp/base/parse.c:335:17:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
                strncpy(indent,buffer+TAGLEN,strlen(buffer) - TAGLEN);
data/dx-4.4.4/src/uipp/base/parse.c:335:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                strncpy(indent,buffer+TAGLEN,strlen(buffer) - TAGLEN);
data/dx-4.4.4/src/uipp/base/util.C:18:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    else return strlen(a);
data/dx-4.4.4/src/uipp/dxl/conn.c:248:6:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	n = read(fd, buf, 1024);
data/dx-4.4.4/src/uipp/dxl/conn.c:327:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    n = strlen(string) + 1;
data/dx-4.4.4/src/uipp/dxl/conn.c:329:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(s, string, n);
data/dx-4.4.4/src/uipp/dxl/conn.c:390:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	    int n = read(err,buf,2048);
data/dx-4.4.4/src/uipp/dxl/conn.c:684:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	        if ( strncmp (ep[i], "PATH=", strlen("PATH=")) == 0 ||
data/dx-4.4.4/src/uipp/dxl/conn.c:685:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		         strncmp (ep[i], "PATH =", strlen("PATH =")) == 0) 
data/dx-4.4.4/src/uipp/dxl/conn.c:730:3:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
		strcat (s, "/");
data/dx-4.4.4/src/uipp/dxl/conn.c:810:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		if (!strncmp(ep[i], eignore[j], strlen(eignore[j])))
data/dx-4.4.4/src/uipp/dxl/conn.c:818:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    if ((strncmp(ep[i],"DISPLAY=unix:",strlen("DISPLAY=unix:"))==0 ||
data/dx-4.4.4/src/uipp/dxl/conn.c:819:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		 strncmp(ep[i],"DISPLAY=:",    strlen("DISPLAY=:")) == 0) &&
data/dx-4.4.4/src/uipp/dxl/conn.c:981:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        for (i=0;i<strlen(exename);i++)
data/dx-4.4.4/src/uipp/dxl/conn.c:988:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            ptr = &args[strlen(args)+1];
data/dx-4.4.4/src/uipp/dxl/conn.c:996:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            ptr = &args[strlen(args)+1];
data/dx-4.4.4/src/uipp/dxl/conn.c:1004:17:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
                strcat(ptr, " ");
data/dx-4.4.4/src/uipp/dxl/conn.c:1008:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        ptr[strlen(ptr)+1]='\0';
data/dx-4.4.4/src/uipp/dxl/conn.c:1009:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        cmd[strlen(cmd)+1]='\0';
data/dx-4.4.4/src/uipp/dxl/conn.c:1074:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for (i=0;i<strlen(exename);i++)
data/dx-4.4.4/src/uipp/dxl/conn.c:1086:2:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
	strcpy(cmd, "");
data/dx-4.4.4/src/uipp/dxl/conn.c:1091:6:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	    strcat(cmd, " ");
data/dx-4.4.4/src/uipp/dxl/conn.c:1101:6:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	    strcat(cmd, " ");
data/dx-4.4.4/src/uipp/dxl/execute.c:109:9:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	       strcat(namestr, ",");
data/dx-4.4.4/src/uipp/dxl/handlers.c:39:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	he->operandLength = strlen(str);
data/dx-4.4.4/src/uipp/dxl/load.c:23:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int l = strlen(file);
data/dx-4.4.4/src/uipp/dxl/load.c:36:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int l = strlen(dir);
data/dx-4.4.4/src/uipp/dxl/open.c:68:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int l = strlen(file);
data/dx-4.4.4/src/uipp/dxl/open.c:102:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int l = strlen(file);
data/dx-4.4.4/src/uipp/dxl/open.c:142:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int l = strlen(file);
data/dx-4.4.4/src/uipp/dxl/query.c:69:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int l = strlen(varname);
data/dx-4.4.4/src/uipp/dxl/query.c:90:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int l = strlen(macro) + strlen(module);
data/dx-4.4.4/src/uipp/dxl/query.c:90:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int l = strlen(macro) + strlen(module);
data/dx-4.4.4/src/uipp/dxl/query.c:152:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int l = strlen(macro) + strlen(module);
data/dx-4.4.4/src/uipp/dxl/query.c:152:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int l = strlen(macro) + strlen(module);
data/dx-4.4.4/src/uipp/dxl/save.c:23:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int l = strlen(file);
data/dx-4.4.4/src/uipp/dxl/send.c:63:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
#define read(a,b,c) _dxl_os2_recv(a,b,c,0)
data/dx-4.4.4/src/uipp/dxl/send.c:79:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define STRLEN(A) (A ? strlen(A) : 0)
data/dx-4.4.4/src/uipp/dxl/send.c:122:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        msgsize = strlen(msg) + 1;
data/dx-4.4.4/src/uipp/dxl/send.c:328:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(result, event.contents, length);
data/dx-4.4.4/src/uipp/dxl/send.c:808:21:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
            nread = read(conn->fd, buffer+nRemaining, 1024);
data/dx-4.4.4/src/uipp/dxl/send.c:810:21:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
            nread = read(conn->fd, buffer, 1024);
data/dx-4.4.4/src/uipp/dxl/send.c:863:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
		strncpy(conn->leftOver, start, nRemaining);
data/dx-4.4.4/src/uipp/dxl/send.c:886:6:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	    strncpy(msgbuf, start+len, nbytes + 2);
data/dx-4.4.4/src/uipp/dxl/send.c:977:5:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
    strcpy(newString, "$");
data/dx-4.4.4/src/uipp/dxl/socket.c:92:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    return strlen(s);
data/dx-4.4.4/src/uipp/dxl/socket.c:195:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
				      strlen(userver.sun_path)) >= 0)
data/dx-4.4.4/src/uipp/dxl/value.c:154:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	char *buffer = MALLOC(strlen(var)+ strlen(value) +
data/dx-4.4.4/src/uipp/dxl/value.c:154:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	char *buffer = MALLOC(strlen(var)+ strlen(value) +
data/dx-4.4.4/src/uipp/dxl/value.c:155:5:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
				strlen("set receiver %s = %s"));
data/dx-4.4.4/src/uipp/dxl/value.c:163:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	char *name = MALLOC(strlen(var) + 3);
