Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/eclipse-titan-7.1.1/JNI/jnimw.cc
Examining data/eclipse-titan-7.1.1/JNI/jnimw.h
Examining data/eclipse-titan-7.1.1/JNI/jninativelib.cc
Examining data/eclipse-titan-7.1.1/JNI/org_eclipse_titan_executor_jni_JNIMiddleWare.h
Examining data/eclipse-titan-7.1.1/common/JSON_Tokenizer.cc
Examining data/eclipse-titan-7.1.1/common/ModuleVersion.cc
Examining data/eclipse-titan-7.1.1/common/NetworkHandler.cc
Examining data/eclipse-titan-7.1.1/common/Path2.cc
Examining data/eclipse-titan-7.1.1/common/Quadruple.cc
Examining data/eclipse-titan-7.1.1/common/UnicharPattern.cc
Examining data/eclipse-titan-7.1.1/common/config_preproc.cc
Examining data/eclipse-titan-7.1.1/common/config_preproc.h
Examining data/eclipse-titan-7.1.1/common/hostid.c
Examining data/eclipse-titan-7.1.1/common/license.c
Examining data/eclipse-titan-7.1.1/common/license.h
Examining data/eclipse-titan-7.1.1/common/memory.c
Examining data/eclipse-titan-7.1.1/common/memory.h
Examining data/eclipse-titan-7.1.1/common/new.cc
Examining data/eclipse-titan-7.1.1/common/openssl_version.c
Examining data/eclipse-titan-7.1.1/common/openssl_version.h
Examining data/eclipse-titan-7.1.1/common/path.c
Examining data/eclipse-titan-7.1.1/common/path.h
Examining data/eclipse-titan-7.1.1/common/platform.h
Examining data/eclipse-titan-7.1.1/common/static_check.h
Examining data/eclipse-titan-7.1.1/common/usage_stats.cc
Examining data/eclipse-titan-7.1.1/common/userinfo.c
Examining data/eclipse-titan-7.1.1/common/userinfo.h
Examining data/eclipse-titan-7.1.1/common/version.h
Examining data/eclipse-titan-7.1.1/common/version_internal.h
Examining data/eclipse-titan-7.1.1/compiler2/AST.cc
Examining data/eclipse-titan-7.1.1/compiler2/Code.cc
Examining data/eclipse-titan-7.1.1/compiler2/CodeGenHelper.cc
Examining data/eclipse-titan-7.1.1/compiler2/CompField.cc
Examining data/eclipse-titan-7.1.1/compiler2/CompType.cc
Examining data/eclipse-titan-7.1.1/compiler2/CompilerError.cc
Examining data/eclipse-titan-7.1.1/compiler2/Constraint.cc
Examining data/eclipse-titan-7.1.1/compiler2/DebuggerStuff.cc
Examining data/eclipse-titan-7.1.1/compiler2/EnumItem.cc
Examining data/eclipse-titan-7.1.1/compiler2/Identifier.cc
Examining data/eclipse-titan-7.1.1/compiler2/Int.cc
Examining data/eclipse-titan-7.1.1/compiler2/PredefFunc.cc
Examining data/eclipse-titan-7.1.1/compiler2/ProjectGenHelper.cc
Examining data/eclipse-titan-7.1.1/compiler2/Real.cc
Examining data/eclipse-titan-7.1.1/compiler2/Setting.cc
Examining data/eclipse-titan-7.1.1/compiler2/SigParam.cc
Examining data/eclipse-titan-7.1.1/compiler2/Stopwatch.cc
Examining data/eclipse-titan-7.1.1/compiler2/Type.cc
Examining data/eclipse-titan-7.1.1/compiler2/TypeCompat.cc
Examining data/eclipse-titan-7.1.1/compiler2/Type_chk.cc
Examining data/eclipse-titan-7.1.1/compiler2/Type_codegen.cc
Examining data/eclipse-titan-7.1.1/compiler2/Typestuff.cc
Examining data/eclipse-titan-7.1.1/compiler2/Value.cc
Examining data/eclipse-titan-7.1.1/compiler2/Valuestuff.cc
Examining data/eclipse-titan-7.1.1/compiler2/XSD_Types.cc
Examining data/eclipse-titan-7.1.1/compiler2/XerAttributes.cc
Examining data/eclipse-titan-7.1.1/compiler2/asn1/AST_asn1.cc
Examining data/eclipse-titan-7.1.1/compiler2/asn1/Block.cc
Examining data/eclipse-titan-7.1.1/compiler2/asn1/OCSV.cc
Examining data/eclipse-titan-7.1.1/compiler2/asn1/Object.cc
Examining data/eclipse-titan-7.1.1/compiler2/asn1/Ref.cc
Examining data/eclipse-titan-7.1.1/compiler2/asn1/TableConstraint.cc
Examining data/eclipse-titan-7.1.1/compiler2/asn1/Tag.cc
Examining data/eclipse-titan-7.1.1/compiler2/asn1/TokenBuf.cc
Examining data/eclipse-titan-7.1.1/compiler2/asn1/Type_parse.cc
Examining data/eclipse-titan-7.1.1/compiler2/asn1/asn1_preparser.h
Examining data/eclipse-titan-7.1.1/compiler2/asn1/asn1p_old.h
Examining data/eclipse-titan-7.1.1/compiler2/datatypes.h
Examining data/eclipse-titan-7.1.1/compiler2/encdec.c
Examining data/eclipse-titan-7.1.1/compiler2/encdec.h
Examining data/eclipse-titan-7.1.1/compiler2/enum.c
Examining data/eclipse-titan-7.1.1/compiler2/enum.h
Examining data/eclipse-titan-7.1.1/compiler2/error.h
Examining data/eclipse-titan-7.1.1/compiler2/functionref.c
Examining data/eclipse-titan-7.1.1/compiler2/functionref.h
Examining data/eclipse-titan-7.1.1/compiler2/main.cc
Examining data/eclipse-titan-7.1.1/compiler2/makefile.c
Examining data/eclipse-titan-7.1.1/compiler2/record.c
Examining data/eclipse-titan-7.1.1/compiler2/record.h
Examining data/eclipse-titan-7.1.1/compiler2/record_of.c
Examining data/eclipse-titan-7.1.1/compiler2/record_of.h
Examining data/eclipse-titan-7.1.1/compiler2/string.cc
Examining data/eclipse-titan-7.1.1/compiler2/subtype.cc
Examining data/eclipse-titan-7.1.1/compiler2/subtypestuff.cc
Examining data/eclipse-titan-7.1.1/compiler2/tcov2lcov.cc
Examining data/eclipse-titan-7.1.1/compiler2/ttcn3/AST_ttcn3.cc
Examining data/eclipse-titan-7.1.1/compiler2/ttcn3/ArrayDimensions.cc
Examining data/eclipse-titan-7.1.1/compiler2/ttcn3/Attributes.cc
Examining data/eclipse-titan-7.1.1/compiler2/ttcn3/BerAST.cc
Examining data/eclipse-titan-7.1.1/compiler2/ttcn3/ILT.cc
Examining data/eclipse-titan-7.1.1/compiler2/ttcn3/JsonAST.cc
Examining data/eclipse-titan-7.1.1/compiler2/ttcn3/OerAST.cc
Examining data/eclipse-titan-7.1.1/compiler2/ttcn3/PatternString.cc
Examining data/eclipse-titan-7.1.1/compiler2/ttcn3/RawAST.cc
Examining data/eclipse-titan-7.1.1/compiler2/ttcn3/Statement.cc
Examining data/eclipse-titan-7.1.1/compiler2/ttcn3/Templatestuff.cc
Examining data/eclipse-titan-7.1.1/compiler2/ttcn3/TextAST.cc
Examining data/eclipse-titan-7.1.1/compiler2/ttcn3/Ttcn2Json.cc
Examining data/eclipse-titan-7.1.1/compiler2/ttcn3/TtcnTemplate.cc
Examining data/eclipse-titan-7.1.1/compiler2/ttcn3/Ttcnstuff.cc
Examining data/eclipse-titan-7.1.1/compiler2/ttcn3/compiler.c
Examining data/eclipse-titan-7.1.1/compiler2/ttcn3/compiler.h
Examining data/eclipse-titan-7.1.1/compiler2/ttcn3/port.c
Examining data/eclipse-titan-7.1.1/compiler2/ttcn3/port.h
Examining data/eclipse-titan-7.1.1/compiler2/ttcn3/profiler.c
Examining data/eclipse-titan-7.1.1/compiler2/ttcn3/profiler.h
Examining data/eclipse-titan-7.1.1/compiler2/ttcn3/rawASTspec.h
Examining data/eclipse-titan-7.1.1/compiler2/ttcn3/signature.c
Examining data/eclipse-titan-7.1.1/compiler2/ttcn3/signature.h
Examining data/eclipse-titan-7.1.1/compiler2/ttcn3/ttcn3_preparser.h
Examining data/eclipse-titan-7.1.1/compiler2/union.c
Examining data/eclipse-titan-7.1.1/compiler2/union.h
Examining data/eclipse-titan-7.1.1/compiler2/ustring.cc
Examining data/eclipse-titan-7.1.1/compiler2/xpather.cc
Examining data/eclipse-titan-7.1.1/compiler2/xpather.h
Examining data/eclipse-titan-7.1.1/conformance_test/core_language_tests/positive_tests/08_modules/0802_module_definitions_part/080203_importing_from_modules/08020301_general_format_of_import/NegSem_08020301_GeneralFormatOfImport_031_extern.cc
Examining data/eclipse-titan-7.1.1/conformance_test/core_language_tests/positive_tests/08_modules/0802_module_definitions_part/080203_importing_from_modules/08020301_general_format_of_import/NegSem_08020301_GeneralFormatOfImport_032_extern.cc
Examining data/eclipse-titan-7.1.1/conformance_test/core_language_tests/positive_tests/09_test_configurations/0902_test_system_interface/Sem_0902_001_loopbackPort.cc
Examining data/eclipse-titan-7.1.1/conformance_test/core_language_tests/positive_tests/09_test_configurations/0902_test_system_interface/Sem_0902_002_loopbackPort.cc
Examining data/eclipse-titan-7.1.1/conformance_test/core_language_tests/positive_tests/16_functions_altsteps_testcases/1601_functions/160103_external_functions/xf_NegSem_160103_external_functions_001.cc
Examining data/eclipse-titan-7.1.1/conformance_test/core_language_tests/positive_tests/16_functions_altsteps_testcases/1601_functions/160103_external_functions/xf_Sem_160103_external_functions_001.cc
Examining data/eclipse-titan-7.1.1/conformance_test/core_language_tests/positive_tests/16_functions_altsteps_testcases/1601_functions/160103_external_functions/xf_Sem_160103_external_functions_002.cc
Examining data/eclipse-titan-7.1.1/conformance_test/core_language_tests/positive_tests/16_functions_altsteps_testcases/1601_functions/160104_invoking_functions_from_specific_places/xf_NegSem_160104_invoking_functions_from_specific_places_001.cc
Examining data/eclipse-titan-7.1.1/conformance_test/core_language_tests/positive_tests/16_functions_altsteps_testcases/1601_functions/160104_invoking_functions_from_specific_places/xf_NegSem_160104_invoking_functions_from_specific_places_038.cc
Examining data/eclipse-titan-7.1.1/conformance_test/core_language_tests/positive_tests/16_functions_altsteps_testcases/1601_functions/160104_invoking_functions_from_specific_places/xf_NegSem_160104_invoking_functions_from_specific_places_079.cc
Examining data/eclipse-titan-7.1.1/conformance_test/core_language_tests/positive_tests/16_functions_altsteps_testcases/1601_functions/160104_invoking_functions_from_specific_places/xf_NegSem_160104_invoking_functions_from_specific_places_120.cc
Examining data/eclipse-titan-7.1.1/conformance_test/core_language_tests/positive_tests/16_functions_altsteps_testcases/1601_functions/160104_invoking_functions_from_specific_places/xf_NegSem_160104_invoking_functions_from_specific_places_163.cc
Examining data/eclipse-titan-7.1.1/conformance_test/core_language_tests/positive_tests/16_functions_altsteps_testcases/1601_functions/160104_invoking_functions_from_specific_places/xf_NegSem_160104_invoking_functions_from_specific_places_245.cc
Examining data/eclipse-titan-7.1.1/conformance_test/core_language_tests/positive_tests/16_functions_altsteps_testcases/1601_functions/160104_invoking_functions_from_specific_places/xf_NegSem_160104_invoking_functions_from_specific_places_288.cc
Examining data/eclipse-titan-7.1.1/conformance_test/core_language_tests/positive_tests/16_functions_altsteps_testcases/1602_altsteps/160201_invoking_altsteps/Sem_160201_003_loopbackPort.cc
Examining data/eclipse-titan-7.1.1/conformance_test/core_language_tests/positive_tests/16_functions_altsteps_testcases/1602_altsteps/160201_invoking_altsteps/Sem_160201_004_loopbackPort.cc
Examining data/eclipse-titan-7.1.1/conformance_test/core_language_tests/positive_tests/16_functions_altsteps_testcases/1602_altsteps/1602_toplevel/xf_NegSem_1602_toplevel_001.cc
Examining data/eclipse-titan-7.1.1/conformance_test/core_language_tests/positive_tests/20_statement_and_operations_for_alt/2002_the_alt_statement/Sem_2002_012_loopbackPort.cc
Examining data/eclipse-titan-7.1.1/conformance_test/core_language_tests/positive_tests/20_statement_and_operations_for_alt/2002_the_alt_statement/Sem_2002_013_loopbackPort.cc
Examining data/eclipse-titan-7.1.1/conformance_test/core_language_tests/positive_tests/20_statement_and_operations_for_alt/2002_the_alt_statement/xf_NegSem_2002_TheAltStatement_050.cc
Examining data/eclipse-titan-7.1.1/core/ASN_Any.cc
Examining data/eclipse-titan-7.1.1/core/ASN_CharacterString.cc
Examining data/eclipse-titan-7.1.1/core/ASN_EmbeddedPDV.cc
Examining data/eclipse-titan-7.1.1/core/ASN_External.cc
Examining data/eclipse-titan-7.1.1/core/ASN_Null.cc
Examining data/eclipse-titan-7.1.1/core/Addfunc.cc
Examining data/eclipse-titan-7.1.1/core/Array.cc
Examining data/eclipse-titan-7.1.1/core/BER.cc
Examining data/eclipse-titan-7.1.1/core/Basetype.cc
Examining data/eclipse-titan-7.1.1/core/Bitstring.cc
Examining data/eclipse-titan-7.1.1/core/Boolean.cc
Examining data/eclipse-titan-7.1.1/core/Charstring.cc
Examining data/eclipse-titan-7.1.1/core/Communication.cc
Examining data/eclipse-titan-7.1.1/core/Component.cc
Examining data/eclipse-titan-7.1.1/core/Debugger.cc
Examining data/eclipse-titan-7.1.1/core/DebuggerUI.cc
Examining data/eclipse-titan-7.1.1/core/Default.cc
Examining data/eclipse-titan-7.1.1/core/Encdec.cc
Examining data/eclipse-titan-7.1.1/core/Error.cc
Examining data/eclipse-titan-7.1.1/core/Float.cc
Examining data/eclipse-titan-7.1.1/core/Hexstring.cc
Examining data/eclipse-titan-7.1.1/core/Integer.cc
Examining data/eclipse-titan-7.1.1/core/JSON.cc
Examining data/eclipse-titan-7.1.1/core/LegacyLogger.cc
Examining data/eclipse-titan-7.1.1/core/Logger.cc
Examining data/eclipse-titan-7.1.1/core/LoggerPlugin.cc
Examining data/eclipse-titan-7.1.1/core/LoggerPluginManager.cc
Examining data/eclipse-titan-7.1.1/core/LoggerPlugin_dynamic.cc
Examining data/eclipse-titan-7.1.1/core/LoggerPlugin_static.cc
Examining data/eclipse-titan-7.1.1/core/LoggingBits.cc
Examining data/eclipse-titan-7.1.1/core/Module_list.cc
Examining data/eclipse-titan-7.1.1/core/OER.cc
Examining data/eclipse-titan-7.1.1/core/Objid.cc
Examining data/eclipse-titan-7.1.1/core/Octetstring.cc
Examining data/eclipse-titan-7.1.1/core/Parallel_main.cc
Examining data/eclipse-titan-7.1.1/core/Param_Types.cc
Examining data/eclipse-titan-7.1.1/core/Parameters.h
Examining data/eclipse-titan-7.1.1/core/Port.cc
Examining data/eclipse-titan-7.1.1/core/ProfMerge_main.cc
Examining data/eclipse-titan-7.1.1/core/Profiler.cc
Examining data/eclipse-titan-7.1.1/core/ProfilerTools.cc
Examining data/eclipse-titan-7.1.1/core/RAW.cc
Examining data/eclipse-titan-7.1.1/core/RInt.cc
Examining data/eclipse-titan-7.1.1/core/Runtime.cc
Examining data/eclipse-titan-7.1.1/core/Single_main.cc
Examining data/eclipse-titan-7.1.1/core/Snapshot.cc
Examining data/eclipse-titan-7.1.1/core/Struct_of.cc
Examining data/eclipse-titan-7.1.1/core/TCov.cc
Examining data/eclipse-titan-7.1.1/core/TEXT.cc
Examining data/eclipse-titan-7.1.1/core/Template.cc
Examining data/eclipse-titan-7.1.1/core/Textbuf.cc
Examining data/eclipse-titan-7.1.1/core/Timer.cc
Examining data/eclipse-titan-7.1.1/core/TitanLoggerControlImpl.cc
Examining data/eclipse-titan-7.1.1/core/Types.h
Examining data/eclipse-titan-7.1.1/core/Universal_charstring.cc
Examining data/eclipse-titan-7.1.1/core/Verdicttype.cc
Examining data/eclipse-titan-7.1.1/core/XER.cc
Examining data/eclipse-titan-7.1.1/core/XmlReader.cc
Examining data/eclipse-titan-7.1.1/core/gccversion.c
Examining data/eclipse-titan-7.1.1/core/license_gen.c
Examining data/eclipse-titan-7.1.1/core2/Basetype2.cc
Examining data/eclipse-titan-7.1.1/function_test/Config_Parser/extfunc.cc
Examining data/eclipse-titan-7.1.1/hello/PCOType.cc
Examining data/eclipse-titan-7.1.1/langviz/Grammar.cc
Examining data/eclipse-titan-7.1.1/langviz/Graph.cc
Examining data/eclipse-titan-7.1.1/langviz/Iterator.cc
Examining data/eclipse-titan-7.1.1/langviz/Node.cc
Examining data/eclipse-titan-7.1.1/langviz/Rule.cc
Examining data/eclipse-titan-7.1.1/langviz/Symbol.cc
Examining data/eclipse-titan-7.1.1/langviz/error.c
Examining data/eclipse-titan-7.1.1/langviz/error.h
Examining data/eclipse-titan-7.1.1/langviz/main.cc
Examining data/eclipse-titan-7.1.1/licensegen/license_gen.c
Examining data/eclipse-titan-7.1.1/licensegen/renew_license.c
Examining data/eclipse-titan-7.1.1/loggerplugins/JUnitLogger/JUnitLogger.cc
Examining data/eclipse-titan-7.1.1/loggerplugins/JUnitLogger2/JUnitLogger2.cc
Examining data/eclipse-titan-7.1.1/loggerplugins/LTTngUSTLogger/LTTngUSTLogger.cc
Examining data/eclipse-titan-7.1.1/loggerplugins/LTTngUSTLogger/tp.cc
Examining data/eclipse-titan-7.1.1/loggerplugins/TSTLogger/TSTLogger.cc
Examining data/eclipse-titan-7.1.1/mctr2/cli/Cli.cc
Examining data/eclipse-titan-7.1.1/mctr2/cli/Cli.h
Examining data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/chared.c
Examining data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/chared.h
Examining data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/chartype.c
Examining data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/chartype.h
Examining data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/common.c
Examining data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/editline/readline.h
Examining data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/el.c
Examining data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/el.h
Examining data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/el_term.h
Examining data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/eln.c
Examining data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/emacs.c
Examining data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/fgetln.c
Examining data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/filecomplete.c
Examining data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/filecomplete.h
Examining data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/hist.c
Examining data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/hist.h
Examining data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/histedit.h
Examining data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/history.c
Examining data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/key.c
Examining data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/key.h
Examining data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/map.c
Examining data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/map.h
Examining data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/parse.c
Examining data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/parse.h
Examining data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/prompt.c
Examining data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/prompt.h
Examining data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/read.c
Examining data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/read.h
Examining data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/readline.c
Examining data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/refresh.c
Examining data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/refresh.h
Examining data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/search.c
Examining data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/search.h
Examining data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/sig.c
Examining data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/sig.h
Examining data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/strlcat.c
Examining data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/strlcpy.c
Examining data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/sys.h
Examining data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/term.c
Examining data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/tokenizer.c
Examining data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/tty.c
Examining data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/tty.h
Examining data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/unvis.c
Examining data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/vi.c
Examining data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/vis.c
Examining data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/vis.h
Examining data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/wcsdup.c
Examining data/eclipse-titan-7.1.1/mctr2/mctr/MainController.cc
Examining data/eclipse-titan-7.1.1/mctr2/mctr/MainController.h
Examining data/eclipse-titan-7.1.1/mctr2/mctr/MctrError.cc
Examining data/eclipse-titan-7.1.1/mctr2/mctr/UserInterface.cc
Examining data/eclipse-titan-7.1.1/mctr2/mctr/UserInterface.h
Examining data/eclipse-titan-7.1.1/mctr2/mctr/config_data.cc
Examining data/eclipse-titan-7.1.1/mctr2/mctr/config_data.h
Examining data/eclipse-titan-7.1.1/mctr2/mctr/main.cc
Examining data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/Abstract_Socket.cc
Examining data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_Base_ExternalFunctions.cc
Examining data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_Buffer_ExternalFunctions.cc
Examining data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_Common_ExternalFunctions.cc
Examining data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_DataSource_ExternalFunctions.cc
Examining data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_HashMapInt2Int_ExternalFunctions.cc
Examining data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_HashMapOct2Int_ExternalFunctions.cc
Examining data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_HashMapStr2Int_ExternalFunctions.cc
Examining data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_LGenBase_EventHandlingExternalFunctions.cc
Examining data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_NQueue_ExternalFunctions.cc
Examining data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_RBT_ExternalFunctions.cc
Examining data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_TransportIPL2_ExternalFunctions.cc
Examining data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_Variable_ExternalFunctions.cc
Examining data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_SIP_LGen_ExternalFunctions.cc
Examining data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc
Examining data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_discovery.cc
Examining data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IP_EncDec.cc
Examining data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/LANL2asp_PT.cc
Examining data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/PIPEasp_PT.cc
Examining data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIP_parse.h
Examining data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIP_parse_.tab.c
Examining data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIP_parse_.tab.h
Examining data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc
Examining data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCConversion.cc
Examining data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCDateTime.cc
Examining data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCEncoding.cc
Examining data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCFileIO.cc
Examining data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCIPsec.cc
Examining data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface.cc
Examining data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface_ip.h
Examining data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCMaths.cc
Examining data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCMessageHandling.cc
Examining data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCP_EncDec.cc
Examining data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TELNETasp_PT.cc
Examining data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TestResultGen_ExternalFunctions.cc
Examining data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/XTDP-EXER-EncDec.cc
Examining data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/XTDPasp_PT.cc
Examining data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c
Examining data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.xtdp.c
Examining data/eclipse-titan-7.1.1/regression_test/EncodeDecode/multipleEncodings/Coders.cc
Examining data/eclipse-titan-7.1.1/regression_test/XML/NegativeTest/ReadXmlImpl.cc
Examining data/eclipse-titan-7.1.1/regression_test/XML/TTCNandXML/Flatten.cc
Examining data/eclipse-titan-7.1.1/regression_test/XML/XER/Flatten.cc
Examining data/eclipse-titan-7.1.1/regression_test/XML/XmlWorkflow/PIPEasp_CNL113334/src/PIPEasp_PT.cc
Examining data/eclipse-titan-7.1.1/regression_test/XML/XmlWorkflow/PIPEasp_CNL113334/test/PIPEasp_PT.cc
Examining data/eclipse-titan-7.1.1/regression_test/XML/XmlWorkflow/src/external.cc
Examining data/eclipse-titan-7.1.1/regression_test/all_from/f_ext.cc
Examining data/eclipse-titan-7.1.1/regression_test/cfgFile/testport_parameters/PCOType.cc
Examining data/eclipse-titan-7.1.1/regression_test/commProcedure/ExtProcPort.cc
Examining data/eclipse-titan-7.1.1/regression_test/commProcedure/PortAddress.cc
Examining data/eclipse-titan-7.1.1/regression_test/compileonly/centralstorage/base_mixed/base_mixed_PT.cc
Examining data/eclipse-titan-7.1.1/regression_test/compileonly/centralstorage/base_ttcn/base_PT.cc
Examining data/eclipse-titan-7.1.1/regression_test/compileonly/centralstorage/separate_project/separate_PT.cc
Examining data/eclipse-titan-7.1.1/regression_test/compileonly/deterministic/ext.cc
Examining data/eclipse-titan-7.1.1/regression_test/compileonly/dynamicTemplate/external.cc
Examining data/eclipse-titan-7.1.1/regression_test/compileonly/mfgen-tpd/buildconfig_param/HelloTpd/src/PCOType.cc
Examining data/eclipse-titan-7.1.1/regression_test/compileonly/mfgen-tpd/consumer/src/userfun.cc
Examining data/eclipse-titan-7.1.1/regression_test/compileonly/mfgen-tpd/invalid_buildconfig_param/HelloTpd/src/PCOType.cc
Examining data/eclipse-titan-7.1.1/regression_test/compileonly/mfgen-tpd/invalid_buildconfig_tpd/Hello000/src/PCOType0.cc
Examining data/eclipse-titan-7.1.1/regression_test/compileonly/mfgen-tpd/invalid_buildconfig_tpd/Hello123/src/PCOType1.cc
Examining data/eclipse-titan-7.1.1/regression_test/compileonly/mfgen-tpd/invalid_buildconfig_tpd/HelloTpd/src/PCOType.cc
Examining data/eclipse-titan-7.1.1/regression_test/compileonly/mfgen-tpd/library/HelloTpd/src/PCOType.cc
Examining data/eclipse-titan-7.1.1/regression_test/compileonly/mfgen-tpd/search_paths/dep1/Test/src/PCOType.cc
Examining data/eclipse-titan-7.1.1/regression_test/compileonly/styleGuide/external.cc
Examining data/eclipse-titan-7.1.1/regression_test/customEncoding/Coders.cc