data/dx-4.4.4/src/uipp/dxl/value.c:178:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char *buffer = MALLOC(strlen(var)+ strlen(value) + 16);
data/dx-4.4.4/src/uipp/dxl/value.c:178:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char *buffer = MALLOC(strlen(var)+ strlen(value) + 16);
data/dx-4.4.4/src/uipp/dxl/value.c:213:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int r, l = strlen(value) + 3; 
data/dx-4.4.4/src/uipp/dxl/value.c:227:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int l = strlen(macro) + strlen(module);
data/dx-4.4.4/src/uipp/dxl/value.c:227:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int l = strlen(macro) + strlen(module);
data/dx-4.4.4/src/uipp/dxl/value.c:261:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int r, l = strlen(value) + 3; 
data/dx-4.4.4/src/uipp/dxl/value.c:275:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int l = strlen(macro) + strlen(module);
data/dx-4.4.4/src/uipp/dxl/value.c:275:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int l = strlen(macro) + strlen(module);
data/dx-4.4.4/src/uipp/dxl/value.c:309:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int r, l = strlen(value) + 3; 
data/dx-4.4.4/src/uipp/dxui/ColormapNode.C:1334:2:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	strcat(p,"}");
data/dx-4.4.4/src/uipp/dxui/DXLInputNode.C:160:65:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    boolean change_label = EqualSubstring (cur_label, matchstr, strlen(matchstr));
data/dx-4.4.4/src/uipp/dxui/DXLInputNode.C:162:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	char *new_label = new char [2+strlen(cur_label)];
data/dx-4.4.4/src/uipp/dxui/DisplayNode.C:440:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	retbuf = new char[strlen(buf1) + strlen(buf2) + 2];
data/dx-4.4.4/src/uipp/dxui/DisplayNode.C:440:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	retbuf = new char[strlen(buf1) + strlen(buf2) + 2];
data/dx-4.4.4/src/uipp/dxui/FileSelectorNode.C:97:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	for (int i=0; i<strlen(localValue); i++) 
data/dx-4.4.4/src/uipp/dxui/FileSelectorNode.C:109:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	for (int i=0; i<strlen(basename); i++) {
data/dx-4.4.4/src/uipp/dxui/FileSelectorNode.C:136:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	for (int i=0; i<strlen(basename); i++) {
data/dx-4.4.4/src/uipp/dxui/ImageNode.C:1370:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	} else if (EqualSubstring(comment,cp,strlen(cp))) {
data/dx-4.4.4/src/uipp/dxui/ImageNode.C:1400:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (*p && !strncmp(p, str, strlen(str))) 			\
data/dx-4.4.4/src/uipp/dxui/ImageNode.C:1402:7:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	p += strlen(str);					\
data/dx-4.4.4/src/uipp/dxui/ImageNode.C:1415:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (*p && !strncmp(p, str, strlen(str)))                  	\
data/dx-4.4.4/src/uipp/dxui/ImageNode.C:1417:7:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	p += strlen(str);                                       \
data/dx-4.4.4/src/uipp/dxui/ImageNode.C:1435:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    argbuf = new char [1 + strlen(line) ];
data/dx-4.4.4/src/uipp/dxui/ImageNode.C:1858:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		if (tmpbuf[strlen(tmpbuf)-1] == '\"') tmpbuf[strlen(tmpbuf)-1] = '\0';
data/dx-4.4.4/src/uipp/dxui/ImageNode.C:1858:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		if (tmpbuf[strlen(tmpbuf)-1] == '\"') tmpbuf[strlen(tmpbuf)-1] = '\0';
data/dx-4.4.4/src/uipp/dxui/Interactor.C:256:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if ((!filtered)||(!filtered[0])||(!strlen(filtered))) {
data/dx-4.4.4/src/uipp/dxui/InteractorNode.C:1221:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int l = strlen(value);
data/dx-4.4.4/src/uipp/dxui/InteractorNode.C:1232:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    l = strlen(value);
data/dx-4.4.4/src/uipp/dxui/MacroDefinition.C:390:8:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		p += strlen("visible:");
data/dx-4.4.4/src/uipp/dxui/MacroDefinition.C:477:8:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		p += strlen("visible:");
data/dx-4.4.4/src/uipp/dxui/MacroDefinition.C:688:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    if (strlen(srch_string2)>0) {
data/dx-4.4.4/src/uipp/dxui/MacroDefinition.C:689:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		char c = srch_string2[strlen(srch_string2)-1];
data/dx-4.4.4/src/uipp/dxui/MacroDefinition.C:691:7:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
		    strcat(srch_string2, "/");                   
data/dx-4.4.4/src/uipp/dxui/MacroDefinition.C:703:7:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
		    strcat(path, "/");
data/dx-4.4.4/src/uipp/dxui/MacroParameterNode.C:935:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int buflen = strlen(buf);
data/dx-4.4.4/src/uipp/dxui/MacroParameterNode.C:941:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	const char *end = &current_name[strlen(current_name)];
data/dx-4.4.4/src/uipp/dxui/Node.C:932:5:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
    strcat(p,";");
data/dx-4.4.4/src/uipp/dxui/Node.C:1006:2:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	strcat(c,";");
data/dx-4.4.4/src/uipp/dxui/Node.C:1049:6:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	    strcat(s,"\n"); 
data/dx-4.4.4/src/uipp/dxui/Node.C:1072:6:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	    strcat(s,"\n"); 
data/dx-4.4.4/src/uipp/dxui/Node.C:1215:2:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	strcat(s, ";");
data/dx-4.4.4/src/uipp/dxui/ParameterDefinition.C:302:2:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	strcat(p,"]");
data/dx-4.4.4/src/uipp/dxui/PickNode.C:111:3:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
		strcpy(newValue, "{");
data/dx-4.4.4/src/uipp/dxui/PickNode.C:113:3:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
		strcat(newValue, "}");
data/dx-4.4.4/src/uipp/dxui/PickNode.C:123:3:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
		strcat(newValue, ",");
data/dx-4.4.4/src/uipp/dxui/PickNode.C:125:3:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
		strcat(newValue, "}");
data/dx-4.4.4/src/uipp/dxui/PickNode.C:133:3:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
		strcpy (newValue, "{");
data/dx-4.4.4/src/uipp/dxui/PickNode.C:141:4:  [1] (buffer) strncat:
  Easily used incorrectly (e.g., incorrectly computing the correct maximum
  size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
  or automatically resizing strings.