Examining data/eclipse-titan-7.1.1/regression_test/iconv/iconver.cc
Examining data/eclipse-titan-7.1.1/regression_test/implicitMsgEncoding/PCOType.cc
Examining data/eclipse-titan-7.1.1/regression_test/intOper/PCOType.cc
Examining data/eclipse-titan-7.1.1/regression_test/locale/ext_func.cc
Examining data/eclipse-titan-7.1.1/regression_test/logFiles/extfunc.cc
Examining data/eclipse-titan-7.1.1/regression_test/logger/emergency_logging/PCO_PT.cc
Examining data/eclipse-titan-7.1.1/regression_test/logger/logtest/PCO_PT.cc
Examining data/eclipse-titan-7.1.1/regression_test/makefilegen/makefilegen_envvar_test/testA/Test/src/PCOType.cc
Examining data/eclipse-titan-7.1.1/regression_test/map_param/PT.cc
Examining data/eclipse-titan-7.1.1/regression_test/nonMandatoryPar/PCOType.cc
Examining data/eclipse-titan-7.1.1/regression_test/nondeterministicDefaultParam/ExternalFunctions.cc
Examining data/eclipse-titan-7.1.1/regression_test/objidOper/indexer.cc
Examining data/eclipse-titan-7.1.1/regression_test/omitdef/PT_DefOpt.cc
Examining data/eclipse-titan-7.1.1/regression_test/oop/ext.cc
Examining data/eclipse-titan-7.1.1/regression_test/portTranslation/NVP.cc
Examining data/eclipse-titan-7.1.1/regression_test/portTranslation/P1.cc
Examining data/eclipse-titan-7.1.1/regression_test/portTranslation/P1Internal.cc
Examining data/eclipse-titan-7.1.1/regression_test/portTranslation/P2.cc
Examining data/eclipse-titan-7.1.1/regression_test/portTranslation/P2Internal.cc
Examining data/eclipse-titan-7.1.1/regression_test/portTranslation/P3.cc
Examining data/eclipse-titan-7.1.1/regression_test/portTranslation/P3Internal.cc
Examining data/eclipse-titan-7.1.1/regression_test/portTranslation/P4.cc
Examining data/eclipse-titan-7.1.1/regression_test/portTranslation/P5.cc
Examining data/eclipse-titan-7.1.1/regression_test/portTranslation/PT2.cc
Examining data/eclipse-titan-7.1.1/regression_test/portTranslation/PT3.cc
Examining data/eclipse-titan-7.1.1/regression_test/portTranslation/PT4.cc
Examining data/eclipse-titan-7.1.1/regression_test/portTranslation/VP1.cc
Examining data/eclipse-titan-7.1.1/regression_test/portTranslation/VP1Internal.cc
Examining data/eclipse-titan-7.1.1/regression_test/portTranslationCentralStorage/ProjA/src/PortA.cc
Examining data/eclipse-titan-7.1.1/regression_test/portTranslationCentralStorage/ProjA/src/PortA_RT.cc
Examining data/eclipse-titan-7.1.1/regression_test/portTranslationCentralStorage/ProjB/src/PortA2.cc
Examining data/eclipse-titan-7.1.1/regression_test/portTranslationCentralStorage/ProjB/src/PortB.cc
Examining data/eclipse-titan-7.1.1/regression_test/portTranslationCentralStorage/ProjB/src/PortB_RT.cc
Examining data/eclipse-titan-7.1.1/regression_test/profiler/PIPEasp_PT.cc
Examining data/eclipse-titan-7.1.1/regression_test/realtime/PortMsg.cc
Examining data/eclipse-titan-7.1.1/regression_test/realtime/PortProc.cc
Examining data/eclipse-titan-7.1.1/regression_test/realtime/PortProvBasic.cc
Examining data/eclipse-titan-7.1.1/regression_test/realtime/PortProvRT.cc
Examining data/eclipse-titan-7.1.1/regression_test/realtime/PortTransBasic.cc
Examining data/eclipse-titan-7.1.1/regression_test/realtime/PortTransRT.cc
Examining data/eclipse-titan-7.1.1/regression_test/slider/PT1.cc
Examining data/eclipse-titan-7.1.1/regression_test/slider/UNDER.cc
Examining data/eclipse-titan-7.1.1/regression_test/tryCatch/PCOType.cc
Examining data/eclipse-titan-7.1.1/regression_test/tryCatch/external_function.cc
Examining data/eclipse-titan-7.1.1/regression_test/ttcn2json/PIPEasp_PT.cc
Examining data/eclipse-titan-7.1.1/regression_test/ttcn2json/f_ext_import_schema.cc
Examining data/eclipse-titan-7.1.1/regression_test/ucharstrOper/external.cc
Examining data/eclipse-titan-7.1.1/repgen/logfilter.c
Examining data/eclipse-titan-7.1.1/repgen/logmerge.c
Examining data/eclipse-titan-7.1.1/repgen/repgen.c
Examining data/eclipse-titan-7.1.1/repgen/repgen.h
Examining data/eclipse-titan-7.1.1/xsdconvert/Annotation.cc
Examining data/eclipse-titan-7.1.1/xsdconvert/AttributeType.cc
Examining data/eclipse-titan-7.1.1/xsdconvert/ComplexType.cc
Examining data/eclipse-titan-7.1.1/xsdconvert/Constant.cc
Examining data/eclipse-titan-7.1.1/xsdconvert/GeneralFunctions.cc
Examining data/eclipse-titan-7.1.1/xsdconvert/ImportStatement.cc
Examining data/eclipse-titan-7.1.1/xsdconvert/Mstring.cc
Examining data/eclipse-titan-7.1.1/xsdconvert/PredefinedModules.cc
Examining data/eclipse-titan-7.1.1/xsdconvert/RootType.cc
Examining data/eclipse-titan-7.1.1/xsdconvert/SimpleType.cc
Examining data/eclipse-titan-7.1.1/xsdconvert/TTCN3Module.cc
Examining data/eclipse-titan-7.1.1/xsdconvert/TTCN3ModuleInventory.cc
Examining data/eclipse-titan-7.1.1/xsdconvert/XMLParser.cc
Examining data/eclipse-titan-7.1.1/xsdconvert/converter.cc
FINAL RESULTS:
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/read.c:462:8: [5] (buffer) gets:
Does not check for buffer overflows (CWE-120, CWE-20). Use fgets() instead.
FUN(el,gets)(EditLine *el, int *nread)
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCFileIO.cc:1287:6: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
if(chmod( (const char *)p__name, st_mode )) {
data/eclipse-titan-7.1.1/JNI/jnimw.cc:71:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, ap);
data/eclipse-titan-7.1.1/common/memory.c:182:6: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, FILENAME_FORMAT, filename, line);
data/eclipse-titan-7.1.1/common/memory.c:187:27: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
if (block_ptr->filename) fprintf(stderr,
data/eclipse-titan-7.1.1/common/memory.c:194:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, FILENAME_FORMAT, filename, line);
data/eclipse-titan-7.1.1/common/memory.c:199:34: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
if (block_ptr->filename) fprintf(stderr,
data/eclipse-titan-7.1.1/common/memory.c:303:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, FILENAME_FORMAT, block_ptr->filename, block_ptr->lineno);
data/eclipse-titan-7.1.1/common/memory.c:310:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, FILENAME_FORMAT, block_ptr->filename, block_ptr->lineno);
data/eclipse-titan-7.1.1/common/memory.c:370:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, FILENAME_FORMAT "Fatal error: cannot allocate %lu bytes"
data/eclipse-titan-7.1.1/common/memory.c:529:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, FILENAME_FORMAT,
data/eclipse-titan-7.1.1/common/memory.c:660:11: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len = vsnprintf(buf, BUFSIZE, fmt, pvar2);
data/eclipse-titan-7.1.1/common/memory.c:669:12: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len = vsnprintf(ptr, size, fmt, pvar2);
data/eclipse-titan-7.1.1/common/memory.c:682:6: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
if (vsnprintf(ptr, size, fmt, pvar) != len) {
data/eclipse-titan-7.1.1/common/memory.c:733:9: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len2 = vsnprintf(str + len, rest, fmt, pvar2);
data/eclipse-titan-7.1.1/common/memory.c:746:10: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len2 = vsnprintf(str + len, rest, fmt, pvar2);
data/eclipse-titan-7.1.1/common/memory.c:759:10: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
if (vsnprintf(str + len, size - len, fmt, pvar) != len2) {
data/eclipse-titan-7.1.1/common/usage_stats.cc:104:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if (e) strcpy(domain, e);
data/eclipse-titan-7.1.1/common/usage_stats.cc:132:29: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if (fqname != host) strcpy(host,fqname);
data/eclipse-titan-7.1.1/common/usage_stats.cc:134:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(host,domain+first);
data/eclipse-titan-7.1.1/common/usage_stats.cc:179:8: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
fp = popen("lsb_release -a 2>/dev/null", "r");
data/eclipse-titan-7.1.1/compiler2/CompilerError.cc:111:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, parameters);
data/eclipse-titan-7.1.1/compiler2/CompilerError.cc:126:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, parameters);
data/eclipse-titan-7.1.1/compiler2/CompilerError.cc:141:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, parameters);
data/eclipse-titan-7.1.1/compiler2/CompilerError.cc:155:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, parameters);
data/eclipse-titan-7.1.1/compiler2/CompilerError.cc:169:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, parameters);
data/eclipse-titan-7.1.1/compiler2/CompilerError.cc:183:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, parameters);
data/eclipse-titan-7.1.1/compiler2/CompilerError.cc:350:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, args);
data/eclipse-titan-7.1.1/compiler2/CompilerError.cc:365:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, args);
data/eclipse-titan-7.1.1/compiler2/CompilerError.cc:379:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, args);
data/eclipse-titan-7.1.1/compiler2/PredefFunc.cc:616:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(str_buf, 64, f ? "%f" : "%e", value);
data/eclipse-titan-7.1.1/compiler2/Real.cc:51:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tmp, "%s%.15g%se%d",
data/eclipse-titan-7.1.1/compiler2/Type.cc:578:16: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
u.fatref.system.ref = p.u.fatref.system.ref ?
data/eclipse-titan-7.1.1/compiler2/Type.cc:578:40: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
u.fatref.system.ref = p.u.fatref.system.ref ?
data/eclipse-titan-7.1.1/compiler2/Type.cc:579:22: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
p.u.fatref.system.ref->clone() : 0;
data/eclipse-titan-7.1.1/compiler2/Type.cc:580:16: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
u.fatref.system.type = 0;
data/eclipse-titan-7.1.1/compiler2/Type.cc:756:23: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
delete u.fatref.system.ref;
data/eclipse-titan-7.1.1/compiler2/Type.cc:1129:14: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
u.fatref.system.ref = p_system_ref;
data/eclipse-titan-7.1.1/compiler2/Type.cc:1130:14: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
u.fatref.system.type = 0;
data/eclipse-titan-7.1.1/compiler2/Type.cc:1474:20: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (u.fatref.system.ref)
data/eclipse-titan-7.1.1/compiler2/Type.cc:1475:18: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
u.fatref.system.ref->set_fullname(p_fullname + ".<system_type>");
data/eclipse-titan-7.1.1/compiler2/Type.cc:1553:20: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (u.fatref.system.ref)
data/eclipse-titan-7.1.1/compiler2/Type.cc:1554:18: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
u.fatref.system.ref->set_my_scope(p_scope);
data/eclipse-titan-7.1.1/compiler2/Type.cc:8365:19: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if(u.fatref.system.ref) {
data/eclipse-titan-7.1.1/compiler2/Type.cc:8367:18: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
u.fatref.system.ref->dump(level+2);
data/eclipse-titan-7.1.1/compiler2/Type_chk.cc:3747:18: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (u.fatref.system.ref) {
data/eclipse-titan-7.1.1/compiler2/Type_chk.cc:3749:16: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
u.fatref.system.type = u.fatref.system.ref->chk_comptype_ref();
data/eclipse-titan-7.1.1/compiler2/Type_chk.cc:3749:39: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
u.fatref.system.type = u.fatref.system.ref->chk_comptype_ref();
data/eclipse-titan-7.1.1/compiler2/Type_chk.cc:5921:16: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
u.fatref.system.ref ? u.fatref.system.type : u.fatref.runs_on.type;
data/eclipse-titan-7.1.1/compiler2/Type_chk.cc:5921:38: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
u.fatref.system.ref ? u.fatref.system.type : u.fatref.runs_on.type;
data/eclipse-titan-7.1.1/compiler2/main.cc:897:18: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
while (fscanf(fp, "%s", buff) == 1) {
data/eclipse-titan-7.1.1/compiler2/makefile.c:65:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, parameters);
data/eclipse-titan-7.1.1/compiler2/makefile.c:78:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, parameters);
data/eclipse-titan-7.1.1/compiler2/makefile.c:88:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, parameters);
data/eclipse-titan-7.1.1/compiler2/makefile.c:99:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, parameters);
data/eclipse-titan-7.1.1/compiler2/makefile.c:4603:14: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
rv = system(command);
data/eclipse-titan-7.1.1/compiler2/makefile.c:4633:12: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
int rv = system(command);
data/eclipse-titan-7.1.1/compiler2/makefile.c:4636:6: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if(access(output_file_name, W_OK) == -1) {
data/eclipse-titan-7.1.1/compiler2/makefile.c:4640:6: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if(access(tmp_output_file_name, W_OK) == -1) {
data/eclipse-titan-7.1.1/compiler2/makefile.c:4776:14: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
while (fscanf(fp, "%s", buff) == 1) {
data/eclipse-titan-7.1.1/compiler2/tcov2lcov.cc:123:62: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
xmlSchemaSetParserErrors(ctxt, (xmlSchemaValidityErrorFunc)fprintf,
data/eclipse-titan-7.1.1/compiler2/tcov2lcov.cc:124:35: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
(xmlSchemaValidityWarningFunc)fprintf, stderr);
data/eclipse-titan-7.1.1/compiler2/tcov2lcov.cc:145:69: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
xmlSchemaSetValidErrors(xml_ctxt, (xmlSchemaValidityErrorFunc)fprintf,
data/eclipse-titan-7.1.1/compiler2/tcov2lcov.cc:146:39: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
(xmlSchemaValidityWarningFunc)fprintf, stderr);
data/eclipse-titan-7.1.1/compiler2/xpather.cc:69:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, va);
data/eclipse-titan-7.1.1/compiler2/xpather.cc:184:62: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
xmlSchemaSetParserErrors(ctxt, (xmlSchemaValidityErrorFunc)fprintf, (xmlSchemaValidityWarningFunc)fprintf, stderr);
data/eclipse-titan-7.1.1/compiler2/xpather.cc:184:101: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
xmlSchemaSetParserErrors(ctxt, (xmlSchemaValidityErrorFunc)fprintf, (xmlSchemaValidityWarningFunc)fprintf, stderr);
data/eclipse-titan-7.1.1/compiler2/xpather.cc:200:61: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
xmlSchemaSetValidErrors(xsd, (xmlSchemaValidityErrorFunc) fprintf, (xmlSchemaValidityWarningFunc) fprintf, stderr);
data/eclipse-titan-7.1.1/compiler2/xpather.cc:200:101: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
xmlSchemaSetValidErrors(xsd, (xmlSchemaValidityErrorFunc) fprintf, (xmlSchemaValidityWarningFunc) fprintf, stderr);
data/eclipse-titan-7.1.1/compiler2/xpather.cc:643:8: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
fp = popen(command, "r");
data/eclipse-titan-7.1.1/compiler2/xpather.cc:1497:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(prefixed_file_path, search_paths[i]);
data/eclipse-titan-7.1.1/compiler2/xpather.cc:1501:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(prefixed_file_path, tpdName);
data/eclipse-titan-7.1.1/compiler2/xpather.cc:2710:21: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
FILE* gc_fp = popen(generatorCommand, "r");
data/eclipse-titan-7.1.1/compiler2/xpather.cc:2954:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tpdName_loc, name);
data/eclipse-titan-7.1.1/core/Addfunc.cc:2905:17: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int str_len = snprintf(str_buf, sizeof(str_buf), f ? "%f" : "%e", value);
data/eclipse-titan-7.1.1/core/DebuggerUI.cc:185:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(BATCH_TEXT);
data/eclipse-titan-7.1.1/core/DebuggerUI.cc:248:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(PROMPT_TEXT);
data/eclipse-titan-7.1.1/core/LegacyLogger.cc:145:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, err_msg, p_var);
data/eclipse-titan-7.1.1/core/Logger.cc:286:24: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int fragment_len = vsnprintf(logmatch_buffer + logmatch_buffer_len,
data/eclipse-titan-7.1.1/core/Logger.cc:510:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, err_msg, p_var);
data/eclipse-titan-7.1.1/core/Logger.cc:1386:21: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
const CHARSTRING& system, const CHARSTRING& param)
data/eclipse-titan-7.1.1/core/Logger.cc:1389:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system, param);
data/eclipse-titan-7.1.1/core/Logger.cc:1406:21: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
const CHARSTRING& system, const CHARSTRING& param, int id)
data/eclipse-titan-7.1.1/core/Logger.cc:1409:5: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system, param, id);
data/eclipse-titan-7.1.1/core/LoggerPluginManager.cc:1390:34: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
int compref, const CHARSTRING& system, const CHARSTRING& param)
data/eclipse-titan-7.1.1/core/LoggerPluginManager.cc:1404:22: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
pt.sys__name() = system;
data/eclipse-titan-7.1.1/core/LoggerPluginManager.cc:1450:34: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
int compref, const CHARSTRING& system, const CHARSTRING& param, int id)
data/eclipse-titan-7.1.1/core/LoggerPluginManager.cc:1463:22: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
ms.sys__name() = system;
data/eclipse-titan-7.1.1/core/Objid.cc:536:19: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int str_len = snprintf(str_buf, sizeof(str_buf), OBJID_FMT,
data/eclipse-titan-7.1.1/core/Port.cc:116:32: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
void PORT::add_to_list(boolean system)
data/eclipse-titan-7.1.1/core/Port.cc:136:37: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
void PORT::remove_from_list(boolean system)
data/eclipse-titan-7.1.1/core/Port.cc:149:63: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
PORT *PORT::lookup_by_name(const char *par_port_name, boolean system)
data/eclipse-titan-7.1.1/core/Port.cc:367:34: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
void PORT::activate_port(boolean system)
data/eclipse-titan-7.1.1/core/Port.cc:370:17: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
add_to_list(system);
data/eclipse-titan-7.1.1/core/Port.cc:385:36: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
void PORT::deactivate_port(boolean system)
data/eclipse-titan-7.1.1/core/Port.cc:418:36: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
unmap(system_port, params, system);
data/eclipse-titan-7.1.1/core/Port.cc:422:77: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
TTCN_Communication::send_unmapped(port_name, system_port, params, system);
data/eclipse-titan-7.1.1/core/Port.cc:440:22: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
remove_from_list(system);
data/eclipse-titan-7.1.1/core/ProfMerge_main.cc:53:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, parameters);
data/eclipse-titan-7.1.1/core/Runtime.cc:2399:27: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
int return_status = system(command_string);
data/eclipse-titan-7.1.1/langviz/error.c:28:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, parameters);
data/eclipse-titan-7.1.1/langviz/error.c:40:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, parameters);
data/eclipse-titan-7.1.1/langviz/error.c:52:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, parameters);
data/eclipse-titan-7.1.1/langviz/error.c:64:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, parameters);
data/eclipse-titan-7.1.1/langviz/error.c:76:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, parameters);
data/eclipse-titan-7.1.1/langviz/error.c:88:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, parameters);
data/eclipse-titan-7.1.1/licensegen/license_gen.c:53:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, pvar);
data/eclipse-titan-7.1.1/licensegen/license_gen.c:449:10: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
fp = popen(sendmail_cmd, "w");
data/eclipse-titan-7.1.1/licensegen/renew_license.c:135:10: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if(!(system(command_line))) {
data/eclipse-titan-7.1.1/loggerplugins/TSTLogger/TSTLogger.cc:321:10: [4] (misc) getlogin:
It's often easy to fool getlogin. Sometimes it does not work at all,
because some program messed up the utmp file. Often, it gives only the
first 8 characters of the login name. The user currently logged in on the
controlling tty of our program need not be the user who started it. Avoid
getlogin() for security-related purposes (CWE-807). Use getpwuid(geteuid())
and extract the desired information instead.
return getlogin();
data/eclipse-titan-7.1.1/mctr2/cli/Cli.cc:818:6: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if(system(arguments) == -1) {
data/eclipse-titan-7.1.1/mctr2/cli/Cli.cc:1222:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, warning_str, pvar);
data/eclipse-titan-7.1.1/mctr2/cli/Cli.cc:1234:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, error_str, pvar);
data/eclipse-titan-7.1.1/mctr2/cli/Cli.cc:1248:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, error_str, pvar);
data/eclipse-titan-7.1.1/mctr2/cli/Cli.cc:1260:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, parameters);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/chartype.h:102:25: [4] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
#define Strcpy(d,s) wcscpy(d,s)
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/chartype.h:152:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
#define Strcpy(d,s) strcpy(d,s)
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/el.h:155:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf a; \
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/filecomplete.c:143:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void)sprintf(temp, "%s/%s", pass->pw_dir, txt);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/filecomplete.c:177:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void)strcpy(filename, temp);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/filecomplete.c:251:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
(void)sprintf(temp, "%s%s", dirname, entry->d_name);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/key.c:592:11: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
(void) fprintf(el->el_outfile, fmt,
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/key.c:600:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
(void) fprintf(el->el_outfile, fmt,
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/key.c:616:10: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
(void) fprintf(el->el_outfile, fmt, ct_encode_string(key,
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/readline.c:481:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void)strcpy(r, s);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/readline.c:838:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void)strcpy(&with[len], from);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/readline.c:892:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void)strcpy((*output) + 4, str);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/readline.c:931:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void)strcpy(&str[j], &str[j + 1]);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/readline.c:1037:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void)strcpy(result + len, arr[i]);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/readline.c:1171:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(template, _history_tmp_template);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/refresh.c:69:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
(void) fprintf b; \
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/sys.h:140:12: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
extern int fprintf(FILE *, const char *, ...);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/term.c:409:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(*str, cap); /* XXX strcpy is safe */
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/term.c:417:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(*str = &el->el_term.t_buf[el->el_term.t_loc],
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/term.c:443:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
(void) strcpy(*str = &el->el_term.t_buf[el->el_term.t_loc], cap);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/term.c:1557:10: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
(void) fprintf(el->el_outfile, fmts, EL_CAN_TAB ? "yes" : "no");
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/term.c:1560:10: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
(void) fprintf(el->el_outfile, fmts, Val(T_km) ? "yes" : "no");
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/term.c:1563:10: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
(void) fprintf(el->el_outfile, fmts, EL_HAS_MAGIC_MARGINS ?
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/term.c:1567:10: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
(void) fprintf(el->el_outfile, fmts, EL_HAS_AUTO_MARGINS ?