			strncat(newValue, term, termLen);
data/dx-4.4.4/src/uipp/dxui/PickNode.C:142:4:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
			strcat(newValue, ",");
data/dx-4.4.4/src/uipp/dxui/PickNode.C:148:4:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
			strcat(newValue, ",");
data/dx-4.4.4/src/uipp/dxui/PickNode.C:152:4:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
			strcat(newValue, "}");
data/dx-4.4.4/src/uipp/dxui/ScalarListInteractor.C:479:3:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
		strcat(p, "[");
data/dx-4.4.4/src/uipp/dxui/ScalarListInteractor.C:489:21:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
		if (n_tuples > 1) strcat(p," ");
data/dx-4.4.4/src/uipp/dxui/ScalarListInteractor.C:492:3:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
		strcat(p, "]");
data/dx-4.4.4/src/uipp/dxui/ScalarListInteractor.C:494:9:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	       strcat(p," ");
data/dx-4.4.4/src/uipp/dxui/ScalarListInteractor.C:498:2:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	strcat(p,"}");
data/dx-4.4.4/src/uipp/dxui/ScalarListNode.C:285:5:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
    strcat(v,"}");
data/dx-4.4.4/src/uipp/dxui/SelectionNode.C:771:2:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
	strcpy(p,"}");
data/dx-4.4.4/src/uipp/dxui/SelectionNode.C:945:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    for (k=strlen(optvalue)-1; k>=0; k--)
data/dx-4.4.4/src/uipp/dxui/SequencerNode.C:265:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (EqualSubstring (comment, substr, strlen(substr))) {
data/dx-4.4.4/src/uipp/dxui/ToggleNode.C:506:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	for (k=strlen(optvalue)-1; k>=0; k--)
data/dx-4.4.4/src/uipp/dxuilib/AnnotationGroupManager.C:52:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!EqualSubstring(cp, comment,strlen(cp)))
data/dx-4.4.4/src/uipp/dxuilib/ApplicIF.C:157:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    this->sendPacket(type, 0, data, strlen(data));
data/dx-4.4.4/src/uipp/dxuilib/AutoAxesDialog.C:2290:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		int len = strlen(nextColor);
data/dx-4.4.4/src/uipp/dxuilib/AutoAxesDialog.C:2830:2:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	strcat(value, "{");
data/dx-4.4.4/src/uipp/dxuilib/AutoAxesDialog.C:2831:2:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	strcat(colors, "{");
data/dx-4.4.4/src/uipp/dxuilib/AutoAxesDialog.C:2842:6:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	    strcat(colors, "\"");
data/dx-4.4.4/src/uipp/dxuilib/AutoAxesDialog.C:2844:6:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	    strcat(colors, "\"");
data/dx-4.4.4/src/uipp/dxuilib/AutoAxesDialog.C:2853:3:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
		strcat(value, ",");
data/dx-4.4.4/src/uipp/dxuilib/AutoAxesDialog.C:2854:3:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
		strcat(colors, ",");
data/dx-4.4.4/src/uipp/dxuilib/AutoAxesDialog.C:2857:6:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	    strcat(colors, "\"");
data/dx-4.4.4/src/uipp/dxuilib/AutoAxesDialog.C:2859:6:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	    strcat(colors, "\"");
data/dx-4.4.4/src/uipp/dxuilib/AutoAxesDialog.C:2868:3:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
		strcat(value, ",");
data/dx-4.4.4/src/uipp/dxuilib/AutoAxesDialog.C:2869:3:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
		strcat(colors, ",");
data/dx-4.4.4/src/uipp/dxuilib/AutoAxesDialog.C:2872:6:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	    strcat(colors, "\"");
data/dx-4.4.4/src/uipp/dxuilib/AutoAxesDialog.C:2874:6:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	    strcat(colors, "\"");
data/dx-4.4.4/src/uipp/dxuilib/AutoAxesDialog.C:2883:3:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
		strcat(value, ",");
data/dx-4.4.4/src/uipp/dxuilib/AutoAxesDialog.C:2884:3:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
		strcat(colors, ",");
data/dx-4.4.4/src/uipp/dxuilib/AutoAxesDialog.C:2887:6:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	    strcat(colors, "\"");
data/dx-4.4.4/src/uipp/dxuilib/AutoAxesDialog.C:2889:6:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	    strcat(colors, "\""); first = FALSE;
data/dx-4.4.4/src/uipp/dxuilib/AutoAxesDialog.C:2894:6:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	    strcat(value, "}");
data/dx-4.4.4/src/uipp/dxuilib/AutoAxesDialog.C:2895:6:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	    strcat(colors, "}");
data/dx-4.4.4/src/uipp/dxuilib/BuildIFDict.C:43:5:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
    strcpy (keystr, "A");
data/dx-4.4.4/src/uipp/dxuilib/CommentStyle.C:44:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int len = strlen(text);
data/dx-4.4.4/src/uipp/dxuilib/CommentStyle.C:90:62:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if (fprintf (f, "    // annotation %s: %ld\n", begin_stmnt, strlen(cp)) < 0)
data/dx-4.4.4/src/uipp/dxuilib/ConfigurationDialog.C:2181:49:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    ConfigurationDialog::HelpText = new char[1+strlen(nosup)];
data/dx-4.4.4/src/uipp/dxuilib/ConfigurationDialog.C:2194:49:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    ConfigurationDialog::HelpText = new char[1+strlen(nosup)];
data/dx-4.4.4/src/uipp/dxuilib/ControlPanel.C:1965:2:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	strcat(this->comment, "\n");
data/dx-4.4.4/src/uipp/dxuilib/ControlPanelWorkSpace.C:330:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    l = strlen(name);
data/dx-4.4.4/src/uipp/dxuilib/DXAnchorWindow.C:620:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char *tmpstr = new char[1+strlen(c)];
data/dx-4.4.4/src/uipp/dxuilib/DXAnchorWindow.C:783:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	char *tmpmsg = new char[strlen(msg) + 1]; strcpy (tmpmsg, msg);
data/dx-4.4.4/src/uipp/dxuilib/DXAnchorWindow.C:784:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	char *tmpfont = new char[strlen(font) + 1]; strcpy (tmpfont, font);
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:132:10:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
#define  read _read
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:2082:2:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	strcat(s, "/");
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:2122:2:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	strcat(s, "/");
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:2268:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			from.size = strlen((char*)from.addr);
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:2629:4:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
			strcat(this->serverInfo.executiveFlags, " ");
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:3113:7:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	    	strcat(args, "\"");
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:3115:7:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	    	strcat(args, "\"");
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:3145:6:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	    strcat(args, " ");
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:3221:2:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
	strcpy(name, "\0");
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:4707:4:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
			strcat(msg,"\t");
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:4713:4:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
			strcat(msg,"\n");
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:4982:3:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
		strcat(msg,"\t");
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:4988:3:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
		strcat(msg,"\n");
data/dx-4.4.4/src/uipp/dxuilib/DXApplication.C:5179:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int len = strlen(dx);
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:47:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
#define	read	LocalRead
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:356:17:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
                strcat (s, "/");
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:591:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        ptr = &cmd[strlen(cmd)+1];
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:592:9:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
        strcpy(ptr,"");
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:596:13:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
            strcat(ptr," ");
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:599:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        ptr[strlen(ptr)+1]='\0';
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:654:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for (i=0;i<strlen(exename);i++)
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:663:9:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
        strcpy(cmd, "");
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:668:13:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
            strcat(cmd, " ");
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:676:13:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
            strcat(cmd, " ");
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:905:16:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if ((sts = read(*socket, buffer, 1000)) < 0) {
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:950:16:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if ((sts = read(*socket, buffer, 1000)) < 0) {
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:982:16:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if ((sts = read(*socket, buffer, 1000)) < 0) {
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:1016:16:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if ((sts = read(*socket, buffer, 1000)) < 0) {
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:1430:19:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
            sts = read(this->err, rdbuffer, BUFSIZ);
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:1500:19:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
            sts = read(this->out, rdbuffer, BUFSIZ);
data/dx-4.4.4/src/uipp/dxuilib/DXChild.C:1548:37:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    while (this->err >= 0 && (sts = read (this->err, rdbuffer, BUFSIZ)) > 0) {
data/dx-4.4.4/src/uipp/dxuilib/DXDropSite.C:92:6:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
	if (mismatch) return FALSE;
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:405:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char *buf = new char[strlen(c)+1];
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:424:8:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	len = strlen(e);
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:485:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char *buf = new char[strlen(c)+1];
data/dx-4.4.4/src/uipp/dxuilib/DXLinkHandler.C:544:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char *buf = new char[strlen(c)+1];
data/dx-4.4.4/src/uipp/dxuilib/DXPacketIF.C:147:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		char *c = s + strlen("MSGERRUP");
data/dx-4.4.4/src/uipp/dxuilib/DXWindow.C:232:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	from.size = 1+strlen(from.addr);
data/dx-4.4.4/src/uipp/dxuilib/DXWindow.C:695:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int len = strlen(fname);
data/dx-4.4.4/src/uipp/dxuilib/DXWindow.C:708:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen(file);
data/dx-4.4.4/src/uipp/dxuilib/Decorator.C:511:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int len = strlen(str);
data/dx-4.4.4/src/uipp/dxuilib/Decorator.C:554:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		int bytes_per_color = strlen(clr) / 3;
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:4966:3:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
		strcat(p,"\n");	// 4 tool names per line of text.