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/term.c:1576:12: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
(void) fprintf(el->el_outfile, fmts,
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/term.c:1580:10: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
(void) fprintf(el->el_outfile, fmtd, 0);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/term.c:1582:10: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
(void) fprintf(el->el_outfile, fmtd, (int)el->el_tty.t_speed);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/term.c:1587:10: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
(void) fprintf(el->el_outfile, fmtd, Val(T_li));
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/term.c:1590:10: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
(void) fprintf(el->el_outfile, fmtd, Val(T_co));
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/vi.c:1049:3: [4] (shell) execlp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execlp("vi", "vi", tempfile, (char *)NULL);
data/eclipse-titan-7.1.1/mctr2/mctr/MainController.cc:890:57: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
component_struct *MainController::mtc, *MainController::system;
data/eclipse-titan-7.1.1/mctr2/mctr/MainController.cc:2499:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, ap);
data/eclipse-titan-7.1.1/mctr2/mctr/MainController.cc:6617:20: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
init_connections(system);
data/eclipse-titan-7.1.1/mctr2/mctr/MainController.cc:6618:17: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
add_component(system);
data/eclipse-titan-7.1.1/mctr2/mctr/MainController.cc:6789:17: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if (tc == system) {
data/eclipse-titan-7.1.1/mctr2/mctr/MainController.h:362:34: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
static component_struct *mtc, *system;
data/eclipse-titan-7.1.1/mctr2/mctr/main.cc:120:27: [4] (misc) getlogin:
It's often easy to fool getlogin. Sometimes it does not work at all,
because some program messed up the utmp file. Often, it gives only the
first 8 characters of the login name. The user currently logged in on the
controlling tty of our program need not be the user who started it. Avoid
getlogin() for security-related purposes (CWE-807). Use getpwuid(geteuid())
and extract the desired information instead.
const char* user_name = getlogin(); // TODO: use getpwuid(getuid())
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/Abstract_Socket.cc:375:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(hname,tmp);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/Abstract_Socket.cc:1985:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ssl_key_file, parameter_value);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/Abstract_Socket.cc:1989:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ssl_trustedCAlist_file, parameter_value);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/Abstract_Socket.cc:1993:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ssl_certificate_file, parameter_value);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/Abstract_Socket.cc:1997:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ssl_cipher_list, parameter_value);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/Abstract_Socket.cc:2000:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ssl_password, parameter_value);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/Abstract_Socket.cc:2671:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, pass);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_NQueue_ExternalFunctions.cc:87:3: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(err_str, msg, ap);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_NQueue_ExternalFunctions.cc:948:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fn_dot, name);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_NQueue_ExternalFunctions.cc:957:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fn_png, name);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_NQueue_ExternalFunctions.cc:976:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(tmp, cmd, fn_dot, fn_png);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_NQueue_ExternalFunctions.cc:977:3: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(tmp);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_RBT_ExternalFunctions.cc:205:3: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(err_str, msg, ap);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_RBT_ExternalFunctions.cc:236:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, pl_name);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_RBT_ExternalFunctions.cc:1246:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fn_dot, name);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_RBT_ExternalFunctions.cc:1255:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fn_png, name);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_RBT_ExternalFunctions.cc:1273:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(tmp, cmd, fn_dot, fn_png);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_RBT_ExternalFunctions.cc:1274:12: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if(-1 == system(tmp)) {
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_TransportIPL2_ExternalFunctions.cc:804:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(format, va_arg(ap, char *));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_TransportIPL2_ExternalFunctions.cc:866:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
num = sscanf(buff, fmt, iface, &net_addr, &gate_addr, &iflags, &refcnt,
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:640:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ssl_key_file, parameter_value);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:644:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ssl_trustedCAlist_file, parameter_value);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:648:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ssl_certificate_file, parameter_value);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:652:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ssl_cipher_list, parameter_value);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:655:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ssl_password, parameter_value);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:4664:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, pass);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:5427:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(rem_addr,(const char*)*(sockList[mappingKey].remoteaddr));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:5672:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(rem_addr,(const char*)(sockList[ulpKey].remote_addr_list[sockList[ulpKey].remote_addr_index].hostName()));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_discovery.cc:598:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( name, ifn );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_discovery.cc:1176:12: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if ( sscanf ( readLine (), "%s %s %u", ipAddr, etherAddr, & d ) != 3 )
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_discovery.cc:1229:10: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
if ( fprintf ( file, headerFormat, nAddrs, leaseExpire, lEMax - leaseExpire,
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/PIPEasp_PT.cc:55:15: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if (name) strcpy(name, slavename);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/PIPEasp_PT.cc:629:3: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execvp(argv[0],argv);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIP_parse_.tab.c:2192:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define YYFPRINTF fprintf
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIP_parse_.tab.c:4580:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(comment_buf+1,(yyvsp[(1) - (1)].sv));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIP_parse_.tab.c:4590:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(comment_buf+1,(yyvsp[(2) - (2)].sv));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIP_parse_.tab.c:4632:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(atm+1,comment_buf+1);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIP_parse_.tab.c:4646:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(atm,(yyvsp[(1) - (1)].sv));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIP_parse_.tab.c:7913:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buff, (yyvsp[(2) - (4)].sv));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIP_parse_.tab.c:7915:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buff+len2+1, (yyvsp[(4) - (4)].sv));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIP_parse_.tab.c:7939:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buff, (yyvsp[(2) - (5)].sv));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIP_parse_.tab.c:7941:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buff+len2+1, (yyvsp[(4) - (5)].sv));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:214:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(conn_list[0].addr,target_addr);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:345:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(local_addr,parameter_value);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:359:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(target_addr,parameter_value);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:1329:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(conn_list[0].addr,dest_comm_addr);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:3568:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(target_addr,destination_address->host()());
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:3628:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(target_addr,destination_address->remote__host()());
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:3634:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(local_addr,destination_address->local__host()());
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:3717:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(conn_list[0].addr,dest_comm_addr);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:3780:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(conn_list[index].addr,hostname);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:3979:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(msg_in_buffer, um.getBuffer());
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:4034:9: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (fscanf(scfg, "BytecodeState=%d,%d,%d,%s\n",
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:4065:9: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (fscanf(scfg, "StaticDictionary=%d,%d,%d,%d,%s\n",
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:4101:16: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
fres = fscanf(scfg, "%d,%d,%d,%s\n", &state_address, &state_instr,
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface.cc:139:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(ifname,(const char *)int2str(i));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface.cc:142:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ifname,interface_str);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface.cc:144:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(ifname,(const char *)int2str(i));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface.cc:808:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ip, (char*)(const char*)ipaddress);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface.cc:810:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(ip, buf);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface_ip.h:509:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ncache, name);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TELNETasp_PT.cc:979:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(par, val);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TELNETasp_PT.cc:1728:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(port_name, p_port_name);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TELNETasp_PT.cc:1949:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(elems[index]->prompt, p_prompt);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:132801:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,strupr(SIP_parse_text));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:132819:89: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv, SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:132836:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:132860:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:132887:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:132900:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:132913:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:133058:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:133071:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:133099:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:133109:89: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:133126:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:133149:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:133166:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:133179:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:133239:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:133260:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:133272:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:133289:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:133302:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:133337:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:133354:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:133389:18: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:133406:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:133423:18: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:133440:18: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:133453:18: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:133471:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:133489:18: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:133517:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:133529:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:133550:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:133569:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:133581:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:133609:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:133631:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:133655:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:133668:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:133683:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:133716:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:133746:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:133786:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:133799:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:133822:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:133836:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:133855:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:133869:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:133888:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:133902:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:133920:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:133933:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:133951:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:133964:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:133982:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:133995:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:134008:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:134021:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:134039:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:134139:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:134151:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:134169:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:134182:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:134200:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:134214:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:134251:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:134269:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:134318:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:134358:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:134371:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:134384:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:134397:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:134415:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:134479:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:134496:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:134536:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:134554:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:134584:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:134596:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:134616:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:134658:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:135239:12: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SIP_parse_lval.sv,SIP_parse_text);
data/eclipse-titan-7.1.1/regression_test/XML/XmlWorkflow/PIPEasp_CNL113334/src/PIPEasp_PT.cc:502:3: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execvp(argv[0],argv);
data/eclipse-titan-7.1.1/regression_test/XML/XmlWorkflow/PIPEasp_CNL113334/test/PIPEasp_PT.cc:509:3: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execvp(argv[0],argv);
data/eclipse-titan-7.1.1/regression_test/profiler/PIPEasp_PT.cc:502:3: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execvp(argv[0],argv);
data/eclipse-titan-7.1.1/regression_test/ttcn2json/PIPEasp_PT.cc:502:3: [4] (shell) execvp:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execvp(argv[0],argv);
data/eclipse-titan-7.1.1/repgen/repgen.c:181:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf ( fullname, "%s/%s", code_srcdir, dp->d_name );
data/eclipse-titan-7.1.1/repgen/repgen.c:202:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf ( fullname, "%s/%s.ttcn", code_dstdir, tclist->tcname );
data/eclipse-titan-7.1.1/repgen/repgen.c:250:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf ( tempdir, "%s/temp", log_dstdir );
data/eclipse-titan-7.1.1/repgen/repgen.c:268:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (log_absrcdir, cwd);
data/eclipse-titan-7.1.1/repgen/repgen.c:269:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (log_absrcdir, ctemp);
data/eclipse-titan-7.1.1/repgen/repgen.c:271:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
else strcpy ( log_absrcdir, log_srcdir );
data/eclipse-titan-7.1.1/repgen/repgen.c:297:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf ( command, LOGFORMAT " %s/%s >/dev/null 2>&1", log_absrcdir, dp->d_name);
data/eclipse-titan-7.1.1/repgen/repgen.c:298:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
if ( system ( command ) == -1 )
data/eclipse-titan-7.1.1/repgen/repgen.c:336:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf ( oldname, "%s/temp/%s", log_dstdir, tclist->tcname );
data/eclipse-titan-7.1.1/repgen/repgen.c:337:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf ( newname, "%s/%s.ttcnlog", log_dstdir, tclist->tcname );
data/eclipse-titan-7.1.1/repgen/repgen.c:350:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf ( oldname, "%s/temp/%s", log_dstdir, dp->d_name );
data/eclipse-titan-7.1.1/repgen/repgen.c:396:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf ( fullname, "%s.dump", tclist->tcname );
data/eclipse-titan-7.1.1/repgen/repgen.c:402:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf ( fullname, "%s/%s", dump_srcdir, dp->d_name );
data/eclipse-titan-7.1.1/repgen/repgen.c:409:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf ( fullname, "%s/%s.dump", dump_dstdir, tclist->tcname );
data/eclipse-titan-7.1.1/repgen/repgen.c:447:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf ( buf, "%s.html", data_dstdir );
data/eclipse-titan-7.1.1/repgen/repgen.c:455:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ( dirname, ctemp + 1 );
data/eclipse-titan-7.1.1/repgen/repgen.c:470:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf ( buf, "\"%s\", ", tclist->tcname );
data/eclipse-titan-7.1.1/repgen/repgen.c:473:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf ( filename, "%s/%s.short", data_dstdir, tclist->tcname );
data/eclipse-titan-7.1.1/repgen/repgen.c:474:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf ( buf, "\"./%s/%s.short\", ", dirname, tclist->tcname );
data/eclipse-titan-7.1.1/repgen/repgen.c:475:8: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if ( access ( filename, R_OK ) == 0 ) fputs ( buf, wfile );
data/eclipse-titan-7.1.1/repgen/repgen.c:478:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf ( filename, "%s/%s.long", data_dstdir, tclist->tcname );
data/eclipse-titan-7.1.1/repgen/repgen.c:479:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf ( buf, "\"./%s/%s.long\", ", dirname, tclist->tcname );
data/eclipse-titan-7.1.1/repgen/repgen.c:480:8: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if ( access ( filename, R_OK ) == 0 ) fputs ( buf, wfile );
data/eclipse-titan-7.1.1/repgen/repgen.c:483:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf ( filename, "%s/%s.ttcn", data_dstdir, tclist->tcname );
data/eclipse-titan-7.1.1/repgen/repgen.c:484:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf ( buf, "\"./%s/%s.ttcn\", ", dirname, tclist->tcname );
data/eclipse-titan-7.1.1/repgen/repgen.c:485:8: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if ( access ( filename, R_OK ) == 0 ) fputs ( buf, wfile );
data/eclipse-titan-7.1.1/repgen/repgen.c:488:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf ( filename, "%s/%s.ttcnlog", data_dstdir, tclist->tcname );
data/eclipse-titan-7.1.1/repgen/repgen.c:489:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf ( buf, "\"./%s/%s.ttcnlog\", ", dirname, tclist->tcname );
data/eclipse-titan-7.1.1/repgen/repgen.c:490:8: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if ( access ( filename, R_OK ) == 0 ) fputs ( buf, wfile );
data/eclipse-titan-7.1.1/repgen/repgen.c:493:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf ( filename, "%s/%s.dump", data_dstdir, tclist->tcname );
data/eclipse-titan-7.1.1/repgen/repgen.c:494:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf ( buf, "\"./%s/%s.dump\",\n", dirname, tclist->tcname );
data/eclipse-titan-7.1.1/repgen/repgen.c:495:8: [4] (race) access:
This usually indicates a security flaw. If an attacker can change anything
along the path between the call to access() and the file's actual use
(e.g., by moving files), the attacker can exploit the race condition
(CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
and try to open the file directly.
if ( access ( filename, R_OK ) == 0 ) fputs ( buf, wfile );
data/eclipse-titan-7.1.1/repgen/repgen.c:612:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf ( buf, "mywin.document.writeln(\"<tr><td>  %s  </td><td>", tclist->tcname );
data/eclipse-titan-7.1.1/repgen/repgen.c:615:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf ( filename, "%s/%s.short", data_dstdir, tclist->tcname );
data/eclipse-titan-7.1.1/repgen/repgen.c:636:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf ( filename, "%s/%s.ttcnlog", data_dstdir, tclist->tcname );
data/eclipse-titan-7.1.1/repgen/repgen.c:711:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf ( filename, "%s/logo.gif", data_dstdir );
data/eclipse-titan-7.1.1/common/UnicharPattern.cc:86:27: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char* ttcn3_dir = getenv("TTCN3_DIR");
data/eclipse-titan-7.1.1/common/config_preproc.cc:108:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
else if((s=getenv(key))) {
data/eclipse-titan-7.1.1/common/license.c:299:29: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char *file_name = getenv("TTCN3_LICENSE_FILE");
data/eclipse-titan-7.1.1/common/usage_stats.cc:103:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *e = getenv("LOCALDOMAIN");
data/eclipse-titan-7.1.1/compiler2/CompilerError.cc:71:19: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char const *t = getenv("TERM");
data/eclipse-titan-7.1.1/compiler2/main.cc:474:24: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
asn1_yydebug = !! getenv("DEBUG_ASN1");
data/eclipse-titan-7.1.1/compiler2/main.cc:475:24: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
ttcn3_debug = !! getenv("DEBUG_TTCN");
data/eclipse-titan-7.1.1/compiler2/main.cc:476:42: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
pattern_unidebug= pattern_yydebug = !! getenv("DEBUG_PATTERN");
data/eclipse-titan-7.1.1/compiler2/main.cc:477:24: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
rawAST_debug = !! getenv("DEBUG_RAW");
data/eclipse-titan-7.1.1/compiler2/main.cc:478:27: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
coding_attrib_debug = !!getenv("DEBUG_ATRIB") || getenv("DEBUG_ATTRIB");
data/eclipse-titan-7.1.1/compiler2/main.cc:478:52: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
coding_attrib_debug = !!getenv("DEBUG_ATRIB") || getenv("DEBUG_ATTRIB");
data/eclipse-titan-7.1.1/compiler2/main.cc:603:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
int c = getopt(argc, argv, "aA:bBcC:dDeEfFgiIjJ:kK:lLMnNo:OpP:qQ:rRsStT:uU:vV:wxXyYz:0-");
data/eclipse-titan-7.1.1/compiler2/makefile.c:5041:13: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
int c = getopt(argc, argv, "O:ab:c" C_flag "dDe:EfFgGiI:J:kK:o:lLmMnNpP:rRsSt:TU:vVwWXYz:ZH");
data/eclipse-titan-7.1.1/compiler2/tcov2lcov.cc:294:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "b:d:ho:vx:")) != -1) {
data/eclipse-titan-7.1.1/compiler2/tcov2lcov.cc:341:29: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char *ttcn3_dir = getenv("TTCN3_DIR");
data/eclipse-titan-7.1.1/compiler2/xpather.cc:638:21: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *ttcn3_dir = getenv("TTCN3_DIR");
data/eclipse-titan-7.1.1/compiler2/xpather.cc:1570:29: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char* ttcn3_dir = getenv("TTCN3_DIR");
data/eclipse-titan-7.1.1/core/Addfunc.cc:2750:13: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
ret_val = drand48();
data/eclipse-titan-7.1.1/core/DebuggerUI.cc:216:32: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char *home_directory = getenv("HOME");
data/eclipse-titan-7.1.1/core/LegacyLogger.cc:1072:20: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
(const char*)setstate.port__name(), (const char*)setstate.state());
data/eclipse-titan-7.1.1/core/LegacyLogger.cc:1072:56: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
(const char*)setstate.port__name(), (const char*)setstate.state());
data/eclipse-titan-7.1.1/core/LegacyLogger.cc:1073:9: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if (setstate.info().lengthof() != 0) {
data/eclipse-titan-7.1.1/core/LegacyLogger.cc:1074:70: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
ret_val = mputprintf(ret_val, " Information: %s", (const char*)setstate.info());
data/eclipse-titan-7.1.1/core/LegacyLogger.cc:1921:95: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
TitanLoggerApi::FunctionEvent_choice_random const& ra = choice.functionEvent().choice().random();
data/eclipse-titan-7.1.1/core/LoggerPluginManager.cc:1252:92: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
API::FunctionEvent_choice_random &r = event.logEvent().choice().functionEvent().choice().random();
data/eclipse-titan-7.1.1/core/LoggerPluginManager.cc:1519:3: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
setstate.port__name() = port_name;
data/eclipse-titan-7.1.1/core/LoggerPluginManager.cc:1520:3: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
setstate.info() = (const char*)info;
data/eclipse-titan-7.1.1/core/LoggerPluginManager.cc:1523:7: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
setstate.state() = "unset";
data/eclipse-titan-7.1.1/core/LoggerPluginManager.cc:1526:7: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
setstate.state() = "translated";
data/eclipse-titan-7.1.1/core/LoggerPluginManager.cc:1529:7: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
setstate.state() = "not translated";
data/eclipse-titan-7.1.1/core/LoggerPluginManager.cc:1532:7: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
setstate.state() = "fragmented";
data/eclipse-titan-7.1.1/core/LoggerPluginManager.cc:1535:7: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
setstate.state() = "partially translated";
data/eclipse-titan-7.1.1/core/LoggerPluginManager.cc:1538:7: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
setstate.state() = "discarded";
data/eclipse-titan-7.1.1/core/Parallel_main.cc:106:13: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
int c = getopt(argc, argv, "ls:vp");
data/eclipse-titan-7.1.1/core/ProfMerge_main.cc:94:13: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
int c = getopt(argc, argv, "o:s:pcf:v");
data/eclipse-titan-7.1.1/core/Single_main.cc:117:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "b:hlvp")) != -1) {
data/eclipse-titan-7.1.1/core/XmlReader.cc:124:24: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
static boolean d = !!getenv("DEBUG_XMLREADER");
data/eclipse-titan-7.1.1/core/XmlReader.cc:294:24: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
static boolean d = !!getenv("DEBUG_XMLREADER");
data/eclipse-titan-7.1.1/core/XmlReader.cc:328:24: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
static boolean d = !!getenv("DEBUG_XMLREADER");
data/eclipse-titan-7.1.1/core/XmlReader.cc:362:24: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
static boolean d = !!getenv("DEBUG_XMLREADER");
data/eclipse-titan-7.1.1/loggerplugins/LTTngUSTLogger/LTTngUSTLogger.cc:205:59: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
timestamp, severity, functionEventChoice.random());
data/eclipse-titan-7.1.1/mctr2/cli/Cli.cc:367:32: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char *home_directory = getenv("HOME");
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/el.c:513:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((ptr = getenv("HOME")) == NULL)
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/sys.h:139:17: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
extern char *getenv(const char *);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/term.c:943:10: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
term = getenv("TERM");
data/eclipse-titan-7.1.1/mctr2/mctr/main.cc:213:36: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char* ttcn3_asciiart_dir = getenv("TTCN3_ASCIIART_DIR");
data/eclipse-titan-7.1.1/mctr2/mctr/main.cc:218:29: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char* ttcn3_dir = getenv("TTCN3_DIR");
data/eclipse-titan-7.1.1/mctr2/mctr/main.cc:250:3: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(NULL));
data/eclipse-titan-7.1.1/mctr2/mctr/main.cc:265:24: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
config_read_debug = (getenv("DEBUG_CONFIG") != NULL);
data/eclipse-titan-7.1.1/repgen/logfilter.c:227:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "lhvo:")) != -1) {
data/eclipse-titan-7.1.1/repgen/logmerge.c:240:21: [3] (tmpfile) tempnam:
Temporary file race condition (CWE-377).