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:5935:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	del_buf, strlen((char*)del_buf));
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:6181:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    del_buf, strlen((char*)del_buf));
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:6221:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	*length = strlen(editor->copiedNet);
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:6227:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		(unsigned char*)editor->copiedCfg, strlen(editor->copiedCfg));
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:7178:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	jxmacros=(char*)malloc(strlen(uiroot)+strlen(macros)+2);
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:7178:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	jxmacros=(char*)malloc(strlen(uiroot)+strlen(macros)+2);
data/dx-4.4.4/src/uipp/dxuilib/EditorWindow.C:7540:2:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	strcat (button_label, " ");
data/dx-4.4.4/src/uipp/dxuilib/FileSelectorInstance.C:36:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    cf = (char *) malloc ((strlen(filter) +1)*sizeof(char));
data/dx-4.4.4/src/uipp/dxuilib/FileSelectorInstance.C:38:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for(i=0; i<strlen(cf); i++)
data/dx-4.4.4/src/uipp/dxuilib/GroupedObject.C:122:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if (EqualSubstring (buf, comment, strlen(buf))) {
data/dx-4.4.4/src/uipp/dxuilib/ImageFormatDialog.C:529:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	string_to_use[strlen(string_to_use)-1] = '\0';
data/dx-4.4.4/src/uipp/dxuilib/ImageFormatDialog.C:692:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    if (EqualSubstring (fmt_name, cp, strlen(cp))) {
data/dx-4.4.4/src/uipp/dxuilib/ImageFormatDialog.C:729:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    cp+= strlen(matchstr);
data/dx-4.4.4/src/uipp/dxuilib/ImageFormatDialog.C:746:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    cp+= strlen(matchstr);
data/dx-4.4.4/src/uipp/dxuilib/ImageFormatREX.C:60:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char *file_to_delete = new char[strlen(fname) + 8];
data/dx-4.4.4/src/uipp/dxuilib/ImageFormatRGB.C:59:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char *file_to_delete = new char[strlen(fname) + 8];
data/dx-4.4.4/src/uipp/dxuilib/ImageFormatYUV.C:60:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char *file_to_delete = new char[strlen(fname) + 8];
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:879:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		buflen = strlen(buffer);
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:885:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    len = strlen(tmpbuf);
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:983:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    return strlen(sval);
data/dx-4.4.4/src/uipp/dxuilib/ImageNodeUtils.C:1283:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		int length = strlen(mac[i]);
data/dx-4.4.4/src/uipp/dxuilib/InteractorInstance.C:422:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int len = strlen(str);
data/dx-4.4.4/src/uipp/dxuilib/InteractorInstance.C:454:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	this->java_var_name = new char[strlen(name_string) + strlen(var_part) + 16];
data/dx-4.4.4/src/uipp/dxuilib/InteractorInstance.C:454:55:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	this->java_var_name = new char[strlen(name_string) + strlen(var_part) + 16];
data/dx-4.4.4/src/uipp/dxuilib/JavaNet.C:142:43:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!IsBlankString(pathn)) path_len = strlen(pathn);
data/dx-4.4.4/src/uipp/dxuilib/JavaNet.C:241:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	msglen+= strlen(tbuf);
data/dx-4.4.4/src/uipp/dxuilib/JavaNet.C:247:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    msglen+= strlen(tbuf);
data/dx-4.4.4/src/uipp/dxuilib/JavaNet.C:401:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		int len = strlen(head);
data/dx-4.4.4/src/uipp/dxuilib/JavaNet.C:715:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if (pathn) len = strlen(pathn);
data/dx-4.4.4/src/uipp/dxuilib/JavaNet.C:716:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	char *fname = new char[len + strlen(this->base_name) + 4];
data/dx-4.4.4/src/uipp/dxuilib/LabelDecorator.C:486:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int len = strlen(filtered);
data/dx-4.4.4/src/uipp/dxuilib/LabelDecorator.C:621:8:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		os+= strlen(text);
data/dx-4.4.4/src/uipp/dxuilib/LabelDecorator.C:664:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int len = strlen(oldBuf);
data/dx-4.4.4/src/uipp/dxuilib/LabelDecorator.C:767:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    *length = strlen(cp);
data/dx-4.4.4/src/uipp/dxuilib/LabelDecorator.C:784:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    len = strlen(hostname);
data/dx-4.4.4/src/uipp/dxuilib/LabelDecorator.C:788:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    *length = strlen(hostname);
data/dx-4.4.4/src/uipp/dxuilib/LabelDecorator.C:1042:7:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	os+= strlen(text);
data/dx-4.4.4/src/uipp/dxuilib/MsgWin.C:550:6:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
					strncpy(modName, o, colon - o);
data/dx-4.4.4/src/uipp/dxuilib/MsgWin.C:562:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
						strncpy(p, modName, colon-o);
data/dx-4.4.4/src/uipp/dxuilib/Network.C:899:8:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
       strcat(this->prefix,"_");
data/dx-4.4.4/src/uipp/dxuilib/Network.C:2063:2:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	strcat(this->comment, "\n");
data/dx-4.4.4/src/uipp/dxuilib/Network.C:3089:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    ASSERT((flen + len + 1) > strlen(file));
data/dx-4.4.4/src/uipp/dxuilib/Network.C:3205:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            char *buf = new char [strlen("savednet ") +
data/dx-4.4.4/src/uipp/dxuilib/Network.C:3206:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                        strlen(this->fileName) + 1];
data/dx-4.4.4/src/uipp/dxuilib/Network.C:3831:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
						int slen = strlen(s);
data/dx-4.4.4/src/uipp/dxuilib/Network.C:3835:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
							slen+= strlen(options[i]) + 3;
data/dx-4.4.4/src/uipp/dxuilib/Network.C:5734:9:  [1] (buffer) fgetc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    if (fgetc(f) != '/') {
data/dx-4.4.4/src/uipp/dxuilib/Network.C:6224:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			if (EqualSubstring (buf, comment, strlen(buf))) {
data/dx-4.4.4/src/uipp/dxuilib/Network.C:6591:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	offs = strlen(msg);
data/dx-4.4.4/src/uipp/dxuilib/Network.C:6611:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    offs+= strlen(tbuf);
data/dx-4.4.4/src/uipp/dxuilib/PacketIF.C:156:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
#define read( a, b, c ) UxRecv( a, b, c, 0 )
data/dx-4.4.4/src/uipp/dxuilib/PacketIF.C:161:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
#define read( a, b, c ) UxRecv( a, b, c, 0 )
data/dx-4.4.4/src/uipp/dxuilib/PacketIF.C:286:4:  [1] (buffer) strncat:
  Easily used incorrectly (e.g., incorrectly computing the correct maximum
  size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
  or automatically resizing strings.