char *temp_name = tempnam(NULL, NULL);
data/eclipse-titan-7.1.1/repgen/logmerge.c:606:17: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "vo:")) != -1) {
data/eclipse-titan-7.1.1/xsdconvert/converter.cc:79:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "cdef:ghJ:mnNopqstvwxz")) != -1) {
data/eclipse-titan-7.1.1/JNI/jnimw.cc:131:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char packet_size[6];
data/eclipse-titan-7.1.1/JNI/jnimw.cc:167:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[7];
data/eclipse-titan-7.1.1/JNI/jnimw.cc:168:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( str,"S%02d000", mc_state );
data/eclipse-titan-7.1.1/JNI/jnimw.cc:185:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char packet_header[7];
data/eclipse-titan-7.1.1/JNI/jnimw.cc:207:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char packet_header[7];
data/eclipse-titan-7.1.1/common/NetworkHandler.cc:195:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&m_addr.sin_addr, hptr->h_addr_list[0], static_cast<size_t>(hptr->h_length));
data/eclipse-titan-7.1.1/common/NetworkHandler.cc:323:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char p_port_str[6];
data/eclipse-titan-7.1.1/common/Quadruple.cc:129:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hex[9];
data/eclipse-titan-7.1.1/common/Quadruple.cc:147:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hex[3];
data/eclipse-titan-7.1.1/common/UnicharPattern.cc:93:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(mappings_file, "r");
data/eclipse-titan-7.1.1/common/UnicharPattern.cc:97:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen("../etc/CaseFolding.txt", "r");
data/eclipse-titan-7.1.1/common/UnicharPattern.cc:120:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1024];
data/eclipse-titan-7.1.1/common/license.c:161:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, from, length);
data/eclipse-titan-7.1.1/common/license.c:202:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char message_digest[SHA_DIGEST_LENGTH];
data/eclipse-titan-7.1.1/common/license.c:271:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(file_name, "r");
data/eclipse-titan-7.1.1/common/license.c:291:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lptr, data, sizeof(*lptr));
data/eclipse-titan-7.1.1/common/license.c:361:2: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR user_name[UNLEN + 1];
data/eclipse-titan-7.1.1/common/license.c:583:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[MD5_DIGEST_LENGTH];
data/eclipse-titan-7.1.1/common/license.c:627:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[MD5_DIGEST_LENGTH];
data/eclipse-titan-7.1.1/common/license.h:79:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char unique_id[4];
data/eclipse-titan-7.1.1/common/license.h:80:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char licensee_name[48], licensee_email[48],
data/eclipse-titan-7.1.1/common/license.h:82:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char valid_from[4], valid_until[4];
data/eclipse-titan-7.1.1/common/license.h:83:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char host_id[4];
data/eclipse-titan-7.1.1/common/license.h:84:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char login_name[8];
data/eclipse-titan-7.1.1/common/license.h:85:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char from_major[4], from_minor[4], from_patchlevel[4],
data/eclipse-titan-7.1.1/common/license.h:87:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char feature_list[4], limitation_type[4];
data/eclipse-titan-7.1.1/common/license.h:88:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char max_ptcs[4];
data/eclipse-titan-7.1.1/common/license.h:89:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dsa_signature[48];
data/eclipse-titan-7.1.1/common/memory.c:165:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&block_ptr->magic, &block_ptr, sizeof(block_ptr));
data/eclipse-titan-7.1.1/common/memory.c:166:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr + block_ptr->size, &block_ptr, sizeof(block_ptr));
data/eclipse-titan-7.1.1/common/memory.c:191:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&block_ptr->magic, &inv_ptr, sizeof(inv_ptr));/*invert magic*/
data/eclipse-titan-7.1.1/common/memory.c:203:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr + block_ptr->size, &inv_ptr, sizeof(inv_ptr));
data/eclipse-titan-7.1.1/common/memory.c:654:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/eclipse-titan-7.1.1/common/memory.c:691:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, buf, slen);
data/eclipse-titan-7.1.1/common/memory.c:809:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, str, len);
data/eclipse-titan-7.1.1/common/memory.c:830:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, str, len);
data/eclipse-titan-7.1.1/common/memory.c:854:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(str + len, str2, len2);
data/eclipse-titan-7.1.1/common/memory.c:877:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(str + len, str2, len2);
data/eclipse-titan-7.1.1/common/path.c:30:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/eclipse-titan-7.1.1/common/usage_stats.cc:65:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[774];
data/eclipse-titan-7.1.1/common/usage_stats.cc:73:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(host,"localhost");
data/eclipse-titan-7.1.1/common/usage_stats.cc:102:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char domain[1024];
data/eclipse-titan-7.1.1/common/usage_stats.cc:107:35: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if( !domain[0] && NULL != (fp=fopen("/etc/resolv.conf","r")) ) {
data/eclipse-titan-7.1.1/common/usage_stats.cc:119:35: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if( !domain[0] && NULL != (fp=fopen("/etc/defaultdomain","r")) ) {
data/eclipse-titan-7.1.1/common/usage_stats.cc:145:3: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR user_name[UNLEN + 1], computer_name[MAX_COMPUTERNAME_LENGTH + 1];
data/eclipse-titan-7.1.1/common/usage_stats.cc:177:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[128];
data/eclipse-titan-7.1.1/common/usage_stats.cc:226:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sendline[MAXLINE + 1];//, recvline[MAXLINE + 1];
data/eclipse-titan-7.1.1/common/usage_stats.cc:256:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[50];
data/eclipse-titan-7.1.1/common/userinfo.c:32:3: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR user_name[UNLEN + 1], computer_name[MAX_COMPUTERNAME_LENGTH + 1];
data/eclipse-titan-7.1.1/common/userinfo.c:43:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host_name[256];
data/eclipse-titan-7.1.1/compiler2/AST.cc:1591:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(new_prefix, "tq%04lu", (unsigned long)iidx);
data/eclipse-titan-7.1.1/compiler2/CodeGenHelper.cc:137:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
} else if ((n = atoi(type))) {
data/eclipse-titan-7.1.1/compiler2/CodeGenHelper.cc:492:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[13]= ""; // Max is 999999 should be enough (checked in main.cc) | 6 digit + 2 underscore + part
data/eclipse-titan-7.1.1/compiler2/CodeGenHelper.cc:500:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "_part_%d", static_cast<int>(i));
data/eclipse-titan-7.1.1/compiler2/CodeGenHelper.cc:549:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "_part_%d", static_cast<int>(i));
data/eclipse-titan-7.1.1/compiler2/PredefFunc.cc:100:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[2];
data/eclipse-titan-7.1.1/compiler2/PredefFunc.cc:347:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char hdigits[16] = { '0', '1', '2', '3', '4', '5', '6', '7',
data/eclipse-titan-7.1.1/compiler2/PredefFunc.cc:579:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512] = "";
data/eclipse-titan-7.1.1/compiler2/PredefFunc.cc:610:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str_buf[64];
data/eclipse-titan-7.1.1/compiler2/PredefFunc.cc:648:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[ERRMSG_BUFSIZE];
data/eclipse-titan-7.1.1/compiler2/PredefFunc.cc:677:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[ERRMSG_BUFSIZE];
data/eclipse-titan-7.1.1/compiler2/PredefFunc.cc:717:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[ERRMSG_BUFSIZE];
data/eclipse-titan-7.1.1/compiler2/PredefFunc.cc:757:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[ERRMSG_BUFSIZE];
data/eclipse-titan-7.1.1/compiler2/PredefFunc.cc:1023:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char octets[2];
data/eclipse-titan-7.1.1/compiler2/PredefFunc.cc:1042:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char octets[3];
data/eclipse-titan-7.1.1/compiler2/PredefFunc.cc:1061:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char octets[4];
data/eclipse-titan-7.1.1/compiler2/PredefFunc.cc:1080:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char octets[5];
data/eclipse-titan-7.1.1/compiler2/PredefFunc.cc:1099:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char octets[6];
data/eclipse-titan-7.1.1/compiler2/Real.cc:49:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[64];
data/eclipse-titan-7.1.1/compiler2/Type_chk.cc:1535:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tail[2];
data/eclipse-titan-7.1.1/compiler2/Type_chk.cc:2858:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char first[5] = {0,0,0,0,0};
data/eclipse-titan-7.1.1/compiler2/Value.cc:6325:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[512];
data/eclipse-titan-7.1.1/compiler2/main.cc:330:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(file_name, "r");
data/eclipse-titan-7.1.1/compiler2/main.cc:338:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[PATH_MAX];
data/eclipse-titan-7.1.1/compiler2/main.cc:641:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
verb_level = atoi(optarg);
data/eclipse-titan-7.1.1/compiler2/main.cc:893:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(file_list_file_name, "r");
data/eclipse-titan-7.1.1/compiler2/main.cc:895:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[1024];
data/eclipse-titan-7.1.1/compiler2/main.cc:1043:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(module->file_name, "r");
data/eclipse-titan-7.1.1/compiler2/makefile.c:1257:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(file_name, "r");
data/eclipse-titan-7.1.1/compiler2/makefile.c:1897:66: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
} else if(makefile->code_splitting_mode != NULL && (n_slices = atoi(makefile->code_splitting_mode + 2))) {
data/eclipse-titan-7.1.1/compiler2/makefile.c:1899:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[16]; // 6 digits + 4 chars + _part
data/eclipse-titan-7.1.1/compiler2/makefile.c:1900:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "_part_%i.cc", i);
data/eclipse-titan-7.1.1/compiler2/makefile.c:1959:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(makefile->output_file, "w");
data/eclipse-titan-7.1.1/compiler2/makefile.c:2698:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
((n_slices = atoi(makefile->code_splitting_mode + 2)) ||
data/eclipse-titan-7.1.1/compiler2/makefile.c:2856:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
((n_slices = atoi(makefile->code_splitting_mode + 2)) ||
data/eclipse-titan-7.1.1/compiler2/makefile.c:3075:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
} else if((n_slices = atoi(makefile->code_splitting_mode + 2))) {
data/eclipse-titan-7.1.1/compiler2/makefile.c:3077:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[16]; // 6 digits + 4 chars + _part
data/eclipse-titan-7.1.1/compiler2/makefile.c:3078:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "_part_%i.so", slice);
data/eclipse-titan-7.1.1/compiler2/makefile.c:3098:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
} else if((n_slices = atoi(makefile->code_splitting_mode + 2))) {
data/eclipse-titan-7.1.1/compiler2/makefile.c:3100:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[16]; // 6 digits + 4 chars + _part
data/eclipse-titan-7.1.1/compiler2/makefile.c:3101:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "_part_%i.so", slice);
data/eclipse-titan-7.1.1/compiler2/makefile.c:3121:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
} else if((n_slices = atoi(makefile->code_splitting_mode + 2))) {
data/eclipse-titan-7.1.1/compiler2/makefile.c:3123:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[16]; // 6 digits + 4 chars + _part
data/eclipse-titan-7.1.1/compiler2/makefile.c:3124:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "_part_%i.so", slice);
data/eclipse-titan-7.1.1/compiler2/makefile.c:3143:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
} else if((n_slices = atoi(makefile->code_splitting_mode + 2))) {
data/eclipse-titan-7.1.1/compiler2/makefile.c:3145:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[16]; // 6 digits + 4 chars + _part
data/eclipse-titan-7.1.1/compiler2/makefile.c:3146:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "_part_%i.so", slice);
data/eclipse-titan-7.1.1/compiler2/makefile.c:3185:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
} else if((n_slices = atoi(makefile->code_splitting_mode + 2))) {
data/eclipse-titan-7.1.1/compiler2/makefile.c:3187:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[16]; // 6 digits + 4 chars + _part
data/eclipse-titan-7.1.1/compiler2/makefile.c:3188:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "_part_%i.o", slice);
data/eclipse-titan-7.1.1/compiler2/makefile.c:3208:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
} else if((n_slices = atoi(makefile->code_splitting_mode + 2))) {
data/eclipse-titan-7.1.1/compiler2/makefile.c:3210:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[16]; // 6 digits + 4 chars + _part
data/eclipse-titan-7.1.1/compiler2/makefile.c:3211:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "_part_%i.o", slice);
data/eclipse-titan-7.1.1/compiler2/makefile.c:3231:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
} else if((n_slices = atoi(makefile->code_splitting_mode + 2))) {
data/eclipse-titan-7.1.1/compiler2/makefile.c:3233:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[16]; // 6 digits + 4 chars + _part
data/eclipse-titan-7.1.1/compiler2/makefile.c:3234:17: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "_part_%i.o", slice);
data/eclipse-titan-7.1.1/compiler2/makefile.c:3254:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
} else if((n_slices = atoi(makefile->code_splitting_mode + 2))) {
data/eclipse-titan-7.1.1/compiler2/makefile.c:3256:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[16]; // 6 digits + 4 chars + _part
data/eclipse-titan-7.1.1/compiler2/makefile.c:3257:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "_part_%i.o", slice);
data/eclipse-titan-7.1.1/compiler2/makefile.c:3309:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
} else if((n_slices = atoi(makefile->code_splitting_mode + 2))) {
data/eclipse-titan-7.1.1/compiler2/makefile.c:3311:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[16]; // 6 digits + 4 chars + _part
data/eclipse-titan-7.1.1/compiler2/makefile.c:3312:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "_part_%i.so", slice);
data/eclipse-titan-7.1.1/compiler2/makefile.c:3333:43: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
} else if((n_slices = atoi(makefile->code_splitting_mode + 2))) {
data/eclipse-titan-7.1.1/compiler2/makefile.c:3335:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[16]; // 6 digits + 4 chars + _part
data/eclipse-titan-7.1.1/compiler2/makefile.c:3336:25: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "_part_%i.so", slice);
data/eclipse-titan-7.1.1/compiler2/makefile.c:3356:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
} else if((n_slices = atoi(makefile->code_splitting_mode + 2))) {
data/eclipse-titan-7.1.1/compiler2/makefile.c:3358:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[16]; // 6 digits + 4 chars + _part
data/eclipse-titan-7.1.1/compiler2/makefile.c:3359:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "_part_%i.so", slice);
data/eclipse-titan-7.1.1/compiler2/makefile.c:3378:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
} else if((n_slices = atoi(makefile->code_splitting_mode + 2))) {
data/eclipse-titan-7.1.1/compiler2/makefile.c:3380:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[16]; // 6 digits + 4 chars + _part
data/eclipse-titan-7.1.1/compiler2/makefile.c:3381:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "_part_%i.so", slice);
data/eclipse-titan-7.1.1/compiler2/makefile.c:3440:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
} else if((n_slices = atoi(makefile->code_splitting_mode + 2))) {
data/eclipse-titan-7.1.1/compiler2/makefile.c:3442:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[16]; // 6 digits + 4 chars + _part
data/eclipse-titan-7.1.1/compiler2/makefile.c:3443:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "_part_%i.o", slice);
data/eclipse-titan-7.1.1/compiler2/makefile.c:3463:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
} else if((n_slices = atoi(makefile->code_splitting_mode + 2))) {
data/eclipse-titan-7.1.1/compiler2/makefile.c:3465:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[16]; // 6 digits + 4 chars + _part
data/eclipse-titan-7.1.1/compiler2/makefile.c:3466:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "_part_%i.o", slice);
data/eclipse-titan-7.1.1/compiler2/makefile.c:3486:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
} else if((n_slices = atoi(makefile->code_splitting_mode + 2))) {
data/eclipse-titan-7.1.1/compiler2/makefile.c:3488:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[16]; // 6 digits + 4 chars + _part
data/eclipse-titan-7.1.1/compiler2/makefile.c:3489:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "_part_%i.o", slice);
data/eclipse-titan-7.1.1/compiler2/makefile.c:3508:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
} else if((n_slices = atoi(makefile->code_splitting_mode + 2))) {
data/eclipse-titan-7.1.1/compiler2/makefile.c:3510:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[16]; // 6 digits + 4 chars + _part
data/eclipse-titan-7.1.1/compiler2/makefile.c:3511:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "_part_%i.o", slice);
data/eclipse-titan-7.1.1/compiler2/makefile.c:4773:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(file_list_file_name, "r");
data/eclipse-titan-7.1.1/compiler2/makefile.c:4775:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[1024];
data/eclipse-titan-7.1.1/compiler2/makefile.c:5170:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int n_slices = atoi(optarg);
data/eclipse-titan-7.1.1/compiler2/makefile.c:5401:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
prj_graph_fp = fopen(prj_graph_filename, "w");
data/eclipse-titan-7.1.1/compiler2/string.cc:66:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->chars_ptr + val_ptr->n_chars,
data/eclipse-titan-7.1.1/compiler2/string.cc:68:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
else memcpy(val_ptr->chars_ptr + val_ptr->n_chars, s, n);
data/eclipse-titan-7.1.1/compiler2/string.cc:75:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->chars_ptr, old_ptr->chars_ptr, old_ptr->n_chars);
data/eclipse-titan-7.1.1/compiler2/string.cc:76:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->chars_ptr + old_ptr->n_chars, s, n);
data/eclipse-titan-7.1.1/compiler2/string.cc:114:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->chars_ptr + pos, s, s_len);
data/eclipse-titan-7.1.1/compiler2/string.cc:124:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->chars_ptr, old_ptr->chars_ptr, pos);
data/eclipse-titan-7.1.1/compiler2/string.cc:125:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->chars_ptr + pos, s, s_len);
data/eclipse-titan-7.1.1/compiler2/string.cc:126:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->chars_ptr + pos + s_len, old_ptr->chars_ptr + pos + n,
data/eclipse-titan-7.1.1/compiler2/string.cc:156:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->chars_ptr, s, n_chars);
data/eclipse-titan-7.1.1/compiler2/string.cc:164:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->chars_ptr, s, n);
data/eclipse-titan-7.1.1/compiler2/string.cc:226:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->chars_ptr, tmp_ptr->chars_ptr, old_length);
data/eclipse-titan-7.1.1/compiler2/string.cc:229:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->chars_ptr, tmp_ptr->chars_ptr, n);
data/eclipse-titan-7.1.1/compiler2/string.cc:426:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->chars_ptr, s, n_chars);
data/eclipse-titan-7.1.1/compiler2/string.cc:439:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->chars_ptr, old_ptr->chars_ptr, old_ptr->n_chars);
data/eclipse-titan-7.1.1/compiler2/string.cc:459:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->chars_ptr, val_ptr->chars_ptr, val_ptr->n_chars);
data/eclipse-titan-7.1.1/compiler2/string.cc:460:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->chars_ptr + val_ptr->n_chars,
data/eclipse-titan-7.1.1/compiler2/string.cc:476:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->chars_ptr, val_ptr->chars_ptr, val_ptr->n_chars);
data/eclipse-titan-7.1.1/compiler2/string.cc:477:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->chars_ptr + val_ptr->n_chars, s, s_len);
data/eclipse-titan-7.1.1/compiler2/string.cc:530:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s.val_ptr->chars_ptr, s1, s1_len);
data/eclipse-titan-7.1.1/compiler2/string.cc:531:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s.val_ptr->chars_ptr + s1_len, s2.val_ptr->chars_ptr,
data/eclipse-titan-7.1.1/compiler2/tcov2lcov.cc:185:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int major = atoi(get_next_attr(reader));
data/eclipse-titan-7.1.1/compiler2/tcov2lcov.cc:186:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int minor = atoi(get_next_attr(reader));
data/eclipse-titan-7.1.1/compiler2/tcov2lcov.cc:204:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int function_count = atoi(get_next_attr(reader));
data/eclipse-titan-7.1.1/compiler2/tcov2lcov.cc:207:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int line_no = atoi(get_next_attr(reader));
data/eclipse-titan-7.1.1/compiler2/tcov2lcov.cc:208:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int line_count = atoi(get_next_attr(reader));
data/eclipse-titan-7.1.1/compiler2/tcov2lcov.cc:328:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cwd[PATH_MAX];
data/eclipse-titan-7.1.1/compiler2/ttcn3/Ttcnstuff.cc:2673:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char patch[4] = {0,0,0,0};
data/eclipse-titan-7.1.1/compiler2/ttcn3/Ttcnstuff.cc:2681:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extra_junk[64];
data/eclipse-titan-7.1.1/compiler2/ttcn3/compiler.c:77:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *target = fopen(file_name, "r");
data/eclipse-titan-7.1.1/compiler2/ttcn3/compiler.c:93:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[BUFSIZE], buf2[BUFSIZE];
data/eclipse-titan-7.1.1/compiler2/ttcn3/compiler.c:110:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
target = fopen(file_name, "w");
data/eclipse-titan-7.1.1/compiler2/ttcn3/compiler.c:118:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFSIZE];
data/eclipse-titan-7.1.1/compiler2/ttcn3/compiler.c:149:7: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
fp = tmpfile();
data/eclipse-titan-7.1.1/compiler2/ttcn3/compiler.c:156:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(file_name, "w");
data/eclipse-titan-7.1.1/compiler2/ttcn3/port.c:3549:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(header_name, "w");
data/eclipse-titan-7.1.1/compiler2/ttcn3/port.c:3731:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(source_name, "w");
data/eclipse-titan-7.1.1/compiler2/ustring.cc:63:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->uchars_ptr, old_ptr->uchars_ptr, old_ptr->n_uchars *
data/eclipse-titan-7.1.1/compiler2/ustring.cc:74:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->uchars_ptr, old_ptr->uchars_ptr,
data/eclipse-titan-7.1.1/compiler2/ustring.cc:152:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->uchars_ptr, uc_ptr, n * sizeof(universal_char));
data/eclipse-titan-7.1.1/compiler2/ustring.cc:249:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->uchars_ptr, old_ptr->uchars_ptr,
data/eclipse-titan-7.1.1/compiler2/ustring.cc:251:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->uchars_ptr + pos, s.u_str(),
data/eclipse-titan-7.1.1/compiler2/ustring.cc:253:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->uchars_ptr + pos + s_len, old_ptr->uchars_ptr + pos + n,
data/eclipse-titan-7.1.1/compiler2/ustring.cc:360:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->uchars_ptr, val_ptr->uchars_ptr + start, (end - start) *
data/eclipse-titan-7.1.1/compiler2/ustring.cc:397:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s.val_ptr->uchars_ptr, val_ptr->uchars_ptr, val_ptr->n_uchars *
data/eclipse-titan-7.1.1/compiler2/ustring.cc:418:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s.val_ptr->uchars_ptr, val_ptr->uchars_ptr, val_ptr->n_uchars *
data/eclipse-titan-7.1.1/compiler2/ustring.cc:420:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s.val_ptr->uchars_ptr + val_ptr->n_uchars,
data/eclipse-titan-7.1.1/compiler2/ustring.cc:449:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->uchars_ptr + old_size, s.val_ptr->uchars_ptr,
data/eclipse-titan-7.1.1/compiler2/xpather.cc:636:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1024];
data/eclipse-titan-7.1.1/compiler2/xpather.cc:1963:26: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(abs_file_name, "r");
data/eclipse-titan-7.1.1/compiler2/xpather.cc:2714:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[1024];
data/eclipse-titan-7.1.1/compiler2/xpather.cc:2955:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tpdName_loc, ".tpd");
data/eclipse-titan-7.1.1/compiler2/xpather.cc:3206:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(abs_n, O_RDONLY);
data/eclipse-titan-7.1.1/core/ASN_Any.cc:112:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_tlv->Tstr, tmp_tlv->Tstr, new_tlv->Tlen);
data/eclipse-titan-7.1.1/core/ASN_Any.cc:113:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_tlv->Lstr, tmp_tlv->Lstr, new_tlv->Llen);
data/eclipse-titan-7.1.1/core/ASN_Any.cc:114:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_tlv->V.str.Vstr, tmp_tlv->V.str.Vstr, new_tlv->V.str.Vlen);
data/eclipse-titan-7.1.1/core/ASN_Any.cc:138:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->octets_ptr+pos, stripped_tlv.Tstr, stripped_tlv.Tlen);
data/eclipse-titan-7.1.1/core/ASN_Any.cc:140:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->octets_ptr+pos, stripped_tlv.Lstr, stripped_tlv.Llen);
data/eclipse-titan-7.1.1/core/ASN_Any.cc:142:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->octets_ptr+pos,
data/eclipse-titan-7.1.1/core/Addfunc.cc:540:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str_buf[64];
data/eclipse-titan-7.1.1/core/Addfunc.cc:580:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512] = "";
data/eclipse-titan-7.1.1/core/Addfunc.cc:1013:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char result[2];
data/eclipse-titan-7.1.1/core/Addfunc.cc:1485:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[ERRMSG_BUFSIZE];
data/eclipse-titan-7.1.1/core/Addfunc.cc:1527:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[ERRMSG_BUFSIZE];
data/eclipse-titan-7.1.1/core/Addfunc.cc:1599:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[ERRMSG_BUFSIZE];
data/eclipse-titan-7.1.1/core/Addfunc.cc:1658:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[ERRMSG_BUFSIZE];
data/eclipse-titan-7.1.1/core/Addfunc.cc:2409:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->octets_ptr, value.val_ptr->octets_ptr, idx);
data/eclipse-titan-7.1.1/core/Addfunc.cc:2410:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->octets_ptr + idx, repl.val_ptr->octets_ptr,
data/eclipse-titan-7.1.1/core/Addfunc.cc:2412:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->octets_ptr + idx + repl_len,
data/eclipse-titan-7.1.1/core/Addfunc.cc:2458:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->chars_ptr, value.val_ptr->chars_ptr, idx);
data/eclipse-titan-7.1.1/core/Addfunc.cc:2459:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->chars_ptr + idx, repl.val_ptr->chars_ptr,
data/eclipse-titan-7.1.1/core/Addfunc.cc:2461:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->chars_ptr + idx + repl_len,
data/eclipse-titan-7.1.1/core/Addfunc.cc:2512:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->uchars_ptr, value.val_ptr->uchars_ptr,
data/eclipse-titan-7.1.1/core/Addfunc.cc:2514:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->uchars_ptr + idx, repl.val_ptr->uchars_ptr,
data/eclipse-titan-7.1.1/core/Addfunc.cc:2516:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->uchars_ptr + idx + repl_len,
data/eclipse-titan-7.1.1/core/Addfunc.cc:2902:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str_buf[64];
data/eclipse-titan-7.1.1/core/Basetype.cc:415:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(target, &p_octets_ptr[octetnum_start], octet_count);
data/eclipse-titan-7.1.1/core/Basetype.cc:574:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_tlv->V.str.Vstr + pad, bn_as_bin, num_bytes);
data/eclipse-titan-7.1.1/core/Basetype.cc:723:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&p_octets_ptr[octetnum_start], source, s_len);
data/eclipse-titan-7.1.1/core/Basetype.cc:786:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Vstr, p_tlv.V.str.Vstr, Vlen);
data/eclipse-titan-7.1.1/core/Bitstring.cc:86:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->bits_ptr, old_ptr->bits_ptr, (old_ptr->n_bits + 7) / 8);
data/eclipse-titan-7.1.1/core/Bitstring.cc:110:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->bits_ptr, bits_ptr, (n_bits + 7) / 8);
data/eclipse-titan-7.1.1/core/Bitstring.cc:219:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest_ptr, left_ptr, left_n_bytes);
data/eclipse-titan-7.1.1/core/Bitstring.cc:241:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest_ptr + left_n_bytes, right_ptr, right_n_bytes);
data/eclipse-titan-7.1.1/core/Bitstring.cc:255:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->bits_ptr, val_ptr->bits_ptr, (n_bits + 7) / 8);
data/eclipse-titan-7.1.1/core/Bitstring.cc:388:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->bits_ptr, val_ptr->bits_ptr + shift_bytes,
data/eclipse-titan-7.1.1/core/Bitstring.cc:428:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->bits_ptr + shift_bytes, val_ptr->bits_ptr,
data/eclipse-titan-7.1.1/core/Bitstring.cc:507:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->bits_ptr, old_ptr->bits_ptr, (n_bits + 7) / 8);
data/eclipse-titan-7.1.1/core/Bitstring.cc:576:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->bits_ptr, mp->get_string_data(), (val_ptr->n_bits + 7) / 8);
data/eclipse-titan-7.1.1/core/Bitstring.cc:620:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_cpy, val_ptr->bits_ptr, n_bytes);
data/eclipse-titan-7.1.1/core/Bitstring.cc:924:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->bits_ptr, old_ptr->bits_ptr, (old_ptr->n_bits + 7) / 8);
data/eclipse-titan-7.1.1/core/Bitstring.cc:1698:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pattern_value->elements_ptr, pattern_elements, n_elements);
data/eclipse-titan-7.1.1/core/Bitstring.cc:2303:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_cpy, pattern_value->elements_ptr, pattern_value->n_elements);
data/eclipse-titan-7.1.1/core/Charstring.cc:99:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->chars_ptr, old_ptr->chars_ptr, old_ptr->n_chars + 1);
data/eclipse-titan-7.1.1/core/Charstring.cc:133:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->chars_ptr, chars_ptr, n_chars);
data/eclipse-titan-7.1.1/core/Charstring.cc:139:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->chars_ptr, chars_ptr, n_chars);
data/eclipse-titan-7.1.1/core/Charstring.cc:182:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->chars_ptr, other_value, n_chars);
data/eclipse-titan-7.1.1/core/Charstring.cc:296:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->chars_ptr, val_ptr->chars_ptr, val_ptr->n_chars);
data/eclipse-titan-7.1.1/core/Charstring.cc:297:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->chars_ptr + val_ptr->n_chars, other_value, other_len);
data/eclipse-titan-7.1.1/core/Charstring.cc:310:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->chars_ptr, val_ptr->chars_ptr, first_n_chars);
data/eclipse-titan-7.1.1/core/Charstring.cc:311:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->chars_ptr + first_n_chars,
data/eclipse-titan-7.1.1/core/Charstring.cc:322:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->chars_ptr, val_ptr->chars_ptr, val_ptr->n_chars);
data/eclipse-titan-7.1.1/core/Charstring.cc:337:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.cstr.val_ptr->chars_ptr, val_ptr->chars_ptr, val_ptr->n_chars);
data/eclipse-titan-7.1.1/core/Charstring.cc:338:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.cstr.val_ptr->chars_ptr + val_ptr->n_chars, other_value.cstr.val_ptr->chars_ptr, other_value.cstr.val_ptr->n_chars);
data/eclipse-titan-7.1.1/core/Charstring.cc:349:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->uchars_ptr + val_ptr->n_chars,
data/eclipse-titan-7.1.1/core/Charstring.cc:365:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.cstr.val_ptr->chars_ptr, val_ptr->chars_ptr, val_ptr->n_chars);
data/eclipse-titan-7.1.1/core/Charstring.cc:388:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->chars_ptr, old_ptr->chars_ptr, old_ptr->n_chars);
data/eclipse-titan-7.1.1/core/Charstring.cc:410:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->chars_ptr, old_ptr->chars_ptr, old_ptr->n_chars);
data/eclipse-titan-7.1.1/core/Charstring.cc:411:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->chars_ptr + old_ptr->n_chars, other_value,
data/eclipse-titan-7.1.1/core/Charstring.cc:419:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->chars_ptr + val_ptr->n_chars,
data/eclipse-titan-7.1.1/core/Charstring.cc:424:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->chars_ptr + val_ptr->n_chars, other_value,
data/eclipse-titan-7.1.1/core/Charstring.cc:450:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->chars_ptr, old_ptr->chars_ptr, old_ptr->n_chars);
data/eclipse-titan-7.1.1/core/Charstring.cc:451:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->chars_ptr + old_ptr->n_chars,
data/eclipse-titan-7.1.1/core/Charstring.cc:456:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->chars_ptr + val_ptr->n_chars,