			strncat(echo_string, data, length);
data/dx-4.4.4/src/uipp/dxuilib/PacketIF.C:821:2:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
	strcpy(newString, "$");
data/dx-4.4.4/src/uipp/dxuilib/PacketIF.C:823:2:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	strcat(newString, "\n");
data/dx-4.4.4/src/uipp/dxuilib/PacketIF.C:843:3:  [1] (buffer) strncat:
  Easily used incorrectly (e.g., incorrectly computing the correct maximum
  size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
  or automatically resizing strings.
		strncat(echo_string, newString, length);
data/dx-4.4.4/src/uipp/dxuilib/PacketIF.C:905:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	token = new char[strlen(this->line)+1];
data/dx-4.4.4/src/uipp/dxuilib/PacketIF.C:1086:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
				int len = strlen(str);
data/dx-4.4.4/src/uipp/dxuilib/PacketIF.C:1156:12:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
		buflen = read(this->socket, buffer, 4096);
data/dx-4.4.4/src/uipp/dxuilib/PacketIF.C:1666:3:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		strlen (userver.sun_path);
data/dx-4.4.4/src/uipp/dxuilib/PacketIF.C:1668:13:  [1] (access) umask:
  Ensure that umask is given most restrictive possible setting (e.g., 066 or
  077) (CWE-732).
	oldUmask = umask(0);
data/dx-4.4.4/src/uipp/dxuilib/PacketIF.C:1671:2:  [1] (access) umask:
  Ensure that umask is given most restrictive possible setting (e.g., 066 or
  077) (CWE-732).
	umask(oldUmask);
data/dx-4.4.4/src/uipp/dxuilib/PageGroupManager.C:59:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!EqualSubstring(cp, comment,strlen(cp)))
data/dx-4.4.4/src/uipp/dxuilib/PageSelector.C:735:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		(XmTextPosition)0, (XmTextPosition)strlen(str), stamp);
data/dx-4.4.4/src/uipp/dxuilib/PageTab.C:250:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		*length = strlen(cp);
data/dx-4.4.4/src/uipp/dxuilib/PageTab.C:261:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    *length = strlen(cp);
data/dx-4.4.4/src/uipp/dxuilib/ParameterCDB.C:543:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    len+= strlen(tbuf);
data/dx-4.4.4/src/uipp/dxuilib/ParameterCDB.C:659:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    int buflen = strlen(buf);		
data/dx-4.4.4/src/uipp/dxuilib/ParameterCDB.C:750:3:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
		strcpy(newValue, "(");
data/dx-4.4.4/src/uipp/dxuilib/ParameterCDB.C:752:3:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
		strcat(newValue, ")");
data/dx-4.4.4/src/uipp/dxuilib/ParseMDF.C:538:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for (i=0; i<strlen(substring); i++)
data/dx-4.4.4/src/uipp/dxuilib/PostScriptImageFormat.C:502:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    cp+= strlen(matchstr);
data/dx-4.4.4/src/uipp/dxuilib/PostScriptImageFormat.C:599:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    cp+= strlen(matchstr);
data/dx-4.4.4/src/uipp/dxuilib/PostScriptImageFormat.C:630:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		int len = strlen(ori);
data/dx-4.4.4/src/uipp/dxuilib/PostScriptImageFormat.C:660:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    cp+= strlen(matchstr);
data/dx-4.4.4/src/uipp/dxuilib/PostScriptImageFormat.C:1068:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    totlen = strlen (cp);
data/dx-4.4.4/src/uipp/dxuilib/PostScriptImageFormat.C:1074:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	totlen+= strlen(tbuf);
data/dx-4.4.4/src/uipp/dxuilib/PostScriptImageFormat.C:1081:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	totlen+= strlen(tbuf);
data/dx-4.4.4/src/uipp/dxuilib/PostScriptImageFormat.C:1095:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	totlen+= strlen(tbuf);
data/dx-4.4.4/src/uipp/dxuilib/PostScriptImageFormat.C:1104:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    totlen+= strlen(tbuf);
data/dx-4.4.4/src/uipp/dxuilib/PostScriptImageFormat.C:1113:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	totlen+= strlen(tbuf);
data/dx-4.4.4/src/uipp/dxuilib/PrintProgramDialog.C:323:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	for (int j=0; j<strlen(filename); j++) {
data/dx-4.4.4/src/uipp/dxuilib/ProcessGroupManager.C:366:6:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
					strcat(grouplist, ",");
data/dx-4.4.4/src/uipp/dxuilib/ProcessGroupManager.C:369:6:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
					strcat(grouplist, "\"");	
data/dx-4.4.4/src/uipp/dxuilib/ProcessGroupManager.C:374:6:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
					strcat(grouplist, "\"");	
data/dx-4.4.4/src/uipp/dxuilib/ProcessGroupManager.C:504:21:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
                    strcat(grouplist, ",");
data/dx-4.4.4/src/uipp/dxuilib/ProcessGroupManager.C:734:21:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
                    strcat(grouplist, ",");
data/dx-4.4.4/src/uipp/dxuilib/ProcessGroupOptionsDialog.C:83:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(newS, s, cs->startPos);
data/dx-4.4.4/src/uipp/dxuilib/ProcessGroupOptionsDialog.C:86:2:  [1] (buffer) strncat:
  Easily used incorrectly (e.g., incorrectly computing the correct maximum
  size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
  or automatically resizing strings.