data/eclipse-titan-7.1.1/core/Charstring.cc:474:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->chars_ptr, old_ptr->chars_ptr, old_ptr->n_chars);
data/eclipse-titan-7.1.1/core/Charstring.cc:494:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->chars_ptr, val_ptr->chars_ptr + rotate_count,
data/eclipse-titan-7.1.1/core/Charstring.cc:496:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->chars_ptr + val_ptr->n_chars - rotate_count,
data/eclipse-titan-7.1.1/core/Charstring.cc:517:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->chars_ptr, val_ptr->chars_ptr + val_ptr->n_chars -
data/eclipse-titan-7.1.1/core/Charstring.cc:519:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->chars_ptr + rotate_count, val_ptr->chars_ptr,
data/eclipse-titan-7.1.1/core/Charstring.cc:555:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->chars_ptr, old_ptr->chars_ptr, n_chars);
data/eclipse-titan-7.1.1/core/Charstring.cc:1034:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->chars_ptr, buff.get_read_data(), str_len);
data/eclipse-titan-7.1.1/core/Charstring.cc:1186:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *escapes[32] = {
data/eclipse-titan-7.1.1/core/Charstring.cc:1238:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char escapade[16];
data/eclipse-titan-7.1.1/core/Charstring.cc:1308:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char zero[2] = {0,0};
data/eclipse-titan-7.1.1/core/Charstring.cc:1333:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
signed char base64_decoder_table[256] =
data/eclipse-titan-7.1.1/core/Charstring.cc:1369:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char nbytes[4] = { 3,1,1,2 };
data/eclipse-titan-7.1.1/core/Charstring.cc:1370:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char out[4];
data/eclipse-titan-7.1.1/core/Charstring.cc:1374:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, out, nbytes[phase]);
data/eclipse-titan-7.1.1/core/Charstring.cc:1463:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->chars_ptr, value, num_chars);
data/eclipse-titan-7.1.1/core/Charstring.cc:1554:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(myleaf.body.leaf.data_ptr, val_ptr->chars_ptr , val_ptr->n_chars);
data/eclipse-titan-7.1.1/core/Charstring.cc:1788:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->chars_ptr, str, len);
data/eclipse-titan-7.1.1/core/Charstring.cc:1982:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->chars_ptr + 1, other_value, other_len);
data/eclipse-titan-7.1.1/core/Charstring.cc:1993:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->chars_ptr + 1, other_value.val_ptr->chars_ptr,
data/eclipse-titan-7.1.1/core/Charstring.cc:2004:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char result[2];
data/eclipse-titan-7.1.1/core/Charstring.cc:2020:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.cstr.val_ptr->chars_ptr + 1, other_value.cstr.val_ptr->chars_ptr, other_value.cstr.val_ptr->n_chars);
data/eclipse-titan-7.1.1/core/Charstring.cc:2028:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->uchars_ptr + 1, other_value.val_ptr->uchars_ptr,
data/eclipse-titan-7.1.1/core/Charstring.cc:2094:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->chars_ptr, string_value, string_len);
data/eclipse-titan-7.1.1/core/Charstring.cc:2095:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->chars_ptr + string_len,
data/eclipse-titan-7.1.1/core/Charstring.cc:2110:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->chars_ptr, string_value, string_len);
data/eclipse-titan-7.1.1/core/Charstring.cc:2467:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[ERRMSG_BUFSIZE];
data/eclipse-titan-7.1.1/core/Charstring.cc:2482:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[ERRMSG_BUFSIZE];
data/eclipse-titan-7.1.1/core/Communication.cc:276:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/eclipse-titan-7.1.1/core/Debugger.cc:497:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
new_fp = fopen(final_file_name, TTCN_Runtime::is_mtc() ? "w" : "a");
data/eclipse-titan-7.1.1/core/Debugger.cc:646:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
new_fp = fopen(final_file_name, TTCN_Runtime::is_mtc() ? "w" : "a");
data/eclipse-titan-7.1.1/core/Debugger.cc:1823:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
output_file = fopen(final_file_name, "a");
data/eclipse-titan-7.1.1/core/Debugger.cc:1831:31: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
function_calls.file.ptr = fopen(final_file_name, "a");
data/eclipse-titan-7.1.1/core/Debugger.cc:2144:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[512];
data/eclipse-titan-7.1.1/core/DebuggerUI.cc:249:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1024];
data/eclipse-titan-7.1.1/core/DebuggerUI.cc:271:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* fp = fopen(p_file_name, "r");
data/eclipse-titan-7.1.1/core/DebuggerUI.cc:279:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1024];
data/eclipse-titan-7.1.1/core/Encdec.cc:352:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf_ptr->data_ptr, old_ptr->data_ptr, buf_len);
data/eclipse-titan-7.1.1/core/Encdec.cc:372:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf_ptr->data_ptr, old_ptr->data_ptr, buf_len);
data/eclipse-titan-7.1.1/core/Encdec.cc:529:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf_ptr->data_ptr + buf_len, s, len);
data/eclipse-titan-7.1.1/core/Encdec.cc:540:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf_ptr->data_ptr + buf_len, p_os.val_ptr->octets_ptr,
data/eclipse-titan-7.1.1/core/Encdec.cc:559:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf_ptr->data_ptr + buf_len, p_cs.val_ptr->chars_ptr,
data/eclipse-titan-7.1.1/core/Encdec.cc:577:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf_ptr->data_ptr + buf_len, p_buf.buf_ptr->data_ptr,
data/eclipse-titan-7.1.1/core/Encdec.cc:593:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p_os.val_ptr->octets_ptr, buf_ptr->data_ptr, buf_len);
data/eclipse-titan-7.1.1/core/Encdec.cc:612:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p_cs.val_ptr->chars_ptr, buf_ptr->data_ptr, buf_len);
data/eclipse-titan-7.1.1/core/Encdec.cc:634:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p_cs.val_ptr->uchars_ptr, buf_ptr->data_ptr, buf_len);
data/eclipse-titan-7.1.1/core/Encdec.cc:652:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf_ptr->data_ptr, old_ptr->data_ptr + buf_pos, new_len);
data/eclipse-titan-7.1.1/core/Encdec.cc:759:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(st,s,(len+7)/8*sizeof(unsigned char));
data/eclipse-titan-7.1.1/core/Encdec.cc:775:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(st+loc_align/8,s,(len+7)/8*sizeof(unsigned char));
data/eclipse-titan-7.1.1/core/Encdec.cc:848:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data_ptr+buf_len, s, len/8);
data/eclipse-titan-7.1.1/core/Encdec.cc:905:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data_ptr+buf_len, s, (len+7)/8*sizeof(unsigned char));
data/eclipse-titan-7.1.1/core/Encdec.cc:1088:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s, data_ptr+buf_pos, len/8*sizeof(unsigned char));
data/eclipse-titan-7.1.1/core/Encdec.cc:1146:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s, data_ptr+buf_pos, num_bytes*sizeof(unsigned char));
data/eclipse-titan-7.1.1/core/Error.cc:80:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mangled, begin, len);
data/eclipse-titan-7.1.1/core/Error.cc:120:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *si_codes[3] = {"", "SEGV_MAPERR", "SEGV_ACCERR"};
data/eclipse-titan-7.1.1/core/Float.cc:714:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bc,dv,8);
data/eclipse-titan-7.1.1/core/Float.cc:792:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[16];
data/eclipse-titan-7.1.1/core/Float.cc:807:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dv,data,8);
data/eclipse-titan-7.1.1/core/Float.cc:871:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[312];
data/eclipse-titan-7.1.1/core/Hexstring.cc:104:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->nibbles_ptr, old_ptr->nibbles_ptr, (old_ptr->n_nibbles + 1)
data/eclipse-titan-7.1.1/core/Hexstring.cc:128:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->nibbles_ptr, init_nibbles, (init_n_nibbles + 1) / 2);
data/eclipse-titan-7.1.1/core/Hexstring.cc:233:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest_ptr, left_ptr, left_n_bytes);
data/eclipse-titan-7.1.1/core/Hexstring.cc:247:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest_ptr + left_n_bytes, right_ptr, right_n_bytes);
data/eclipse-titan-7.1.1/core/Hexstring.cc:260:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->nibbles_ptr, val_ptr->nibbles_ptr, (n_nibbles + 1)
data/eclipse-titan-7.1.1/core/Hexstring.cc:393:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->nibbles_ptr, &val_ptr->nibbles_ptr[shift_count
data/eclipse-titan-7.1.1/core/Hexstring.cc:435:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ret_val.val_ptr->nibbles_ptr[shift_bytes], val_ptr->nibbles_ptr,
data/eclipse-titan-7.1.1/core/Hexstring.cc:521:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->nibbles_ptr, old_ptr->nibbles_ptr, (n_nibbles + 1) / 2);
data/eclipse-titan-7.1.1/core/Hexstring.cc:617:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->nibbles_ptr, mp->get_string_data(), (n_nibbles + 1) / 2);
data/eclipse-titan-7.1.1/core/Hexstring.cc:661:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_cpy, val_ptr->nibbles_ptr, n_bytes);
data/eclipse-titan-7.1.1/core/Hexstring.cc:850:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char base64_decoder_table[256];
data/eclipse-titan-7.1.1/core/Hexstring.cc:901:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char nbytes[4] = { 3,1,1,2 };
data/eclipse-titan-7.1.1/core/Hexstring.cc:902:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char out[4];
data/eclipse-titan-7.1.1/core/Hexstring.cc:907:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, out, nbytes[phase]);
data/eclipse-titan-7.1.1/core/Hexstring.cc:1511:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pattern_value->elements_ptr, pattern_elements, n_elements);
data/eclipse-titan-7.1.1/core/Hexstring.cc:2125:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_cpy, pattern_value->elements_ptr, pattern_value->n_elements);
data/eclipse-titan-7.1.1/core/Integer.cc:1013:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(atm, b, str_len);
data/eclipse-titan-7.1.1/core/Integer.cc:1912:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp, ucstr, num_bytes);
data/eclipse-titan-7.1.1/core/JSON.cc:893:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hex[12];
data/eclipse-titan-7.1.1/core/JSON.cc:947:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hex[12];
data/eclipse-titan-7.1.1/core/LegacyLogger.cc:226:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
er_ = fopen(filename_emergency, "w");
data/eclipse-titan-7.1.1/core/LegacyLogger.cc:1884:41: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ret_val = mputstr(ret_val, (const char *)slist[i]);
data/eclipse-titan-7.1.1/core/LegacyLogger.cc:1982:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
this->log_fp_ = fopen(this->current_filename_,
data/eclipse-titan-7.1.1/core/Logger.cc:608:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(executable_name, argv_0 + name_begin, name_len);
data/eclipse-titan-7.1.1/core/LoggerPluginManager.cc:1597:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(curr.event_str_ + curr.event_str_len_, str, str_len);
data/eclipse-titan-7.1.1/core/LoggerPluginManager.cc:1603:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(curr.event_str_, str, str_len);
data/eclipse-titan-7.1.1/core/LoggerPluginManager.cc:1616:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(result, current_event_->event_str_, str_len - 1);
data/eclipse-titan-7.1.1/core/LoggerPluginManager.cc:1783:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char c_str[2] = { c, 0 };
data/eclipse-titan-7.1.1/core/Module_list.cc:855:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TTCN_Module::TTCN_Module(const char *par_module_name,
data/eclipse-titan-7.1.1/core/Module_list.cc:856:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *par_compilation_date,
data/eclipse-titan-7.1.1/core/Module_list.cc:857:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *par_compilation_time,
data/eclipse-titan-7.1.1/core/Module_list.cc:858:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char par_md5_checksum[16],
data/eclipse-titan-7.1.1/core/Objid.cc:66:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->components_ptr, old_ptr->components_ptr,
data/eclipse-titan-7.1.1/core/Objid.cc:103:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->components_ptr, init_components, init_n_components *
data/eclipse-titan-7.1.1/core/Objid.cc:170:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->components_ptr, old_ptr->components_ptr,
data/eclipse-titan-7.1.1/core/Objid.cc:245:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->components_ptr, mp->get_string_data(), val_ptr->n_components * sizeof(objid_element));
data/eclipse-titan-7.1.1/core/Objid.cc:255:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_cpy, val_ptr->components_ptr, val_ptr->n_components * sizeof(int));
data/eclipse-titan-7.1.1/core/Objid.cc:531:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char str_buf[64];
data/eclipse-titan-7.1.1/core/Octetstring.cc:80:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->octets_ptr, old_ptr->octets_ptr, old_ptr->n_octets);
data/eclipse-titan-7.1.1/core/Octetstring.cc:100:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->octets_ptr, octets_ptr, n_octets);
data/eclipse-titan-7.1.1/core/Octetstring.cc:172:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->octets_ptr, val_ptr->octets_ptr, left_n_octets);
data/eclipse-titan-7.1.1/core/Octetstring.cc:173:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->octets_ptr + left_n_octets,
data/eclipse-titan-7.1.1/core/Octetstring.cc:184:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->octets_ptr, val_ptr->octets_ptr, val_ptr->n_octets);
data/eclipse-titan-7.1.1/core/Octetstring.cc:204:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->octets_ptr, old_ptr->octets_ptr, old_ptr->n_octets);
data/eclipse-titan-7.1.1/core/Octetstring.cc:205:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->octets_ptr + old_ptr->n_octets,
data/eclipse-titan-7.1.1/core/Octetstring.cc:210:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->octets_ptr + val_ptr->n_octets,
data/eclipse-titan-7.1.1/core/Octetstring.cc:228:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->octets_ptr, old_ptr->octets_ptr, old_ptr->n_octets);
data/eclipse-titan-7.1.1/core/Octetstring.cc:336:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->octets_ptr, val_ptr->octets_ptr + shift_count,
data/eclipse-titan-7.1.1/core/Octetstring.cc:360:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->octets_ptr + shift_count, val_ptr->octets_ptr,
data/eclipse-titan-7.1.1/core/Octetstring.cc:382:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->octets_ptr, val_ptr->octets_ptr +
data/eclipse-titan-7.1.1/core/Octetstring.cc:384:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->octets_ptr + val_ptr->n_octets - rotate_count,
data/eclipse-titan-7.1.1/core/Octetstring.cc:405:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->octets_ptr, val_ptr->octets_ptr +
data/eclipse-titan-7.1.1/core/Octetstring.cc:407:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->octets_ptr + rotate_count,
data/eclipse-titan-7.1.1/core/Octetstring.cc:442:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->octets_ptr, old_ptr->octets_ptr, n_octets);
data/eclipse-titan-7.1.1/core/Octetstring.cc:534:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->octets_ptr, mp->get_string_data(), val_ptr->n_octets);
data/eclipse-titan-7.1.1/core/Octetstring.cc:576:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_cpy, val_ptr->octets_ptr, val_ptr->n_octets);
data/eclipse-titan-7.1.1/core/Octetstring.cc:780:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p_Vstr, val_ptr->octets_ptr, val_ptr->n_octets);
data/eclipse-titan-7.1.1/core/Octetstring.cc:946:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char base64_decoder_table[256];
data/eclipse-titan-7.1.1/core/Octetstring.cc:1503:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->octets_ptr + 1,
data/eclipse-titan-7.1.1/core/Octetstring.cc:1514:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char result[2];
data/eclipse-titan-7.1.1/core/Octetstring.cc:1810:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pattern_value->elements_ptr, pattern_elements,
data/eclipse-titan-7.1.1/core/Octetstring.cc:2423:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_cpy, pattern_value->elements_ptr, pattern_value->n_elements *
data/eclipse-titan-7.1.1/core/Parallel_main.cc:60:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ts[60];
data/eclipse-titan-7.1.1/core/Parallel_main.cc:139:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int port_num = atoi(argv[optind]);
data/eclipse-titan-7.1.1/core/Port.cc:1579:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hash_buffer[N];
data/eclipse-titan-7.1.1/core/ProfMerge_main.cc:63:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* file = fopen(p_filename, "r");
data/eclipse-titan-7.1.1/core/ProfilerTools.cc:31:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
long int sec = atoi(str);
data/eclipse-titan-7.1.1/core/ProfilerTools.cc:43:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tv.tv_usec = atoi(str + 1);
data/eclipse-titan-7.1.1/core/ProfilerTools.cc:142:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* file = fopen(p_filename, "r");
data/eclipse-titan-7.1.1/core/ProfilerTools.cc:233:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int start_line = atoi(value);
data/eclipse-titan-7.1.1/core/ProfilerTools.cc:260:66: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
p_db[file_index].functions[function_index].exec_count += atoi(value);
data/eclipse-titan-7.1.1/core/ProfilerTools.cc:305:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int lineno = atoi(value);
data/eclipse-titan-7.1.1/core/ProfilerTools.cc:321:58: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
p_db[file_index].lines[line_index].exec_count += atoi(value);
data/eclipse-titan-7.1.1/core/ProfilerTools.cc:362:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* file = fopen(p_filename, "w");
data/eclipse-titan-7.1.1/core/ProfilerTools.cc:1334:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* file = fopen(p_filename, "w");
data/eclipse-titan-7.1.1/core/RAW.cc:64:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lists + j, p_variant->lists, static_cast<size_t>(p_variant->size) *
data/eclipse-titan-7.1.1/core/RAW.cc:100:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char BitReverseTable[256] =
data/eclipse-titan-7.1.1/core/RAW.cc:136:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const unsigned char BitMaskTable[9]={
data/eclipse-titan-7.1.1/core/RAW.cc:166:23: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (par_pos->level) memcpy((void*) curr_pos.pos, (void*) par_pos->pos,
data/eclipse-titan-7.1.1/core/RAW.cc:482:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_position,old_pos.pos,old_pos.level*sizeof(int));
data/eclipse-titan-7.1.1/core/RAW.cc:483:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_position+old_pos.level,new_pos,new_levels*sizeof(int));
data/eclipse-titan-7.1.1/core/Runtime.cc:334:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp_str[MAXHOSTNAMELEN + 1];
data/eclipse-titan-7.1.1/core/TCov.cc:73:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen((const char *)file_name, "w");
data/eclipse-titan-7.1.1/core/TEXT.cc:60:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[ERRMSG_BUFSIZE2];
data/eclipse-titan-7.1.1/core/TEXT.cc:68:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[ERRMSG_BUFSIZE2];
data/eclipse-titan-7.1.1/core/TEXT.cc:115:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[ERRMSG_BUFSIZE2];
data/eclipse-titan-7.1.1/core/TEXT.cc:132:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[ERRMSG_BUFSIZE2];
data/eclipse-titan-7.1.1/core/TEXT.cc:150:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[ERRMSG_BUFSIZE2];
data/eclipse-titan-7.1.1/core/TEXT.cc:178:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[ERRMSG_BUFSIZE2];
data/eclipse-titan-7.1.1/core/TEXT.cc:195:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[ERRMSG_BUFSIZE2];
data/eclipse-titan-7.1.1/core/Template.cc:565:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(permutation_intervals,other_value.permutation_intervals,number_of_permutations*sizeof(Pair_of_elements));
data/eclipse-titan-7.1.1/core/Textbuf.cc:175:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
while (pos < buf_end && ((unsigned char *)data_ptr)[pos] & 0x80) pos++;
data/eclipse-titan-7.1.1/core/Textbuf.cc:221:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char c[8];
data/eclipse-titan-7.1.1/core/Textbuf.cc:261:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char c[8];
data/eclipse-titan-7.1.1/core/Textbuf.cc:296:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)data_ptr + buf_begin + buf_len, data, len);
data/eclipse-titan-7.1.1/core/Textbuf.cc:308:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)data_ptr + buf_begin, data, len);
data/eclipse-titan-7.1.1/core/Textbuf.cc:324:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, (char*)data_ptr + buf_pos, len);
data/eclipse-titan-7.1.1/core/Types.h:46:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char * const verdict_name[5];
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:124:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->uchars_ptr, old_ptr->uchars_ptr, old_ptr->n_uchars *
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:176:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->uchars_ptr, uchars_ptr, n_uchars * sizeof(universal_char));
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:437:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.cstr.val_ptr->chars_ptr, cstr.val_ptr->chars_ptr,
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:454:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->uchars_ptr, val_ptr->uchars_ptr,
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:471:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.cstr.val_ptr->chars_ptr, cstr.val_ptr->chars_ptr,
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:473:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.cstr.val_ptr->chars_ptr + cstr.val_ptr->n_chars,
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:478:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->uchars_ptr, val_ptr->uchars_ptr,
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:500:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.cstr.val_ptr->chars_ptr, cstr.val_ptr->chars_ptr,
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:502:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.cstr.val_ptr->chars_ptr + cstr.val_ptr->n_chars,
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:508:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->uchars_ptr, val_ptr->uchars_ptr,
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:529:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.cstr.val_ptr->chars_ptr, cstr.val_ptr->chars_ptr,
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:536:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->uchars_ptr, val_ptr->uchars_ptr,
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:561:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.cstr.val_ptr->chars_ptr, cstr.val_ptr->chars_ptr,
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:563:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.cstr.val_ptr->chars_ptr + cstr.val_ptr->n_chars,
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:577:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->uchars_ptr + cstr.val_ptr->n_chars,
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:584:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->uchars_ptr, val_ptr->uchars_ptr, val_ptr->n_uchars * sizeof(universal_char));
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:597:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->uchars_ptr, val_ptr->uchars_ptr,
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:599:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->uchars_ptr + val_ptr->n_uchars,
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:618:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.cstr.val_ptr->chars_ptr, cstr.val_ptr->chars_ptr,
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:635:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->uchars_ptr, val_ptr->uchars_ptr,
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:661:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->uchars_ptr, val_ptr->uchars_ptr + rotate_count,
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:663:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->uchars_ptr + val_ptr->n_uchars - rotate_count,
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:691:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->uchars_ptr, val_ptr->uchars_ptr +
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:693:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->uchars_ptr + rotate_count, val_ptr->uchars_ptr,
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:737:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->uchars_ptr, old_ptr->uchars_ptr,
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:1059:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_cpy, val_ptr->uchars_ptr, val_ptr->n_uchars * sizeof(universal_char));
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:1071:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[4];
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:1089:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[4];
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:2416:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(myleaf.body.leaf.data_ptr, buff.get_data(), buff_len);
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:2566:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(val_ptr->uchars_ptr, ustr, ustr_len * sizeof(universal_char));
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:2816:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char octets[2];
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:2834:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char octets[3];
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:2853:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char octets[4];
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:2872:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char octets[5];
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:2893:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char octets[6];
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:3477:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.cstr.val_ptr->chars_ptr + 1, other_value, other_len);
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:3502:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.cstr.val_ptr->chars_ptr + 1, other_value.val_ptr->chars_ptr,
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:3553:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.cstr.val_ptr->chars_ptr + 1,
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:3561:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->uchars_ptr + 1, other_value.val_ptr->uchars_ptr,
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:3580:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->uchars_ptr + 1, other_value.val_ptr->uchars_ptr,
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:3692:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.cstr.val_ptr->chars_ptr + 1,
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:3710:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->uchars_ptr + 1, other_value.val_ptr->uchars_ptr,
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:3723:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char result[2];
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:3795:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.cstr.val_ptr->chars_ptr, string_value, string_len);
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:3796:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.cstr.val_ptr->chars_ptr + string_len,
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:3807:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.val_ptr->uchars_ptr + string_len,
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:3823:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val.cstr.val_ptr->chars_ptr, string_value, string_len);
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:4378:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[ERRMSG_BUFSIZE];
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:4399:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[ERRMSG_BUFSIZE];
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:4902:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[8];
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:4944:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[8];
data/eclipse-titan-7.1.1/core/Verdicttype.cc:36:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const verdict_name[5] = { "none", "pass", "inconc", "fail", "error" };
data/eclipse-titan-7.1.1/core2/Basetype2.cc:2036:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char saved [4];
data/eclipse-titan-7.1.1/core2/Basetype2.cc:2038:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(saved, buf_data + (buf_len - shorter), shorter);
data/eclipse-titan-7.1.1/core2/Basetype2.cc:2284:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(saved, buf_data + (buf_len - shorter), shorter);
data/eclipse-titan-7.1.1/function_test/Config_Parser/extfunc.cc:26:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename,"r");
data/eclipse-titan-7.1.1/function_test/Config_Parser/extfunc.cc:48:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(phase > 0 ? "end_script.out" /* EndTestCase */ : "begin_script.out" /* BeginTestCase */, "rt");
data/eclipse-titan-7.1.1/function_test/Config_Parser/extfunc.cc:50:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[512];
data/eclipse-titan-7.1.1/licensegen/license_gen.c:105:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char message_digest[20];
data/eclipse-titan-7.1.1/licensegen/license_gen.c:110:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(dsa_key_file, "r");
data/eclipse-titan-7.1.1/licensegen/license_gen.c:143:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(file_name, "w");
data/eclipse-titan-7.1.1/licensegen/license_gen.c:233:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
plic->unique_id = atoi(row[i]);
data/eclipse-titan-7.1.1/licensegen/license_gen.c:285:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
plic->from_major = atoi(row[i]);
data/eclipse-titan-7.1.1/licensegen/license_gen.c:287:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
plic->from_minor = atoi(row[i]);
data/eclipse-titan-7.1.1/licensegen/license_gen.c:289:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
plic->from_patchlevel = atoi(row[i]);
data/eclipse-titan-7.1.1/licensegen/license_gen.c:291:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
plic->to_major = atoi(row[i]);
data/eclipse-titan-7.1.1/licensegen/license_gen.c:293:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
plic->to_minor = atoi(row[i]);
data/eclipse-titan-7.1.1/licensegen/license_gen.c:295:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
plic->to_patchlevel = atoi(row[i]);
data/eclipse-titan-7.1.1/licensegen/license_gen.c:327:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
plic->max_ptcs = atoi(row[i]);
data/eclipse-titan-7.1.1/licensegen/license_gen.c:549:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int unique_id = atoi(str);
data/eclipse-titan-7.1.1/licensegen/renew_license.c:60:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char licensee_email[CGI_INPUT_LICENSEE_EMAIL_MAX_LENGTH];
data/eclipse-titan-7.1.1/licensegen/renew_license.c:84:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char query[1024];
data/eclipse-titan-7.1.1/licensegen/renew_license.c:132:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command_line[COMMAND_LINE_BUFFER_LENGTH];
data/eclipse-titan-7.1.1/loggerplugins/JUnitLogger/JUnitLogger.cc:114:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file_stream_ = fopen(filename_, "w");
data/eclipse-titan-7.1.1/loggerplugins/JUnitLogger2/JUnitLogger2.cc:108:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file_stream_ = fopen(filename_, "w");
data/eclipse-titan-7.1.1/loggerplugins/TSTLogger/TSTLogger.cc:187:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[1024];
data/eclipse-titan-7.1.1/loggerplugins/TSTLogger/TSTLogger.cc:204:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return open;
data/eclipse-titan-7.1.1/loggerplugins/TSTLogger/TSTLogger.cc:313:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[257];
data/eclipse-titan-7.1.1/mctr2/cli/Cli.cc:854:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* fp = fopen(filename, "r");
data/eclipse-titan-7.1.1/mctr2/cli/Cli.cc:862:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1024];
data/eclipse-titan-7.1.1/mctr2/cli/Cli.cc:1004:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(components, host->components, n_components *
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/chared.c:69:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)memcpy(vu->buf, el->el_line.buffer, size * sizeof(*vu->buf));
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/chared.c:87:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)memcpy(k->buf, ptr, size * sizeof(*k->buf));
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/chared.c:711:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)memcpy(cp, prompt, len * sizeof(*cp));
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/el.c:412:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[20];
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/el.c:502:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAXPATHLEN];
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/el.c:522:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(fname, "r");
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/eln.c:142:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *argv[20];
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/eln.c:190:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *args[2];
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/eln.c:300:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argv[20];
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/filecomplete.c:95:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pwbuf[1024];
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/filecomplete.c:345:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *s1 = ((const char * const *)i1)[0];
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/filecomplete.c:346:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *s2 = ((const char * const *)i2)[0];
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/history.c:741:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(fname, "r")) == NULL)
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/history.c:801:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(fname, "w")) == NULL)
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/key.c:582:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unparsbuf[EL_BUFSIZ];
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/map.c:919:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(el->el_map.help, help__get(),
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/map.c:925:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(el->el_map.func, func__get(), sizeof(el_func_t) * EL_NUM_FCNS);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/map.c:1125:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outbuf[EL_BUFSIZ];
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/map.c:1150:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unparsbuf[EL_BUFSIZ], extrabuf[EL_BUFSIZ];
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/read.c:201:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[EL_BUFSIZ];
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/read.c:317:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cbuf[MB_LEN_MAX];
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/readline.c:229:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char path[PATH_MAX];
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/readline.c:641:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[4];
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/readline.c:1159:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char template[sizeof(_history_tmp_template)];
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/readline.c:1160:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4096];
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/readline.c:1169:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen(filename, "r+")) == NULL)
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/readline.c:1172:12: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
if ((fd = mkstemp(template)) == -1) {
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/readline.c:1733:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[2];
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/readline.c:1755:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arr[2];
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/readline.c:1813:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fooarr[2 * sizeof(int)];
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/readline.c:1842:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char arr[2];
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/readline.c:1902:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dest[8];
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/readline.c:1959:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char a[2];
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/readline.c:1968:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char a[2];
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/readline.c:2022:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2];
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/readline.c:2093:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64];
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/readline.c:2145:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void)memcpy(list[0], list[1], min);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/sys.h:155:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
extern ptr_t memcpy(ptr_t, const ptr_t, size_t);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/term.c:391:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char termbuf[TC_BUFSIZE];
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/term.c:435:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(el->el_term.t_buf, termbuf, TC_BUFSIZE);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/term.c:929:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[TC_BUFSIZE];
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/term.c:1306:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[MB_LEN_MAX +1];
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/term.c:1393:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char what[8], how[8];
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/term.c:1531:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[TC_BUFSIZE];
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/tty.c:585:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(el->el_tty.t_t, ttyperm, sizeof(ttyperm_t));
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/tty.c:586:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(el->el_tty.t_c, ttychar, sizeof(ttychar_t));
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/tty.c:1182:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[EL_BUFSIZ];
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/tty.h:458:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef unsigned char ttychar_t[NN_IO][C_NCC];
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/vi.c:112:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
(void) memcpy(el->el_line.cursor, k->buf, len *
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/vi.c:1019:7: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
fd = mkstemp(tempfile);
data/eclipse-titan-7.1.1/mctr2/mctr/MainController.cc:192:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_ufds, ufds, i * sizeof(struct pollfd));
data/eclipse-titan-7.1.1/mctr2/mctr/MainController.cc:196:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_ufds + i + 1, ufds + i, (nfds - i) * sizeof(struct pollfd));
data/eclipse-titan-7.1.1/mctr2/mctr/MainController.cc:225:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_ufds, ufds, i * sizeof(struct pollfd));
data/eclipse-titan-7.1.1/mctr2/mctr/MainController.cc:226:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_ufds + i, ufds + i + 1, (new_nfds - i) *
data/eclipse-titan-7.1.1/mctr2/mctr/MainController.cc:4393:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(target->starting.arguments_ptr, arg_ptr, arg_len);
data/eclipse-titan-7.1.1/mctr2/mctr/MainController.cc:6570:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(mtc->comp_name, "MTC");
data/eclipse-titan-7.1.1/mctr2/mctr/MainController.cc:6598:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(system->comp_name, "SYSTEM");
data/eclipse-titan-7.1.1/mctr2/mctr/main.cc:142:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
a = b = atoi(nums[0].c_str());
data/eclipse-titan-7.1.1/mctr2/mctr/main.cc:145:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
a = atoi(nums[0].c_str());
data/eclipse-titan-7.1.1/mctr2/mctr/main.cc:146:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
b = atoi(nums[1].c_str());
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/Abstract_Socket.cc:321:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hname[NI_MAXHOST];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/Abstract_Socket.cc:322:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sname[NI_MAXSERV];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/Abstract_Socket.cc:370:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hname[NI_MAXHOST];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/Abstract_Socket.cc:378:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sname[NI_MAXSERV];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/Abstract_Socket.cc:385:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
clientPort = atoi(sname);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/Abstract_Socket.cc:600:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char remotePort[6];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/Abstract_Socket.cc:601:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char localPort[6];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/Abstract_Socket.cc:602:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(localPort, "%d", local_port_number);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/Abstract_Socket.cc:603:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(remotePort, "%d", remote_port_number);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/Abstract_Socket.cc:735:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
new_local_addr.sin_port=htons(atoi(localServicename));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/Abstract_Socket.cc:866:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hname[NI_MAXHOST];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/Abstract_Socket.cc:867:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sname[NI_MAXSERV];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/Abstract_Socket.cc:910:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int listenPort = atoi(sname);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/Abstract_Socket.cc:1097:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
new_local_addr.sin_port=htons(atoi(localServicename));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/Abstract_Socket.cc:1103:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
new_remote_addr.sin_port=htons(atoi(remoteServicename));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/Abstract_Socket.cc:1335:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hname[NI_MAXHOST];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/Abstract_Socket.cc:1336:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sname[NI_MAXSERV];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/Abstract_Socket.cc:1576:23: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (hptr != NULL) memcpy(&addr->sin_addr, hptr->h_addr_list[0], hptr->h_length);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/Abstract_Socket.cc:2378:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[SSL_CHARBUF_LENGTH];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/Abstract_Socket.cc:2473:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/Abstract_Socket.cc:2581:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[SSL_CHARBUF_LENGTH];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_Base_ExternalFunctions.cc:81:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_DataSource_ExternalFunctions.cc:40:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err[512];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_LGenBase_EventHandlingExternalFunctions.cc:55:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cTemp[masksize+1];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_LGenBase_EventHandlingExternalFunctions.cc:72:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cTemp[2*masksize+1];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_LGenBase_EventHandlingExternalFunctions.cc:81:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cTemp[masksize+1];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_NQueue_ExternalFunctions.cc:86:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err_str[4096];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_NQueue_ExternalFunctions.cc:295:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(EPTF_NQueue_queues[queueId].name, (const char*)pl__name, pl__name.lengthof());
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_NQueue_ExternalFunctions.cc:949:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fn_dot, ".dot");
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_NQueue_ExternalFunctions.cc:950:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(fn_dot, "w");
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_NQueue_ExternalFunctions.cc:958:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fn_png, ".png");
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_RBT_ExternalFunctions.cc:204:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err_str[4096];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_RBT_ExternalFunctions.cc:279:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(items, other.items, other.itemCount * sizeof(Item));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_RBT_ExternalFunctions.cc:1247:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fn_dot, ".dot");
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_RBT_ExternalFunctions.cc:1248:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(fn_dot, "w");
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_RBT_ExternalFunctions.cc:1256:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fn_png, ".png");
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_RBT_ExternalFunctions.cc:1479:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret, src, len);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_TransportIPL2_ExternalFunctions.cc:139:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, (const unsigned char*)pl_buffer, pl_buffer.lengthof());
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_TransportIPL2_ExternalFunctions.cc:140:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + pl_offset, (const unsigned char*)pl_fragment, pl_fragment.lengthof());
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_TransportIPL2_ExternalFunctions.cc:150:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[32];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_TransportIPL2_ExternalFunctions.cc:184:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char buff[8];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_TransportIPL2_ExternalFunctions.cc:207:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char buff[16];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_TransportIPL2_ExternalFunctions.cc:269:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char buff[65536];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_TransportIPL2_ExternalFunctions.cc:305:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if(len > 0) memcpy(p, (const unsigned char*)pdu.payload()(), len);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_TransportIPL2_ExternalFunctions.cc:601:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char buff[65535];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_TransportIPL2_ExternalFunctions.cc:645:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, (const unsigned char*) pdu.options(), optionslen_orig);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_TransportIPL2_ExternalFunctions.cc:657:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, (const unsigned char*) pdu.data(), datalen);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_TransportIPL2_ExternalFunctions.cc:785:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512], format[512] = "";
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_TransportIPL2_ExternalFunctions.cc:809:6: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(format, "%*s"); /* XXX */
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_TransportIPL2_ExternalFunctions.cc:830:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[1024], iface[16];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_TransportIPL2_ExternalFunctions.cc:836:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(PATH_PROCNET_ROUTE, "r");
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:164:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&sa.v4.sin_addr, &(saddr.sin_addr), sizeof(saddr.sin_addr));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:173:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&sa.v6.sin6_addr, &(saddr6.sin6_addr), sizeof(saddr6.sin6_addr));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:196:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&sa.v4.sin_addr, &(saddr->sin_addr), sizeof(saddr->sin_addr));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:204:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&sa.v6,saddr,saLen);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:224:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&sa.v4.sin_addr.s_addr, hp->h_addr_list[0], hp->h_length);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:247:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dst[INET_ADDRSTRLEN];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:264:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dst[INET6_ADDRSTRLEN];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:397:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
max_num_of_poll = atoi(parameter_value);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:399:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
poll_timeout = atoi(parameter_value);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:401:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
defaultLocPort = atoi(parameter_value);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:405:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
backlog = atoi(parameter_value);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:412:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sockListSize = atoi(parameter_value);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:446:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ipDiscConfig.leaseTime = atoi ( parameter_value );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:450:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ipDiscConfig.nOfAddresses = atoi ( parameter_value );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:452:43: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ipDiscConfig.dhcpMsgRetransmitCount = atoi ( parameter_value );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:454:48: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ipDiscConfig.dhcpMsgRetransmitPeriodInms = atoi ( parameter_value );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:456:48: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ipDiscConfig.dhcpMaxParallelRequestCount = atoi ( parameter_value );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:458:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ipDiscConfig.dhcpTimeout = atoi ( parameter_value );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:460:42: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ipDiscConfig.arpMsgRetransmitCount = atoi ( parameter_value );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:462:47: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ipDiscConfig.arpMsgRetransmitPeriodInms = atoi ( parameter_value );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:464:47: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ipDiscConfig.arpMaxParallelRequestCount = atoi ( parameter_value );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:491:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
globalConnOpts.tcpKeepCnt = atoi ( parameter_value );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:493:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
globalConnOpts.tcpKeepIdle = atoi ( parameter_value );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:495:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
globalConnOpts.tcpKeepIntvl = atoi ( parameter_value );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:502:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
globalConnOpts.tcpKeepCnt = atoi ( parameter_value );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:504:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
globalConnOpts.tcpKeepIdle = atoi ( parameter_value );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:506:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
globalConnOpts.tcpKeepIntvl = atoi ( parameter_value );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:513:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
globalConnOpts.sinit_num_ostreams = atoi ( parameter_value );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:515:42: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
globalConnOpts.sinit_max_instreams = atoi ( parameter_value );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:517:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
globalConnOpts.sinit_max_attempts = atoi ( parameter_value );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:519:43: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
globalConnOpts.sinit_max_init_timeo = atoi ( parameter_value );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:601:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int uinst = atoi(parameter_value);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:616:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int tinst = atoi(parameter_value);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:661:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ssl_reconnect_attempts = atoi ( parameter_value );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:663:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ssl_reconnect_delay = atoi ( parameter_value );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:811:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[RECV_MAX_LEN];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:974:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cbuf[sizeof (*cmsg) + sizeof (*sri)];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:1007:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sbuf[16];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:1008:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sbuf, "%u", ntohl(sri->sinfo_ppid));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:1850:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cbuf[sizeof (*cmsg) + sizeof (*sri)];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:2895:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (sarray + used_bytes, &saLoc2, sizeof (struct sockaddr_in));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:2901:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (sarray + used_bytes, &saLoc2, sizeof (struct sockaddr_in6));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:3132:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (sarray_rem , &saRem, sizeof (struct sockaddr_in));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:3137:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (sarray_rem , &saRem, sizeof (struct sockaddr_in6));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:3154:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (sarray_rem + used_bytes, &saLoc2, sizeof (struct sockaddr_in));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:3160:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (sarray_rem + used_bytes, &saLoc2, sizeof (struct sockaddr_in6));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:3342:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (sarray + used_bytes, &saLoc2, sizeof (struct sockaddr_in));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:3348:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (sarray + used_bytes, &saLoc2, sizeof (struct sockaddr_in6));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:4376:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[SSL_CHARBUF_LENGTH];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:4439:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:4574:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[SSL_CHARBUF_LENGTH];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:5168:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ip_addr[46];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:5424:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rem_addr[46];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:5669:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rem_addr[46];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_discovery.cc:138:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[8][64];// TODO: remove static
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_discovery.cc:144:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf ( cBuf, "%i.%i.%i.%i",
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_discovery.cc:147:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf ( cBuf,
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_discovery.cc:159:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[8][32];// TODO: remove static
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_discovery.cc:165:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf ( cBuf, "%i.%i.%i.%i",
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_discovery.cc:173:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[8][32];// TODO: remove static
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_discovery.cc:178:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf ( cBuf, "%02X-%02X-%02X-%02X-%02X-%02X",
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_discovery.cc:215:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char chaddr[16];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_discovery.cc:216:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sname[64];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_discovery.cc:217:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char file[128];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_discovery.cc:364:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy ( p, DHCP_MAGIC_COOKIE, 4 ); p += 4;
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_discovery.cc:365:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy ( p, options_p1, sizeof ( options_p1 ) );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_discovery.cc:388:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy ( p, DHCP_MAGIC_COOKIE, 4 );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_discovery.cc:390:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy ( p + i, options_p1, sizeof ( options_p1 ) );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_discovery.cc:440:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[IF_NAMESIZE];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_discovery.cc:451:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pad[6];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_discovery.cc:486:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[IF_NAMESIZE];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_discovery.cc:487:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[48];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_discovery.cc:490:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifn[IF_NAMESIZE];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_discovery.cc:498:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy ( ifr.name, ifn, IF_NAMESIZE);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_discovery.cc:517:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy ( ifr.name, ifn, IF_NAMESIZE);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_discovery.cc:534:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy ( ifr.name, ifn, IF_NAMESIZE);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_discovery.cc:565:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy ( ifr.name, ifn, IF_NAMESIZE);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_discovery.cc:586:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy ( ifr.name, ifn, IF_NAMESIZE);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_discovery.cc:686:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errBuf[PCAP_ERRBUF_SIZE];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_discovery.cc:690:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ifName[IF_NAMESIZE];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_discovery.cc:691:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filter[1024];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_discovery.cc:745:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pad[2];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_discovery.cc:866:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char packetOut[1514];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_discovery.cc:1094:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy ( fileName, fName, fNlen + 1 );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_discovery.cc:1106:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy ( fileNameRenamed, fileName, fNlen );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_discovery.cc:1135:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINE_LEN];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_discovery.cc:1153:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen ( fileName, "r" );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_discovery.cc:1173:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ipAddr[LINE_LEN], etherAddr[LINE_LEN];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_discovery.cc:1224:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen ( fileName, "w" );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_discovery.cc:1569:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char packetOut[1514];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IP_EncDec.cc:63:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ret[2];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IP_EncDec.cc:366:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int datalen = 4 * (((const unsigned char *) data)[0] & 0x0f);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IP_EncDec.cc:376:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char toAddr[5];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IP_EncDec.cc:390:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char toAddr[INET_ADDRSTRLEN + 1];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IP_EncDec.cc:648:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char toAddr[INET6_ADDRSTRLEN + 1];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IP_EncDec.cc:662:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char toAddr[17];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/LANL2asp_PT.cc:146:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(src_mac_pdu,(const unsigned char*)str2oct(parameter_value),ETH_ALEN);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/LANL2asp_PT.cc:163:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest_mac_pdu,(const unsigned char*)str2oct(parameter_value),ETH_ALEN);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/LANL2asp_PT.cc:336:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errbuf[PCAP_ERRBUF_SIZE]; // pcap buffer for error
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/LANL2asp_PT.cc:417:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(interface_list[id]->src_mac_address,def_src_addr,ETH_ALEN);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/LANL2asp_PT.cc:454:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(interface_list[id]->src_mac_address,def_src_addr,ETH_ALEN);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/LANL2asp_PT.cc:761:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(eth_header->h_dest,dst_addr,ETH_ALEN);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/LANL2asp_PT.cc:762:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(eth_header->h_source,src_addr,ETH_ALEN);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/LANL2asp_PT.cc:766:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(eth_header->ether_dhost.ether_addr_octet,dst_addr,ETH_ALEN);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/LANL2asp_PT.cc:767:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(eth_header->ether_shost.ether_addr_octet,src_addr,ETH_ALEN);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/LANL2asp_PT.cc:771:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char*)(buffer+ETH_HLEN),data, payload_len);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/LANL2asp_PT.cc:780:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(socket_address.sll_addr,dst_addr,ETH_ALEN);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/LANL2asp_PT.cc:912:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(retval,ifr.ifr_hwaddr.sa_data,sizeof(ifr.ifr_hwaddr.sa_data));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/PIPEasp_PT.cc:51:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fdm = open("/dev/ptmx", O_RDWR); /* open master */
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/PIPEasp_PT.cc:71:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fds = open(slavename, O_RDWR); /* open slave */
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/PIPEasp_PT.cc:121:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kill_msg[3];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/PIPEasp_PT.cc:566:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char msg[4];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/PIPEasp_PT.cc:585:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char msg[3];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/PIPEasp_PT.cc:677:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char msg[7];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/PIPEasp_PT.cc:1042:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[PIPE_BUF_SIZE];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/PIPEasp_PT.cc:1058:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[PIPE_BUF_SIZE];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/PIPEasp_PT.cc:1074:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[PIPE_BUF_SIZE];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIP_parse_.tab.c:177:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment_buf[1500];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIP_parse_.tab.c:2488:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char const *yyarg[YYERROR_VERBOSE_ARGS_MAXIMUM];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIP_parse_.tab.c:2894:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char yymsgbuf[128];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIP_parse_.tab.c:4645:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *atm=(char *)Malloc(strlen((yyvsp[(1) - (1)].sv))+1);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:88:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char myinput[BUF_SIZE];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:213:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