	strncat(newS, cs->text->ptr, cs->text->length);
data/dx-4.4.4/src/uipp/dxuilib/ProcessGroupOptionsDialog.C:131:6:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	    strcat(args, " ");
data/dx-4.4.4/src/uipp/dxuilib/ProcessGroupOptionsDialog.C:137:7:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	    	strcat(args, "\"");
data/dx-4.4.4/src/uipp/dxuilib/ProcessGroupOptionsDialog.C:139:7:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	    	strcat(args, "\"");
data/dx-4.4.4/src/uipp/dxuilib/ProcessGroupOptionsDialog.C:143:6:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	    strcat(args, " ");
data/dx-4.4.4/src/uipp/dxuilib/ProcessGroupOptionsDialog.C:149:6:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	    strcat(args, " ");
data/dx-4.4.4/src/uipp/dxuilib/ProcessGroupOptionsDialog.C:389:2:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	strcat(other, " ");
data/dx-4.4.4/src/uipp/dxuilib/QueuedPackets.C:15:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	this->length = strlen(data);
data/dx-4.4.4/src/uipp/dxuilib/QueuedPackets.C:21:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy (this->data, data, this->length);
data/dx-4.4.4/src/uipp/dxuilib/ResourceManager.C:156:7:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	os+= strlen(str);
data/dx-4.4.4/src/uipp/dxuilib/ResourceManager.C:239:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    int spec_len = strlen(spec);
data/dx-4.4.4/src/uipp/dxuilib/ResourceManager.C:250:4:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
			strncpy (buf, &spec[si], len);
data/dx-4.4.4/src/uipp/dxuilib/SaveImageDialog.C:204:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	full_filename = new char[strlen(fname) + strlen(ext) + 1];
data/dx-4.4.4/src/uipp/dxuilib/SaveImageDialog.C:204:43:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	full_filename = new char[strlen(fname) + strlen(ext) + 1];
data/dx-4.4.4/src/uipp/dxuilib/SaveImageDialog.C:207:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	int quote_spot = strlen(full_filename) - 1;
data/dx-4.4.4/src/uipp/dxuilib/SaveImageDialog.C:382:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	for(int i=0; i<strlen(cp); i++)
data/dx-4.4.4/src/uipp/dxuilib/ScalarInstance.C:129:9:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
        strcpy(s,"");
data/dx-4.4.4/src/uipp/dxuilib/ScalarInstance.C:142:9:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
        strcat(s, " ");
data/dx-4.4.4/src/uipp/dxuilib/ScalarInstance.C:146:9:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
        strcat(s,"]");
data/dx-4.4.4/src/uipp/dxuilib/SelectionAttrDialog.C:346:6:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	    strcat(strlist,"\""); strcat(strlist,label); strcat(strlist,"\""); 
data/dx-4.4.4/src/uipp/dxuilib/SelectionAttrDialog.C:346:51:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	    strcat(strlist,"\""); strcat(strlist,label); strcat(strlist,"\""); 
data/dx-4.4.4/src/uipp/dxuilib/SelectionAttrDialog.C:351:9:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	       strcat(strlist," ");
data/dx-4.4.4/src/uipp/dxuilib/SelectionAttrDialog.C:352:9:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	       strcat(vallist," ");
data/dx-4.4.4/src/uipp/dxuilib/SelectionAttrDialog.C:356:2:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	strcat(vallist,"}");
data/dx-4.4.4/src/uipp/dxuilib/SelectionAttrDialog.C:357:2:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	strcat(strlist,"}");
data/dx-4.4.4/src/uipp/dxuilib/SetDecoratorTextDialog.C:539:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	btn_name = new char[1+strlen(btn_names[i])]; 
data/dx-4.4.4/src/uipp/dxuilib/SetDecoratorTextDialog.C:541:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	color_value = new char[1+strlen(color_values[i])]; 
data/dx-4.4.4/src/uipp/dxuilib/SetDecoratorTextDialog.C:546:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	from.size = 1+strlen(from.addr);
data/dx-4.4.4/src/uipp/dxuilib/SetDecoratorTextDialog.C:751:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	int i,len = ((cp&&cp[0])?strlen(cp):0);
data/dx-4.4.4/src/uipp/dxuilib/SetDecoratorTextDialog.C:769:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	int i,len = ((cp&&cp[0])?strlen(cp):0);
data/dx-4.4.4/src/uipp/dxuilib/SetDecoratorTextDialog.C:976:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int len = strlen(spare);
data/dx-4.4.4/src/uipp/dxuilib/SetDecoratorTextDialog.C:1184:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	totlen+= strlen(this->kern_lines[i]);
data/dx-4.4.4/src/uipp/dxuilib/SetDecoratorTextDialog.C:1189:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	int len = strlen(this->kern_lines[i]);
data/dx-4.4.4/src/uipp/dxuilib/SetDecoratorTextDialog.C:1212:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int len = strlen(src);
data/dx-4.4.4/src/uipp/dxuilib/SetDecoratorTextDialog.C:1296:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		len = strlen(text);
data/dx-4.4.4/src/uipp/dxuilib/SetSeparatorAttrDlg.C:178:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	from.size = 1+strlen(from.addr);
data/dx-4.4.4/src/uipp/dxuilib/SetSeparatorAttrDlg.C:338:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	char *btn_name = new char[1+strlen(btn_names[i])];
data/dx-4.4.4/src/uipp/dxuilib/SetSeparatorAttrDlg.C:340:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	char *color_value = new char[1+strlen(color_values[i])];
data/dx-4.4.4/src/uipp/dxuilib/StandIn.C:2938:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
				strncpy(dup_val,val,58);
data/dx-4.4.4/src/uipp/dxuilib/StandIn.C:2960:13:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
			if(ii&1) strcat(dup_val,"\"");
data/dx-4.4.4/src/uipp/dxuilib/StandIn.C:3089:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    if (strlen(esc_label) >= max_len) 
data/dx-4.4.4/src/uipp/dxuilib/StandIn.C:3181:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    len = strlen(hostname);
data/dx-4.4.4/src/uipp/dxuilib/StandIn.C:3185:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    *length = strlen(hostname);
data/dx-4.4.4/src/uipp/dxuilib/StartOptionsDialog.C:82:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(newS, s, cs->startPos);
data/dx-4.4.4/src/uipp/dxuilib/StartOptionsDialog.C:85:2:  [1] (buffer) strncat:
  Easily used incorrectly (e.g., incorrectly computing the correct maximum
  size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
  or automatically resizing strings.
	strncat(newS, cs->text->ptr, cs->text->length);
data/dx-4.4.4/src/uipp/dxuilib/TickLabelList.C:429:8:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	len+= strlen(cp);
data/dx-4.4.4/src/uipp/dxuilib/TickLabelList.C:441:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int bufLen = strlen(buf);
data/dx-4.4.4/src/uipp/dxuilib/TickLabelList.C:451:8:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	len = strlen(cp);
data/dx-4.4.4/src/uipp/dxuilib/VPEPostIt.C:120:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int len = strlen(filtered);
data/dx-4.4.4/src/uipp/dxuilib/netyacc.c:939:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
#   define yystrlen strlen
data/dx-4.4.4/src/uipp/java/server/DXLink.c:84:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    i = 1+strlen(msg);
data/dx-4.4.4/src/uipp/java/server/DXLink.c:252:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	str = (char *) malloc (sizeof(char)* (strlen(net_file) + 1));
data/dx-4.4.4/src/uipp/java/server/DXLink.c:256:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	for(i=0; i<strlen(str); i++)
data/dx-4.4.4/src/uipp/mb/MBApplication.C:106:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    write(2, msg, strlen(msg));
data/dx-4.4.4/src/uipp/mb/MBGenerate.C:67:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char *c, *fnamecopy = (char *)malloc(strlen(filename) + 1);
data/dx-4.4.4/src/uipp/mb/MBGenerate.C:73:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for (i = 0; i < strlen(fnamecopy); i++)
data/dx-4.4.4/src/uipp/mb/MBGenerate.C:140:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char      *buf = (char *)malloc(strlen(basename) + 7);
data/dx-4.4.4/src/uipp/mb/MBGenerate.C:346:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char      *buf = (char *)malloc(strlen(basename) + 5);