conn_list[0].addr=(char *)Realloc(conn_list[0].addr,strlen(target_addr) + 1);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:336:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
local_port=atoi(parameter_value);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:363:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
target_port=atoi(parameter_value);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:438:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
mtu_size=atoi(parameter_value);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:611:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
conn_list[a].buff=(char *)Realloc(conn_list[a].buff
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:615:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(conn_list[a].buff+conn_list[a].msgsize,msg_in_buffer,recvlength+1);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:1328:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
conn_list[0].addr=(char *)Realloc(conn_list[0].addr,strlen(dest_comm_addr)+1);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:1343:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempsend[20];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:1354:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tempsend, "%d" , (int)send_par.response().statusLine().statusCode());
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:1388:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempsend[20];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:1399:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tempsend, "%d" , (int)send_par.statusLine().statusCode());
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:1537:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempsend[BUF_SIZE];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:1824:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tempsend, "%d" ,(int)header->contentLength()().len() );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:1827:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tempsend, "%d" ,body_s );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:1829:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tempsend, "%d" ,0 );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:2053:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tempsend, "%d" ,(int)header->maxForwards()().forwards() );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:2062:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tempsend, "%d" ,(int)mimeptr->majorNumber() );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:2065:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tempsend, "%d" ,(int)mimeptr->minorNumber() );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:2277:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempsend_loc[20];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:2279:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tempsend_loc,"%d",(int) header->p__DCS__LAES()().laes__sig().portField()());
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:2515:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tempsend, "%d" ,(int)header->rack()().response__num());
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:2902:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tempsend, "%d" ,(int) timeptr->majorDigit() );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:2906:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tempsend, "%d" ,(int) timeptr->minorDigit()() );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:2913:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tempsend, "%d" ,(int) timeptr->majorDigit() );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:2917:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tempsend, "%d" ,(int) timeptr->minorDigit()() );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:2978:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tempsend,"%d",(int) sentby->portField()() );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:2998:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tempsend,"%d",(int)(*wptr)[a].warnCode());
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:3009:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tempsend,"%d",(int) hptr->portField()() );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:3146:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[sizeof(struct in6_addr)];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:3184:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempsend[BUF_SIZE];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:3218:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tempsend,"%d",(int) hostport->portField()());
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:3248:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buff+s,mit,mh);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:3260:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buff+s,(const char*)mit,mh);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:3272:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buff+s,(const unsigned char*)mit,mh);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:3291:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&addr_st->sin_addr.s_addr, &addr, sizeof(addr));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:3296:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&addr_st->sin_addr.s_addr, hptr->h_addr_list[0],hptr->h_length);}
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:3716:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
conn_list[0].addr=(char *)Realloc(conn_list[0].addr,strlen(dest_comm_addr)+1);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:3779:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
conn_list[index].addr=(char *)Realloc(conn_list[index].addr,strlen(hostname)+1);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:3946:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ibuf[MAX_IN_BUFFER];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:4016:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char state_file[PATH_MAX];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:4021:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1024];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:4023:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE * scfg = fopen(cfgFile, "r");
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:4036:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
sf = fopen((char *)state_file, "r");
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:4068:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
sf = fopen((char *)state_file, "r");
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:4105:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
sf = fopen((char *)state_file, "r");
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:4144:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempsend[20];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:4150:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tempsend, "%d" , (int)pdu.response().statusLine().statusCode());
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:4211:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempsend[20];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:4217:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tempsend, "%d" , (int)pdu.response().statusLine().statusCode());
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:4429:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tempsend[20];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:4447:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tempsend, "%d" , (int)pdu.firstLine()().statusLine().statusCode());
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCConversion.cc:342:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char addr[17];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCDateTime.cc:179:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ret_val[str_len];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCFileIO.cc:210:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open (pl__name, pl__flags, S_IRUSR | S_IWUSR | S_IRGRP |
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCFileIO.cc:716:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf_tmp[BUF_SIZE + 1]; /* For reading chunks. */
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCFileIO.cc:762:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf + byte_num, buf_tmp, bytes);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCFileIO.cc:780:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (out, buf, out_len);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCFileIO.cc:869:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf_tmp[BUF_SIZE+ 1]; /* For reading chunks. */
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCFileIO.cc:942:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf_tmp[BUF_SIZE]; /* For reading chunks. */
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCFileIO.cc:988:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf + byte_num, buf_tmp, bytes);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCIPsec.cc:80:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rdBuf[2048];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCIPsec.cc:273:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy ( addrExt + 1, pAddr, sockLen);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCIPsec.cc:284:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(key, hexkey, len);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCIPsec.cc:339:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char encrKey[255];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCIPsec.cc:343:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char authKey[255];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCIPsec.cc:366:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char msg[1024];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCIPsec.cc:388:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy ( msg + len, encrKey, encrKeyLen );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCIPsec.cc:401:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy ( msg + len, authKey, authKeyLen );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCIPsec.cc:496:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char msg[1024];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCIPsec.cc:576:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char msg[1024]={0};
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCIPsec.cc:658:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char msg[1024];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface.cc:118:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
start = atoi(strchr(interface_str,':')+1);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface.cc:122:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ip[4];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface.cc:123:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char subnet[4];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface.cc:124:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char broad[4];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface.cc:158:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ifr.ifr_name, ifname, strlen(ifname));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface.cc:160:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&addr->sin_addr, ip, 4);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface.cc:168:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ifr.ifr_name, ifname, strlen(ifname));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface.cc:170:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&addr->sin_addr, subnet, 4);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface.cc:179:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ifr.ifr_name, ifname, strlen(ifname));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface.cc:181:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&addr->sin_addr, broad, 4);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface.cc:222:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ifr.ifr_name, interface_str, interface_len);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface.cc:224:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&addr->sin_addr, ip, 4);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface.cc:233:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ifr.ifr_name, interface_str, interface_len);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface.cc:235:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&addr->sin_addr, subnet, 4);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface.cc:244:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ifr.ifr_name, interface_str, interface_len);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface.cc:246:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&addr->sin_addr, broad, 4);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface.cc:310:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ifr.ifr_name, interface_str, interface_len);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface.cc:395:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ifr.ifr_name, interface_str, interface_len);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface.cc:407:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ifr.ifr_name, interface_str, interface_len);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface.cc:419:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ifr.ifr_name, interface_str, interface_len);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface.cc:459:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ipaddr[INET6_ADDRSTRLEN];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface.cc:460:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subnet[INET6_ADDRSTRLEN];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface.cc:707:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dst[INET_ADDRSTRLEN];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface.cc:724:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dst[INET6_ADDRSTRLEN];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface.cc:754:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&address, host->h_addr_list[0], 4);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface.cc:805:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[3];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface.cc:806:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%d", (int)prefix);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface.cc:823:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface.cc:948:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ipstr[INET6_ADDRSTRLEN];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface.cc:984:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&address, host->h_addr_list++, host->h_length);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface_ip.h:165:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char a_addr[DN_MAXADDL];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface_ip.h:330:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(addr->data, dna.a_addr, 2);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface_ip.h:474:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(RTA_DATA(rta), data, alen);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface_ip.h:488:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char addr[8];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface_ip.h:489:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[16];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface_ip.h:496:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ncache[16];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface_ip.h:547:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[16384];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface_ip.h:623:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(answer, h, h->nlmsg_len);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface_ip.h:631:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(answer, h, h->nlmsg_len);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCP_EncDec.cc:78:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tcpBuf[65536];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCP_EncDec.cc:85:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tcpBuf,pl__ip__source,4);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCP_EncDec.cc:86:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tcpBuf+4,pl__ip__dest,4);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCP_EncDec.cc:87:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tcpBuf+8,&zero,1);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCP_EncDec.cc:88:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tcpBuf+9,&six,1);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCP_EncDec.cc:89:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tcpBuf+10,&length_u,1);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCP_EncDec.cc:90:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tcpBuf+11,&length_l,1);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCP_EncDec.cc:91:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tcpBuf+12,pl__tcp__segment,pl_tcp_segment_length);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCP_EncDec.cc:111:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tcpBuf[65536];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCP_EncDec.cc:121:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tcpBuf,pl__ip__source,16);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCP_EncDec.cc:122:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tcpBuf+16,pl__ip__dest,16);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCP_EncDec.cc:123:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tcpBuf+32,&length_1,1);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCP_EncDec.cc:124:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tcpBuf+33,&length_2,1);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCP_EncDec.cc:125:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tcpBuf+34,&length_3,1);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCP_EncDec.cc:126:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tcpBuf+35,&length_4,1);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCP_EncDec.cc:127:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tcpBuf+36,&zero,1);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCP_EncDec.cc:128:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tcpBuf+37,&zero,1);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCP_EncDec.cc:129:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tcpBuf+38,&zero,1);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCP_EncDec.cc:130:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tcpBuf+39,&six,1);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCP_EncDec.cc:131:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tcpBuf+40,pl__tcp__segment,pl_tcp_segment_length);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCP_EncDec.cc:206:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char checksum[2];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCP_EncDec.cc:314:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char received_checksum[2];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCP_EncDec.cc:320:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char calculated_checksum[2];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TELNETasp_PT.cc:96:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
map_poll_timeout = atoi ( parameter_value );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TELNETasp_PT.cc:106:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ctrl_portnum = atoi ( parameter_value );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TELNETasp_PT.cc:140:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
size_t prompt_id = atoi(parameter_name + 6);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TELNETasp_PT.cc:157:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
size_t prompt_id = atoi(parameter_name + 12);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TELNETasp_PT.cc:174:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
size_t prompt_id = atoi(parameter_name + 16);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TELNETasp_PT.cc:251:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
window_size.set_width(atoi(parameter_value));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TELNETasp_PT.cc:258:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
window_size.set_height(atoi(parameter_value));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TELNETasp_PT.cc:363:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[INET_ADDRSTRLEN];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TELNETasp_PT.cc:556:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ctrl_loginname_prompt, "login: ");
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TELNETasp_PT.cc:562:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ctrl_password_prompt, "password: ");
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TELNETasp_PT.cc:615:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&address.sin_addr, he->h_addr_list[0], he->h_length);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TELNETasp_PT.cc:934:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmd[3]={ IAC, 0, TELOPT_ECHO };
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TELNETasp_PT.cc:1263:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char inbuf[BUFFER_SIZE];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TELNETasp_PT.cc:1499:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char inbuf[BUFFER_SIZE];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TELNETasp_PT.cc:1655:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char CMD[1024];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TELNETasp_PT.cc:1854:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err[512];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TELNETasp_PT.cc:1897:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err[512];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TELNETasp_PT.cc:2011:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf_asciiz, bufptr, buflen);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/XTDPasp_PT.cc:54:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if((packet_hdr_length_offset = atoi(parameter_value))<0)
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/XTDPasp_PT.cc:60:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if((packet_hdr_nr_bytes_in_length = atoi(parameter_value))<0)
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:132304:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char comment_buf[1500];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:132872:63: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num_chars+=SIP_parse_leng; BEGIN(reasonsp); SIP_parse_lval.iv=atoi(SIP_parse_text); return EXTENSION_CODE;
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:133396:47: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num_chars+=SIP_parse_leng; SIP_parse_lval.iv=atoi(SIP_parse_text); return _PORT;
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:134104:63: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num_chars+=SIP_parse_leng; BEGIN(uriparam); SIP_parse_lval.iv=atoi(SIP_parse_text); return _PORT;
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:134109:62: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num_chars+=SIP_parse_leng; BEGIN(kovall); SIP_parse_lval.iv=atoi(SIP_parse_text); return _PORT;
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:134427:59: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num_chars+=SIP_parse_leng; BEGIN(via1); SIP_parse_lval.iv=atoi(SIP_parse_text); return _PORT;
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:134508:61: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num_chars+=SIP_parse_leng; BEGIN(laesst); SIP_parse_lval.iv=atoi(SIP_parse_text); return _PORT;
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:136320:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char myinput[BUF_SIZE];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.xtdp.c:9829:71: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pdu->xtdp__Message().xtdp__Requests()[last_req].requestId() = atoi(xtdptext);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.xtdp.c:9835:72: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pdu->xtdp__Message().xtdp__Responses()[last_res].requestId() = atoi(xtdptext);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.xtdp.c:9840:67: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
pdu->xtdp__Message().xtdp__LayoutResponse().requestId() = atoi(xtdptext);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.xtdp.c:12350:46: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
currentNumericalwidget->numericvalue() = atoi(xtdptext);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.xtdp.c:12439:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
currentTree->rows() = atoi(xtdptext);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.xtdp.c:12442:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
currentTextbox->rows() = atoi(xtdptext);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.xtdp.c:12445:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
currentListbox->rows() = atoi(xtdptext);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.xtdp.c:12461:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
currentListbox->rows() = atoi(xtdptext);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.xtdp.c:12525:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
currentSpacer->flex() = atoi(xtdptext);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.xtdp.c:12528:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
currentTreecol->flex() = atoi(xtdptext);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.xtdp.c:12531:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
currentTextbox->flex() = atoi(xtdptext);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.xtdp.c:12534:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
currentTabbox->flex() = atoi(xtdptext);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.xtdp.c:12537:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
currentTree->flex() = atoi(xtdptext);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.xtdp.c:12540:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
currentHbox->flex() = atoi(xtdptext);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.xtdp.c:12543:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
currentLabel->flex() = atoi(xtdptext);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.xtdp.c:12546:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
currentButton->flex() = atoi(xtdptext);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.xtdp.c:12549:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
currentChart->flex() = atoi(xtdptext);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.xtdp.c:12552:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
currentListbox->flex() = atoi(xtdptext);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.xtdp.c:12555:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
currentNumericalwidget->flex() = atoi(xtdptext);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.xtdp.c:12558:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
currentMenulist->flex() = atoi(xtdptext);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.xtdp.c:12561:40: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
currentDistributionchart->flex() = atoi(xtdptext);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.xtdp.c:13480:42: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
currentNumericalwidget->minvalue() = atoi(xtdptext);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.xtdp.c:13503:42: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
currentNumericalwidget->maxvalue() = atoi(xtdptext);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.xtdp.c:13526:42: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
currentNumericalwidget->stepsize() = atoi(xtdptext);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.xtdp.c:13741:72: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
currentValuelist->values()[currentValuelist->values().size_of()] = atoi(xtdptext);
data/eclipse-titan-7.1.1/regression_test/logFiles/extfunc.cc:29:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "r");
data/eclipse-titan-7.1.1/regression_test/logFiles/extfunc.cc:31:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[MAXLINELENGTH];
data/eclipse-titan-7.1.1/regression_test/ttcn2json/f_ext_import_schema.cc:469:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* fp = fopen(file_name, "r");
data/eclipse-titan-7.1.1/repgen/logfilter.c:172:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line_buffer[BufferSize];
data/eclipse-titan-7.1.1/repgen/logfilter.c:222:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[20];
data/eclipse-titan-7.1.1/repgen/logfilter.c:351:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
infile=fopen(infile_name,"r");
data/eclipse-titan-7.1.1/repgen/logfilter.c:359:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outfile=fopen(outfile_name,"w");
data/eclipse-titan-7.1.1/repgen/logmerge.c:169:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[MAXTIMESTAMPLENGTH + 1];
data/eclipse-titan-7.1.1/repgen/logmerge.c:170:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, FOPEN_READ);
data/eclipse-titan-7.1.1/repgen/logmerge.c:229:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret_val, path_name + compid_begin, compid_len);
data/eclipse-titan-7.1.1/repgen/logmerge.c:246:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(temp_name, FOPEN_WRITE);
data/eclipse-titan-7.1.1/repgen/logmerge.c:258:8: [2] (tmpfile) mkstemp:
Potential for temporary file vulnerability in some circumstances. Some
older Unix-like systems create temp files with permission to write by all
by default, so be sure to set the umask to override this. Also, some older
Unix systems might fail to use O_EXCL when opening the file, so make sure
that O_EXCL is used by the library (CWE-377).
fd = mkstemp(*filename);
data/eclipse-titan-7.1.1/repgen/logmerge.c:284:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timestamp[MAXTIMESTAMPLENGTH+1];/*text of timestamp*/
data/eclipse-titan-7.1.1/repgen/logmerge.c:302:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp_list_in[a]=fopen(argv[a], FOPEN_READ);
data/eclipse-titan-7.1.1/repgen/logmerge.c:409:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ptr,str[MAXTIMESTAMPLENGTH+1];
data/eclipse-titan-7.1.1/repgen/logmerge.c:417:19: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*sec=(time_t)atol(str);
data/eclipse-titan-7.1.1/repgen/logmerge.c:418:12: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*usec=atol(ptr);
data/eclipse-titan-7.1.1/repgen/logmerge.c:429:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
TM.tm_hour = atoi(str);
data/eclipse-titan-7.1.1/repgen/logmerge.c:430:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
TM.tm_min = atoi(str+3);
data/eclipse-titan-7.1.1/repgen/logmerge.c:431:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
TM.tm_sec = atoi(str+6);
data/eclipse-titan-7.1.1/repgen/logmerge.c:432:14: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*usec = atol(str+9);
data/eclipse-titan-7.1.1/repgen/logmerge.c:437:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
TM.tm_year=atoi(str+YearOffset)-1900;
data/eclipse-titan-7.1.1/repgen/logmerge.c:441:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
TM.tm_mday=atoi(str+DayOffset);TM.tm_isdst=-1;
data/eclipse-titan-7.1.1/repgen/logmerge.c:445:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
TM.tm_hour=atoi(ptr);TM.tm_min=atoi(ptr+3);
data/eclipse-titan-7.1.1/repgen/logmerge.c:445:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
TM.tm_hour=atoi(ptr);TM.tm_min=atoi(ptr+3);
data/eclipse-titan-7.1.1/repgen/logmerge.c:446:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
TM.tm_sec=atoi(ptr+6);*usec=atol(ptr+9);
data/eclipse-titan-7.1.1/repgen/logmerge.c:446:34: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
TM.tm_sec=atoi(ptr+6);*usec=atol(ptr+9);
data/eclipse-titan-7.1.1/repgen/logmerge.c:479:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFFERSIZE];
data/eclipse-titan-7.1.1/repgen/logmerge.c:674:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outfile = fopen(outfile_name, FOPEN_WRITE);
data/eclipse-titan-7.1.1/repgen/repgen.c:177:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullname[MAXLEN];
data/eclipse-titan-7.1.1/repgen/repgen.c:178:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inbuf[1024];
data/eclipse-titan-7.1.1/repgen/repgen.c:182:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( ( rfile = fopen ( fullname, "rt") ) == NULL )
data/eclipse-titan-7.1.1/repgen/repgen.c:203:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( ( wfile = fopen ( fullname, "wt") ) == NULL )
data/eclipse-titan-7.1.1/repgen/repgen.c:243:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cwd[MAXLEN], command[MAXLEN], log_absrcdir[MAXLEN];
data/eclipse-titan-7.1.1/repgen/repgen.c:244:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oldname[MAXLEN], newname[MAXLEN], tempdir[MAXLEN];
data/eclipse-titan-7.1.1/repgen/repgen.c:375:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullname[MAXLEN];
data/eclipse-titan-7.1.1/repgen/repgen.c:399:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inbuf[1024];
data/eclipse-titan-7.1.1/repgen/repgen.c:403:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( ( rfile = fopen ( fullname, "rt") ) == NULL )
data/eclipse-titan-7.1.1/repgen/repgen.c:410:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( ( wfile = fopen ( fullname, "wt") ) == NULL )
data/eclipse-titan-7.1.1/repgen/repgen.c:441:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirname[MAXLEN], filename[MAXLEN], buf[1024];
data/eclipse-titan-7.1.1/repgen/repgen.c:448:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( ( wfile = fopen ( buf, "wt" ) ) == NULL )
data/eclipse-titan-7.1.1/repgen/repgen.c:617:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( ( rfile = fopen ( filename, "rt" ) ) == NULL ) fputs ( "No description found!", wfile );
data/eclipse-titan-7.1.1/repgen/repgen.c:637:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( ( rfile = fopen ( filename, "rt" ) ) == NULL ) fputs ( "none", wfile );
data/eclipse-titan-7.1.1/repgen/repgen.c:712:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ( ( wfile = fopen ( filename, "wt" ) ) == NULL )