data/dx-4.4.4/src/uipp/mb/MBGenerate.C:418:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	        buf = b = (char *)malloc(strlen("vector") + 4*nc + 1);
data/dx-4.4.4/src/uipp/mb/MBGenerate.C:423:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	        buf = b = (char *)malloc(strlen("vector list") + 4*nc + 1);
data/dx-4.4.4/src/uipp/mb/MBGenerate.C:428:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	        buf = b = (char *)malloc(strlen((*in)->types) + 4*nc + 1);
data/dx-4.4.4/src/uipp/mb/MBGenerate.C:472:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    buf = b = (char *)malloc(strlen((*out)->types) + 4*nc + 1);
data/dx-4.4.4/src/uipp/mb/MBGenerate.C:523:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char       *buf = (char *)malloc(strlen(basename) + 4);
data/dx-4.4.4/src/uipp/mb/MBGenerate.C:1873:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    (dst) = (char *)malloc(strlen((src))+1);			\
data/dx-4.4.4/src/uipp/mb/MBGenerate.C:1901:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char *buf = (char *)malloc(strlen(basename) + 4);
data/dx-4.4.4/src/uipp/mb/MBGenerate.C:1922:6:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	c = getc(in);
data/dx-4.4.4/src/uipp/mb/MBGenerate.C:1989:6:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	c = getc(fd);
data/dx-4.4.4/src/uipp/mb/MBGenerate.C:1995:39:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    for (i = 0; i < MAXLINE; i++, c = getc(fd))
data/dx-4.4.4/src/uipp/mb/MBGenerate.C:2047:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char      *buf = (char *)malloc(strlen(basename) + 4);
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:2816:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int len = strlen(MBExtension);
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:2828:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    file = new char[strlen(filenm) + len + 1];
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:2835:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!ext || (strlen(ext) != len))
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:3868:2:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	strcat(new_string, "\n");
data/dx-4.4.4/src/uipp/mb/MBMainWindow.C:3958:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(str, &line[start_index], (ndx - start_index));
data/dx-4.4.4/src/uipp/prompter/Browser.C:981:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	this->from->read(buf, this->page_size);
data/dx-4.4.4/src/uipp/prompter/Browser.C:1380:17:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    this->from->read(buf, this->page_size);
data/dx-4.4.4/src/uipp/prompter/Browser.C:1513:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	this->from->read(buf, this->page_size);
data/dx-4.4.4/src/uipp/prompter/Browser.C:1695:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	this->from->read(buf, this->page_size);
data/dx-4.4.4/src/uipp/prompter/CommandTextPopup.C:66:8:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	len = strlen(dxd);
data/dx-4.4.4/src/uipp/prompter/CommandTextPopup.C:112:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char *sampDat = new char[strlen(uiroot) + strlen("samples/data") + 16];
data/dx-4.4.4/src/uipp/prompter/CommandTextPopup.C:112:47:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char *sampDat = new char[strlen(uiroot) + strlen("samples/data") + 16];
data/dx-4.4.4/src/uipp/prompter/CommandTextPopup.C:116:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	for(i=0; i<strlen(sampDat); i++)
data/dx-4.4.4/src/uipp/prompter/CommandTextPopup.C:119:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (sampDat[strlen(uiroot)-1] == '/') {
data/dx-4.4.4/src/uipp/prompter/CommandTextPopup.C:190:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	for(i=0; i<strlen(base_name); i++)
data/dx-4.4.4/src/uipp/prompter/CommandTextPopup.C:193:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int len = strlen(base_name);
data/dx-4.4.4/src/uipp/prompter/DataFileDialog.C:49:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char *str= new char[strlen(string) + 2];
data/dx-4.4.4/src/uipp/prompter/DataFileDialog.C:52:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for(int i=0; i<strlen(str); i++)
data/dx-4.4.4/src/uipp/prompter/FileContents.C:108:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int name_len = strlen(this->out_file_name);
data/dx-4.4.4/src/uipp/prompter/FileContents.C:122:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int name_len = strlen(this->in_file_name);
data/dx-4.4.4/src/uipp/prompter/FileContents.C:131:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	this->out_file_name = new char[strlen(this->sans_extension) + 32];
data/dx-4.4.4/src/uipp/prompter/FileContents.C:136:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	this->out_file_name = new char[strlen(this->sans_extension) + 32];
data/dx-4.4.4/src/uipp/prompter/FileContents.C:170:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int len = strlen(this->contents);
data/dx-4.4.4/src/uipp/prompter/FileContents.C:195:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int pattern_len = strlen(pattern);
data/dx-4.4.4/src/uipp/prompter/FileContents.C:240:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char* new_contents = new char[strlen(this->contents)+1 + size_diff];
data/dx-4.4.4/src/uipp/prompter/FileContents.C:250:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    next+= strlen(cling->replacement);
data/dx-4.4.4/src/uipp/prompter/FileContents.h:120:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	this->size_diff = strlen(replacement) - strlen(pattern);
data/dx-4.4.4/src/uipp/prompter/FileContents.h:120:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	this->size_diff = strlen(replacement) - strlen(pattern);
data/dx-4.4.4/src/uipp/prompter/GARApplication.C:175:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    write(2, msg, strlen(msg));
data/dx-4.4.4/src/uipp/prompter/GARApplication.C:612:6:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	    strcat(newstr, "/"); 
data/dx-4.4.4/src/uipp/prompter/GARApplication.C:634:2:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	strcat(newstr, "/");
data/dx-4.4.4/src/uipp/prompter/GARChooserWindow.C:436:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    len = strlen(cp);
data/dx-4.4.4/src/uipp/prompter/GARChooserWindow.C:446:7:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
		if (mismatch) {
data/dx-4.4.4/src/uipp/prompter/GARChooserWindow.C:627:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			len = strlen(cp);
data/dx-4.4.4/src/uipp/prompter/GARChooserWindow.C:681:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int len = strlen(cp);
data/dx-4.4.4/src/uipp/prompter/GARChooserWindow.C:692:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int j,t = strlen(ext);
data/dx-4.4.4/src/uipp/prompter/GARChooserWindow.C:751:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (ext) extlen = strlen(ext);
data/dx-4.4.4/src/uipp/prompter/GARChooserWindow.C:752:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char *dirspec = new char[strlen(this->file_search_dir) + extlen + 3];
data/dx-4.4.4/src/uipp/prompter/GARChooserWindow.C:756:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for(int i=0; i<strlen(dirspec); i++)
data/dx-4.4.4/src/uipp/prompter/GARChooserWindow.C:797:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int cfg_spot = strlen(net_file) - 4;
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:90:66:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define RES_CONVERT(res, str) XtVaTypedArg, res, XmRString, str, strlen(str)+1
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:4301:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for(int i=0; i<strlen(fn); i++) 
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:4318:6:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if (strlen(cp) >= 2) {
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:5676:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (strlen(cp) >= 2) {
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:7205:6:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	    strcat(final_str, " ");
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:7821:2:  [1] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant character.
	strcat(new_string, "\n");
data/dx-4.4.4/src/uipp/prompter/GARMainWindow.C:7947:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(str, &line[start_index], (ndx - start_index));
data/dx-4.4.4/src/uipp/prompter/GridChoice.C:511:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int gen_len = strlen(gen_ext);
data/dx-4.4.4/src/uipp/prompter/GridChoice.C:524:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		int len = strlen(cp);
data/dx-4.4.4/src/uipp/prompter/ImageChoice.C:212:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	name_len = strlen(file_name);
data/dx-4.4.4/src/uipp/prompter/SADialog.C:68:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int len = strlen(GenExtension);
data/dx-4.4.4/src/uipp/prompter/SADialog.C:70:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    file = new char[strlen(string) + len + 1];
data/dx-4.4.4/src/uipp/prompter/SADialog.C:77:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (!ext || (strlen(ext) != len))
data/dx-4.4.4/src/uipp/prompter/SpreadSheetChoice.C:544:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    int len = strlen(tmp);
data/dx-4.4.4/src/uipp/prompter/TypeChoice.C:362:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	int len = strlen(tmp);
data/dx-4.4.4/src/uipp/prompter/TypeChoice.C:372:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    cp+= strlen("ERROR");
data/dx-4.4.4/src/uipp/prompter/TypeChoice.C:377:8:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		cp+= strlen("WARNING");
data/dx-4.4.4/src/uipp/prompter/TypeChoice.C:525:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			char* newe = new char[4 + strlen(exec) + strlen(cp)];
data/dx-4.4.4/src/uipp/prompter/TypeChoice.C:525:45:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			char* newe = new char[4 + strlen(exec) + strlen(cp)];
data/dx-4.4.4/src/uipp/prompter/TypeChoice.C:842:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	int i = strlen(str) - 1;
data/dx-4.4.4/src/uipp/startup/StartupApplication.C:106:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    write(2, msg, strlen(msg));
data/dx-4.4.4/src/uipp/startup/StartupWindow.C:680:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char *url = new char[strlen(theIBMApplication->getUIRoot()) + 35];
data/dx-4.4.4/src/uipp/startup/StartupWindow.C:741:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	char* dirspec = new char[strlen(uir) + strlen(ext) + 1];
data/dx-4.4.4/src/uipp/startup/StartupWindow.C:741:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	char* dirspec = new char[strlen(uir) + strlen(ext) + 1];
data/dx-4.4.4/src/uipp/startup/StartupWindow.C:745:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for(int i=0; i<strlen(dirspec); i++)
data/dx-4.4.4/src/uipp/startup/StartupWindow.C:842:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    totlen+= strlen(cmdstr);
data/dx-4.4.4/src/uipp/startup/StartupWindow.C:846:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	totlen+= strlen(args[i]);
data/dx-4.4.4/src/uipp/startup/StartupWindow.C:854:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	totlen+= strlen(cp);
data/dx-4.4.4/src/uipp/startup/StartupWindow.C:909:17:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    int bread = read (*fd, buf, 1024);
data/dx-4.4.4/src/uipp/tutor/TutorApplication.C:185:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    write(2, msg, strlen(msg));
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:1766:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    message = XtMalloc(strlen(filename) + 64);
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:1797:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    message = XtMalloc(strlen(filename) + 64);
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:1809:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    message = XtMalloc(strlen(filename) + 64);
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:1849:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	message = XtMalloc(strlen(filename) + 64);
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:1863:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    message = XtMalloc(strlen(filename) + 64);
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:1875:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    message = XtMalloc(strlen(filename) + 64);
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:1887:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    message = XtMalloc(strlen(filename) + 64);
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:1899:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    message = XtMalloc(strlen(filename) + 64);
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:1911:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	    message = XtMalloc(strlen(filename) + 64);
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:1965:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		message = XtMalloc(strlen(filename) + 64);
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:1978:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		message = XtMalloc(strlen(filename) + 64);
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:1991:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		message = XtMalloc(strlen(filename) + 64);
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:2004:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		message = XtMalloc(strlen(filename) + 64);
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:2017:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		message = XtMalloc(strlen(filename) + 64);
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:2045:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      message = XtMalloc(strlen(filename) + 64);
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:2680:55:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    XTextExtents(cmew->color_map_editor.font, string, strlen(string),
data/dx-4.4.4/src/uipp/widgets/ControlPoint.c:2693:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		string, strlen(string));
data/dx-4.4.4/src/uipp/widgets/MultiText.c:1080:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			     clipID, "STRING", buf, (long)strlen(buf)+1, cnt, NULL);
data/dx-4.4.4/src/uipp/widgets/MultiText.c:1107:7:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
      strcpy(mondoBuffer,"");
data/dx-4.4.4/src/uipp/widgets/MultiText.c:1391:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      len += strlen(wpTemp->chars) + 1;
data/dx-4.4.4/src/uipp/widgets/MultiText.c:1395:3:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
  strcpy(buf, "");
data/dx-4.4.4/src/uipp/widgets/MultiText.c:1399:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      if (strlen(buf))
data/dx-4.4.4/src/uipp/widgets/MultiText.c:1400:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	sprintf(buf + strlen(buf), " %s", wpStart->chars);
data/dx-4.4.4/src/uipp/widgets/MultiText.c:1815:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      XTextExtents(font, theWord, strlen(theWord),
data/dx-4.4.4/src/uipp/widgets/MultiText.c:1848:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      XTextExtents(font, theWord, strlen(theWord), &direction, &fontAscent, &fontDescent,
data/dx-4.4.4/src/uipp/widgets/MultiText.c:1863:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      XTextExtents(font, theWord, strlen(theWord), &direction, &fontAscent, &fontDescent,
data/dx-4.4.4/src/uipp/widgets/MultiText.c:1930:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  wordPtr->length          = strlen(theWord);
data/dx-4.4.4/src/uipp/widgets/MultiText.c:1997:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  wordPtr->length          = strlen(theWord);
data/dx-4.4.4/src/uipp/widgets/MultiText.c:2234:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  wordPtr->length          = strlen(theWord);    /* doesn't really make sense for images...  */
data/dx-4.4.4/src/uipp/widgets/MultiText.c:2296:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  wordPtr->length          = strlen(theWord);    /* doesn't really make sense for widgets... */
data/dx-4.4.4/src/uipp/widgets/MultiText.c:2443:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  retStr = (char *) XtMalloc(sizeof(char) * (str ? strlen(str) : 0) + 1);
data/dx-4.4.4/src/uipp/widgets/MultiText.c:2497:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      XTextExtents(font, theWord, strlen(theWord), &direction, &fontAscent, &fontDescent,
data/dx-4.4.4/src/uipp/widgets/Number.c:917:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	for (i=strlen(in_string); i >= 0; i--)
data/dx-4.4.4/src/uipp/widgets/NumberOutput.c:419:8:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	len = strlen(string);
data/dx-4.4.4/src/uipp/widgets/NumberOutput.c:447:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		len = strlen(string);
data/dx-4.4.4/src/uipp/widgets/NumberOutput.c:499:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		len = strlen(string);
data/dx-4.4.4/src/uipp/widgets/NumberOutput.c:528:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		len = strlen(string);
data/dx-4.4.4/src/uipp/widgets/NumberOutput.c:596:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		len = strlen(string);
data/dx-4.4.4/src/uipp/widgets/NumericList.c:68:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define STRLEN(s)  	((s) ? strlen(s) : 0)
data/dx-4.4.4/src/uipp/widgets/Picture.c:8271:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		    text != NULL? strlen(text): 0);
data/dx-4.4.4/src/uipp/widgets/VCRControl.c:1260:9:  [1] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source is a constant character.
        sprintf(string, " ");

ANALYSIS SUMMARY:

Hits = 7450
Lines analyzed = 745971 in approximately 17.11 seconds (43596 lines/second)
Physical Source Lines of Code (SLOC) = 535712
Hits@level = [0] 3030 [1] 1453 [2] 3980 [3] 245 [4] 1742 [5]  30
Hits@level+ = [0+] 10480 [1+] 7450 [2+] 5997 [3+] 2017 [4+] 1772 [5+]  30
Hits/KSLOC@level+ = [0+] 19.5628 [1+] 13.9067 [2+] 11.1944 [3+] 3.76508 [4+] 3.30775 [5+] 0.0560002
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.