data/eclipse-titan-7.1.1/repgen/repgen.h:21:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tcname[MAXLEN];
data/eclipse-titan-7.1.1/xsdconvert/Mstring.cc:40:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(text, s, len);
data/eclipse-titan-7.1.1/xsdconvert/SimpleType.cc:1291:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int int_value = atoi(facet->Data.c_str());
data/eclipse-titan-7.1.1/xsdconvert/TTCN3Module.cc:83:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char posix[PATH_MAX];
data/eclipse-titan-7.1.1/xsdconvert/TTCN3ModuleInventory.cc:244:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen("XSD_Definitions.ttcn", "w");
data/eclipse-titan-7.1.1/xsdconvert/TTCN3ModuleInventory.cc:293:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(filename_s.c_str(), "w");
data/eclipse-titan-7.1.1/xsdconvert/XMLParser.cc:464:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp + old_length, text, length);
data/eclipse-titan-7.1.1/xsdconvert/converter.cc:188:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!fopen(module_names[i], "r")) {
data/eclipse-titan-7.1.1/xsdconvert/converter.cc:330:34: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fileUsefulTtcn3Types = fopen("UsefulTtcn3Types.ttcn", "w");
data/eclipse-titan-7.1.1/xsdconvert/converter.cc:346:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fileXsd = fopen("XSD.ttcn", "w");
data/eclipse-titan-7.1.1/xsdconvert/converter.cc:362:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *input = fopen(from_file, "r");
data/eclipse-titan-7.1.1/JNI/jnimw.cc:137:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int j = strlen(packet_size);
data/eclipse-titan-7.1.1/JNI/jnimw.cc:142:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char* msg_stuffed = (char*) malloc(strlen(msg)*2);
data/eclipse-titan-7.1.1/JNI/jnimw.cc:188:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
create_packet_header(strlen(tmp), packet_header, 'E');
data/eclipse-titan-7.1.1/JNI/jnimw.cc:210:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
create_packet_header(strlen(tmp), packet_header, 'N');
data/eclipse-titan-7.1.1/JNI/jnimw.cc:253:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int ret = read(pipe_fd[0], pipe_buffer, 6);
data/eclipse-titan-7.1.1/JNI/jnimw.cc:272:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret = read(pipe_fd[0],pipe_buffer + 6, packet_size);
data/eclipse-titan-7.1.1/JNI/jnimw.cc:286:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (write(pipe_fd[1], buf, strlen(buf)) < 0){
data/eclipse-titan-7.1.1/JNI/jnimw.cc:290:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pipe_size+=strlen(buf);
data/eclipse-titan-7.1.1/common/JSON_Tokenizer.cc:55:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf_len += strlen(s);
data/eclipse-titan-7.1.1/common/JSON_Tokenizer.cc:196:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(p_literal);
data/eclipse-titan-7.1.1/common/JSON_Tokenizer.cc:406:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t str_len = strlen(str);
data/eclipse-titan-7.1.1/common/NetworkHandler.cc:196:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(m_addr_str, inet_ntoa(m_addr.sin_addr), sizeof(m_addr_str));
data/eclipse-titan-7.1.1/common/NetworkHandler.cc:197:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(m_host_str, hptr->h_name, sizeof(m_host_str));
data/eclipse-titan-7.1.1/common/NetworkHandler.cc:210:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(m_addr_str, inet_ntoa(m_addr.sin_addr), sizeof(m_addr_str));
data/eclipse-titan-7.1.1/common/NetworkHandler.cc:216:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(m_host_str, hptr->h_name, sizeof(m_host_str));
data/eclipse-titan-7.1.1/common/NetworkHandler.cc:229:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(m_addr_str, inet_ntoa(m_addr.sin_addr), sizeof(m_addr_str));
data/eclipse-titan-7.1.1/common/NetworkHandler.cc:235:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(m_host_str, hptr->h_name, sizeof(m_host_str));
data/eclipse-titan-7.1.1/common/NetworkHandler.cc:256:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(m_host_str, (static_cast<const IPv4Address&>(p_addr)).m_host_str, sizeof(m_host_str));
data/eclipse-titan-7.1.1/common/NetworkHandler.cc:257:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(m_addr_str, (static_cast<const IPv4Address&>(p_addr)).m_addr_str, sizeof(m_addr_str));
data/eclipse-titan-7.1.1/common/NetworkHandler.cc:306:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(m_addr_str) > 0) {
data/eclipse-titan-7.1.1/common/NetworkHandler.cc:308:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (strlen(m_host_str) > 0 && strstr(m_host_str, "%") != NULL) ? m_host_str : m_addr_str;
data/eclipse-titan-7.1.1/common/NetworkHandler.cc:336:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(m_host_str, res->ai_canonname, sizeof(m_host_str));
data/eclipse-titan-7.1.1/common/NetworkHandler.cc:397:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(m_host_str, (static_cast<const IPv6Address&>(p_addr)).m_host_str, sizeof(m_host_str));
data/eclipse-titan-7.1.1/common/NetworkHandler.cc:398:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(m_addr_str, (static_cast<const IPv6Address&>(p_addr)).m_addr_str, sizeof(m_addr_str));
data/eclipse-titan-7.1.1/common/UnicharPattern.cc:37:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(str);
data/eclipse-titan-7.1.1/common/UnicharPattern.cc:89:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t ttcn3_dir_len = strlen(ttcn3_dir);
data/eclipse-titan-7.1.1/common/UnicharPattern.cc:134:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t from_str_len = from_str != NULL ? strlen(from_str) : 0;
data/eclipse-titan-7.1.1/common/UnicharPattern.cc:149:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (status == NULL || strlen(status) != 1) {
data/eclipse-titan-7.1.1/common/UnicharPattern.cc:161:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t to_str_len = to_str != NULL ? strlen(to_str) : 0;
data/eclipse-titan-7.1.1/common/UnicharPattern.cc:235:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(str) / 8;
data/eclipse-titan-7.1.1/common/config_preproc.cc:109:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*value_len=strlen(s);
data/eclipse-titan-7.1.1/common/memory.c:806:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(str);
data/eclipse-titan-7.1.1/common/memory.c:846:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len2 = strlen(str2);
data/eclipse-titan-7.1.1/common/path.c:130:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t dir_name_len = strlen(dir_name);
data/eclipse-titan-7.1.1/common/usage_stats.cc:111:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nd = strlen(domain) - 7;
data/eclipse-titan-7.1.1/common/usage_stats.cc:127:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nd = strlen(domain) - 1;
data/eclipse-titan-7.1.1/common/usage_stats.cc:133:33: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if ('.'!=domain[first]) strcat(host,".");
data/eclipse-titan-7.1.1/common/usage_stats.cc:234:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
"%s", page, host, (unsigned long)strlen(poststr), poststr);
data/eclipse-titan-7.1.1/common/usage_stats.cc:236:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(void)write(sockfd, sendline, strlen(sendline));
data/eclipse-titan-7.1.1/compiler2/CodeGenHelper.cc:138:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t length = strlen(type);
data/eclipse-titan-7.1.1/compiler2/Setting.cc:259:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t file_name_len = strlen(filename);
data/eclipse-titan-7.1.1/compiler2/Setting.cc:285:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t file_name_len = strlen(file_name);
data/eclipse-titan-7.1.1/compiler2/Type.cc:3379:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t dval_len = strlen(dval);
data/eclipse-titan-7.1.1/compiler2/Type_chk.cc:1104:13: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (mismatch && ret == 0) {
data/eclipse-titan-7.1.1/compiler2/Type_chk.cc:1536:29: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
int num_converted = sscanf(dfe_str, "%f %1s", &f, tail);
data/eclipse-titan-7.1.1/compiler2/Type_chk.cc:1891:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(txt.new_text," ");
data/eclipse-titan-7.1.1/compiler2/Type_chk.cc:2859:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(first, xerattrib->namespace_.prefix, 4);
data/eclipse-titan-7.1.1/compiler2/Value.cc:6293:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t instr_len = strlen(input_str);
data/eclipse-titan-7.1.1/compiler2/Value.cc:6309:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t pattern_len = strlen(pattern_str);
data/eclipse-titan-7.1.1/compiler2/main.cc:342:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t line_len = strlen(line) - 1;
data/eclipse-titan-7.1.1/compiler2/main.cc:587:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (0 == strncmp(first.file_name + strlen(first.file_name) - 4, ".asn", 4)) {
data/eclipse-titan-7.1.1/compiler2/main.cc:588:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
json_schema_name = mcopystrn(first.file_name, strlen(first.file_name) - 4);
data/eclipse-titan-7.1.1/compiler2/main.cc:591:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (0 == strncmp(first.file_name + strlen(first.file_name) - 5, ".ttcn", 5)) {
data/eclipse-titan-7.1.1/compiler2/main.cc:592:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
json_schema_name = mcopystrn(first.file_name, strlen(first.file_name) - 5);
data/eclipse-titan-7.1.1/compiler2/main.cc:931:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strlen(files_from_file[i]) > 2) {
data/eclipse-titan-7.1.1/compiler2/makefile.c:5179:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t length = strlen(optarg);
data/eclipse-titan-7.1.1/compiler2/record.c:3361:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
, (int)strlen(sdef->elements[i].jsonAlias ? sdef->elements[i].jsonAlias : sdef->elements[i].dispname)
data/eclipse-titan-7.1.1/compiler2/record.c:3474:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
, (unsigned long) strlen(sdef->elements[i].dispname), sdef->elements[i].dispname);
data/eclipse-titan-7.1.1/compiler2/record.c:3517:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
, (unsigned long) strlen(sdef->elements[i].dispname)
data/eclipse-titan-7.1.1/compiler2/string.cc:154:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n_chars = strlen(s);
data/eclipse-titan-7.1.1/compiler2/string.cc:238:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
replace(pos, n, s, strlen(s));
data/eclipse-titan-7.1.1/compiler2/string.cc:424:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n_chars = strlen(s);
data/eclipse-titan-7.1.1/compiler2/string.cc:470:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t s_len = strlen(s);
data/eclipse-titan-7.1.1/compiler2/string.cc:500:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t s_len = strlen(s);
data/eclipse-titan-7.1.1/compiler2/string.cc:525:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t s1_len = strlen(s1);
data/eclipse-titan-7.1.1/compiler2/ttcn3/Statement.cc:11073:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(subrefs_str);
data/eclipse-titan-7.1.1/compiler2/ttcn3/Statement.cc:12728:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(expr_init)) {
data/eclipse-titan-7.1.1/compiler2/ttcn3/Statement.cc:12739:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(expr_init)) str=mputstr(str, "}\n"); // (1)
data/eclipse-titan-7.1.1/compiler2/ttcn3/Ttcnstuff.cc:2463:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = pdef.var_defs ? strlen(pdef.var_defs) : 0;
data/eclipse-titan-7.1.1/compiler2/ttcn3/Ttcnstuff.cc:2468:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((pdef.var_defs == NULL || len == strlen(pdef.var_defs)) && def->get_asstype() != Common::Assignment::A_CONST) {
data/eclipse-titan-7.1.1/compiler2/ttcn3/Ttcnstuff.cc:2654:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t ABCLength = strlen(ABCClass);
data/eclipse-titan-7.1.1/compiler2/ttcn3/Ttcnstuff.cc:2682:19: [1] (buffer) sscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
int scanned = sscanf(ver->get_dispname().c_str(), "R%u%3[A-HJ-NS-VX-Z]%u%63s",
data/eclipse-titan-7.1.1/compiler2/ttcn3/Ttcnstuff.cc:2687:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(extra_junk)>0) {
data/eclipse-titan-7.1.1/compiler2/ttcn3/compiler.c:61:10: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
switch (getc(fp)) {
data/eclipse-titan-7.1.1/compiler2/ttcn3/profiler.c:49:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t file_name_len = strlen(file_walker->file_name);
data/eclipse-titan-7.1.1/compiler2/union.c:2379:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
, (int)strlen(sdef->elements[i].jsonAlias ? sdef->elements[i].jsonAlias : sdef->elements[i].dispname)
data/eclipse-titan-7.1.1/compiler2/union.c:2382:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
, (unsigned long) strlen(sdef->elements[i].dispname), sdef->elements[i].dispname);
data/eclipse-titan-7.1.1/compiler2/xpather.cc:555:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t pathlen = strlen(path);
data/eclipse-titan-7.1.1/compiler2/xpather.cc:559:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t xdlen = strlen(xdir);
data/eclipse-titan-7.1.1/compiler2/xpather.cc:574:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slash = raw + strlen(raw);
data/eclipse-titan-7.1.1/compiler2/xpather.cc:582:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bool ends_with_slash = cooked[strlen(cooked)-1] == '/';
data/eclipse-titan-7.1.1/compiler2/xpather.cc:1493:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
boolean need_slash = search_paths[i][strlen(search_paths[i]) - 1] != '/';
data/eclipse-titan-7.1.1/compiler2/xpather.cc:1496:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * prefixed_file_path = (char*)Malloc((strlen(search_paths[i]) + strlen(tpdName) + 1 + need_slash) * sizeof(char));
data/eclipse-titan-7.1.1/compiler2/xpather.cc:1496:76: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * prefixed_file_path = (char*)Malloc((strlen(search_paths[i]) + strlen(tpdName) + 1 + need_slash) * sizeof(char));
data/eclipse-titan-7.1.1/compiler2/xpather.cc:1499:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(prefixed_file_path, "/");
data/eclipse-titan-7.1.1/compiler2/xpather.cc:1521:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tpdName[strlen(tpdName)-4] ='\0';
data/eclipse-titan-7.1.1/compiler2/xpather.cc:1572:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t ttcn3_dir_len = strlen(ttcn3_dir);
data/eclipse-titan-7.1.1/compiler2/xpather.cc:2003:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t ruri_len = strlen(ruri);
data/eclipse-titan-7.1.1/compiler2/xpather.cc:2952:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tpdName_loc = (char*)Malloc((strlen(name) + 5) * sizeof(char));
data/eclipse-titan-7.1.1/core/ASN_CharacterString.cc:847:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t namelen = strlen(name);
data/eclipse-titan-7.1.1/core/ASN_EmbeddedPDV.cc:841:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t namelen = strlen(name);
data/eclipse-titan-7.1.1/core/Addfunc.cc:610:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int value_length = strlen(value);
data/eclipse-titan-7.1.1/core/Addfunc.cc:638:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else return OCTETSTRING(strlen(value), (const unsigned char*)value);
data/eclipse-titan-7.1.1/core/Basetype.cc:304:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p_buf.put_s(strlen(collected_ns[cur_coll]), (cbyte*)collected_ns[cur_coll]);
data/eclipse-titan-7.1.1/core/Bitstring.cc:1148:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t num_bits = strlen(value);
data/eclipse-titan-7.1.1/core/Bitstring.cc:1211:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
value_len = strlen(value);
data/eclipse-titan-7.1.1/core/Charstring.cc:130:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (chars_ptr != NULL) n_chars = strlen(chars_ptr);
data/eclipse-titan-7.1.1/core/Charstring.cc:179:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (other_value != NULL) n_chars = strlen(other_value);
data/eclipse-titan-7.1.1/core/Charstring.cc:293:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else other_len = strlen(other_value);
data/eclipse-titan-7.1.1/core/Charstring.cc:404:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int other_n_chars = strlen(other_value);
data/eclipse-titan-7.1.1/core/Charstring.cc:1422:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t num_chars = strlen((const char*)value);
data/eclipse-titan-7.1.1/core/Charstring.cc:1819:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
value_len = strlen(value);
data/eclipse-titan-7.1.1/core/Charstring.cc:1979:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else other_len = strlen(other_value);
data/eclipse-titan-7.1.1/core/Charstring.cc:2091:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else string_len = strlen(string_value);
data/eclipse-titan-7.1.1/core/Charstring.cc:2107:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else string_len = strlen(string_value);
data/eclipse-titan-7.1.1/core/Debugger.cc:58:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(p_str);
data/eclipse-titan-7.1.1/core/Debugger.cc:870:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(p_file_name_skeleton);
data/eclipse-titan-7.1.1/core/Debugger.cc:1775:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(p_arguments[0]) > 0) {
data/eclipse-titan-7.1.1/core/Debugger.cc:1778:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(p_arguments[1]) > 0) {
data/eclipse-titan-7.1.1/core/Debugger.cc:1781:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(p_arguments[3]) > 0) {
data/eclipse-titan-7.1.1/core/Debugger.cc:1783:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(p_arguments[4]) > 0 ? p_arguments[4] : NULL);
data/eclipse-titan-7.1.1/core/Debugger.cc:1785:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(p_arguments[5]) > 0) {
data/eclipse-titan-7.1.1/core/Debugger.cc:1787:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(p_arguments[6]) > 0 ? p_arguments[6] : NULL);
data/eclipse-titan-7.1.1/core/Debugger.cc:1789:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(p_arguments[7]) > 0) {
data/eclipse-titan-7.1.1/core/Debugger.cc:1791:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(p_arguments[8]) > 0 ? p_arguments[8] : NULL);
data/eclipse-titan-7.1.1/core/Debugger.cc:1793:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(p_arguments[9]) > 0) {
data/eclipse-titan-7.1.1/core/Debugger.cc:1795:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(p_arguments[10]) > 0 ? p_arguments[10] : NULL);
data/eclipse-titan-7.1.1/core/Debugger.cc:1799:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(p_arguments[i + 2]) > 0 ? p_arguments[i + 2] : NULL);
data/eclipse-titan-7.1.1/core/Debugger.cc:1895:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t name_len = strlen(var->name);
data/eclipse-titan-7.1.1/core/Debugger.cc:1896:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t mod_len = strlen(var->module);
data/eclipse-titan-7.1.1/core/Debugger.cc:1897:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(p_name);
data/eclipse-titan-7.1.1/core/DebuggerUI.cc:117:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(p_line_read);
data/eclipse-titan-7.1.1/core/DebuggerUI.cc:195:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(p_argument, command->name, strlen(command->name))) {
data/eclipse-titan-7.1.1/core/DebuggerUI.cc:281:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(line);
data/eclipse-titan-7.1.1/core/DebuggerUI.cc:312:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
prefix_len = strlen(p_prefix);
data/eclipse-titan-7.1.1/core/Error.cc:245:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(lib);
data/eclipse-titan-7.1.1/core/Float.cc:501:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new_tlv->V.str.Vlen=1+strlen((const char*)&new_tlv->V.str.Vstr[1]);
data/eclipse-titan-7.1.1/core/Float.cc:886:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(buf);
data/eclipse-titan-7.1.1/core/Float.cc:987:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (fraction_digits_pos < strlen(value)) {
data/eclipse-titan-7.1.1/core/Float.cc:1042:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (fraction_digits_pos < strlen(value)) {
data/eclipse-titan-7.1.1/core/Float.cc:1126:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
value_len = strlen(value);
data/eclipse-titan-7.1.1/core/Hexstring.cc:974:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = value ? strlen(value) : 0;
data/eclipse-titan-7.1.1/core/Hexstring.cc:1089:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
value_len = strlen(value);
data/eclipse-titan-7.1.1/core/Integer.cc:1027:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (0 == strlen(atm + offs) || 0 == from_string(atm+offs)) {
data/eclipse-titan-7.1.1/core/Integer.cc:1660:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (get_nof_digits() != (int)strlen(value) - (value[0] == '-') ? 1 : 0) {
data/eclipse-titan-7.1.1/core/Integer.cc:1689:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (get_nof_digits() != (int)strlen(value) - (value[0] == '-') ? 1 : 0) {
data/eclipse-titan-7.1.1/core/Integer.cc:1766:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
value_len = strlen(value);
data/eclipse-titan-7.1.1/core/JSON.cc:670:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buff.increase_pos(strlen(tmp_str)+1);
data/eclipse-titan-7.1.1/core/JSON.cc:1415:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buff.increase_pos(strlen(tmp_str)+1);
data/eclipse-titan-7.1.1/core/JSON.cc:1420:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buff.increase_pos(strlen(tmp_str)+1);
data/eclipse-titan-7.1.1/core/LegacyLogger.cc:449:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t message_len = strlen(message_ptr);
data/eclipse-titan-7.1.1/core/LegacyLogger.cc:1041:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ms_parameter == NULL || strlen(ms_parameter) == 0)
data/eclipse-titan-7.1.1/core/LegacyLogger.cc:2163:23: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
old_umask = umask(0);
data/eclipse-titan-7.1.1/core/LegacyLogger.cc:2179:20: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
if (umask_saved) umask(old_umask);
data/eclipse-titan-7.1.1/core/Logger.cc:593:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t name_end = strlen(argv_0);
data/eclipse-titan-7.1.1/core/Logger.cc:946:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str_ptr, strlen(str_ptr));
data/eclipse-titan-7.1.1/core/LoggerPluginManager.cc:218:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *pluginname = (filename != NULL && strlen(filename) > 0) ?
data/eclipse-titan-7.1.1/core/LoggerPluginManager.cc:220:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t pluginname_length = strlen(pluginname);
data/eclipse-titan-7.1.1/core/LoggerPluginManager.cc:298:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (logparam.plugin_id && !(strlen(logparam.plugin_id) == 1 && !strncmp(logparam.plugin_id, "*", 1))) {
data/eclipse-titan-7.1.1/core/LoggerPluginManager.cc:1578:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t str_len = strlen(str);
data/eclipse-titan-7.1.1/core/LoggerPluginManager.cc:1642:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
log_unhandled_event(TTCN_Logger::WARNING_UNQUALIFIED, message, strlen(message));
data/eclipse-titan-7.1.1/core/LoggerPluginManager.cc:1730:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
log_unhandled_event(TTCN_Logger::WARNING_UNQUALIFIED, message, strlen(message));
data/eclipse-titan-7.1.1/core/LoggerPluginManager.cc:1775:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
log_unhandled_event(TTCN_Logger::WARNING_UNQUALIFIED, message, strlen(message));
data/eclipse-titan-7.1.1/core/LoggerPluginManager.cc:1788:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
log_unhandled_event(TTCN_Logger::WARNING_UNQUALIFIED, message, strlen(message));
data/eclipse-titan-7.1.1/core/LoggerPluginManager.cc:1804:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
log_unhandled_event(TTCN_Logger::WARNING_UNQUALIFIED, message, strlen(message));
data/eclipse-titan-7.1.1/core/LoggerPlugin_dynamic.cc:23:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t lenstr = strlen(str);
data/eclipse-titan-7.1.1/core/LoggerPlugin_dynamic.cc:24:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t lensuffix = strlen(suffix);
data/eclipse-titan-7.1.1/core/Objid.cc:645:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
value_len = strlen(value);
data/eclipse-titan-7.1.1/core/Octetstring.cc:1042:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = value ? strlen(value) : 0;
data/eclipse-titan-7.1.1/core/Octetstring.cc:1343:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
value_len = strlen(value);
data/eclipse-titan-7.1.1/core/ProfMerge_main.cc:113:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(optarg);
data/eclipse-titan-7.1.1/core/Profiler.cc:104:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(p_filename_skeleton);
data/eclipse-titan-7.1.1/core/ProfilerTools.cc:190:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(p_db[file_index].filename) == value_len - 2 &&
data/eclipse-titan-7.1.1/core/Single_main.cc:59:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
retval = write(STDERR_FILENO, stored_argv, strlen(stored_argv));
data/eclipse-titan-7.1.1/core/TEXT.cc:46:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fixed_len = strlen(posix_str);
data/eclipse-titan-7.1.1/core/Textbuf.cc:337:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(string_ptr);
data/eclipse-titan-7.1.1/core/Timer.cc:207:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
double TIMER::read() const
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:349:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else n_chars = strlen(other_value);
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:467:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else other_len = strlen(other_value);
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:1906:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p_td.ns_uris[0] != NULL && strlen(p_td.ns_uris[0]) != 0) {
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:1916:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(p_td.ns_uris[0]);
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:2153:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t num_chars = strlen((const char*)value);
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:2187:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(value);
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:2231:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(text);
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:2237:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(name);
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:2251:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(text);
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:2603:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
value_len = strlen(value);
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:3471:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else other_len = strlen(other_value);
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:3753:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else string_len = strlen(string_value);
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:3791:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else string_len = strlen(string_value);
data/eclipse-titan-7.1.1/core/Universal_charstring.cc:3820:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else string_len = strlen(string_value);
data/eclipse-titan-7.1.1/core/Verdicttype.cc:305:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p_buf.put_s(strlen(enumval), (const unsigned char*)enumval);
data/eclipse-titan-7.1.1/core/Verdicttype.cc:403:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
value_len = strlen(value);
data/eclipse-titan-7.1.1/core/XER.cc:136:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p_buf.put_s(strlen(my_ns->px), (cbyte*)my_ns->px);
data/eclipse-titan-7.1.1/core/XER.cc:163:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((p_xmlns == 0 && strlen(p_td.ns_uris[idx]) == 0) ||
data/eclipse-titan-7.1.1/core2/Basetype2.cc:1602:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(p_td.json->default_value);
data/eclipse-titan-7.1.1/core2/Basetype2.cc:2486:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(val);
data/eclipse-titan-7.1.1/core2/Basetype2.cc:2493:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos = (str - val) + strlen(str) + 1;
data/eclipse-titan-7.1.1/core2/Basetype2.cc:2506:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf2.put_s(strlen(pns->px), (cbyte*)pns->px);
data/eclipse-titan-7.1.1/core2/Basetype2.cc:2508:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf2.put_s(strlen(pns->ns), (cbyte*)pns->ns);
data/eclipse-titan-7.1.1/core2/Basetype2.cc:2512:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf2.put_s(strlen(str), (cbyte*)str);
data/eclipse-titan-7.1.1/core2/Basetype2.cc:2573:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uc->decode_utf8(strlen((const char*)outer), outer);
data/eclipse-titan-7.1.1/core2/Basetype2.cc:4477:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p_buf.put_s(strlen(collected_ns[cur_coll]), (cbyte*)collected_ns[cur_coll]);
data/eclipse-titan-7.1.1/core2/Basetype2.cc:4517:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p_buf.put_s(strlen(control_ns->px),
data/eclipse-titan-7.1.1/core2/Basetype2.cc:5037:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p_buf.put_s(strlen(collected_ns[cur_coll]), (cbyte*)collected_ns[cur_coll]);
data/eclipse-titan-7.1.1/core2/Basetype2.cc:5108:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p_buf.put_s(strlen(control_ns->px), (cbyte*)control_ns->px);
data/eclipse-titan-7.1.1/core2/Basetype2.cc:5110:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p_buf.put_s(strlen(control_ns->ns), (cbyte*)control_ns->ns);
data/eclipse-titan-7.1.1/core2/Basetype2.cc:5115:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p_buf.put_s(strlen(control_ns->px), (cbyte*)control_ns->px);
data/eclipse-titan-7.1.1/core2/Basetype2.cc:5570:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
aabuf.put_s(uri ? strlen((const char*)uri) : 0, uri);
data/eclipse-titan-7.1.1/core2/Basetype2.cc:5572:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
aabuf.put_s(name ? strlen((const char*)name) : 0, name);
data/eclipse-titan-7.1.1/core2/Basetype2.cc:5575:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
aabuf.put_s(val ? strlen((const char*)val) : 0, val);
data/eclipse-titan-7.1.1/core2/Basetype2.cc:6296:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(expected_name) == name_len &&
data/eclipse-titan-7.1.1/core2/Basetype2.cc:6359:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)strlen(fld_name(field_idx)), fld_name(field_idx));
data/eclipse-titan-7.1.1/core2/Basetype2.cc:6383:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(int)strlen(fld_name(field_idx)), fld_name(field_idx));
data/eclipse-titan-7.1.1/core2/Basetype2.cc:7578:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(p_td.json->default_value);
data/eclipse-titan-7.1.1/hello/PCOType.cc:51:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int c = getc(stdin);
data/eclipse-titan-7.1.1/licensegen/license_gen.c:73:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(to, from, length);
data/eclipse-titan-7.1.1/mctr2/cli/Cli.cc:480:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t command_name_len = strlen(command->name);
data/eclipse-titan-7.1.1/mctr2/cli/Cli.cc:490:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t command_name_len = strlen(command->name);
data/eclipse-titan-7.1.1/mctr2/cli/Cli.cc:570:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t doti = 0, alen = strlen(arguments), state = 0;
data/eclipse-titan-7.1.1/mctr2/cli/Cli.cc:791:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(command->name))) {
data/eclipse-titan-7.1.1/mctr2/cli/Cli.cc:801:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(command->name))) {
data/eclipse-titan-7.1.1/mctr2/cli/Cli.cc:864:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(line);
data/eclipse-titan-7.1.1/mctr2/cli/Cli.cc:899:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
prefix_len = strlen(prefix);
data/eclipse-titan-7.1.1/mctr2/cli/Cli.cc:927:20: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int input_char = getc(fp);
data/eclipse-titan-7.1.1/mctr2/cli/Cli.cc:943:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t head_index, tail_index, input_len = strlen(input_text);
data/eclipse-titan-7.1.1/mctr2/cli/Cli.cc:991:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(host->hostname_local)))
data/eclipse-titan-7.1.1/mctr2/cli/Cli.cc:1162:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t hostname_len = strlen(hostname);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/chared.c:722:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (FUN(el,getc)(el, &ch) != 1) {
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/chartype.c:151:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bufspace += argv[i] ? strlen(argv[i]) + 1 : 0;
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/chartype.h:97:25: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define Strlen(x) wcslen(x)
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/chartype.h:103:25: [1] (buffer) wcsncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
#define Strncpy(d,s,n) wcsncpy(d,s,n)
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/chartype.h:104:25: [1] (buffer) wcsncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, or
automatically resizing strings.
#define Strncat(d,s,n) wcsncat(d,s,n)
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/chartype.h:120:34: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
#define ct_wcstombs(a, b, c) (strncpy(a, b, c), strlen(a))
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/chartype.h:120:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define ct_wcstombs(a, b, c) (strncpy(a, b, c), strlen(a))
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/chartype.h:121:34: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
#define ct_mbstowcs(a, b, c) (strncpy(a, b, c), strlen(a))
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/chartype.h:121:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define ct_mbstowcs(a, b, c) (strncpy(a, b, c), strlen(a))
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/chartype.h:147:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define Strlen(x) strlen(x)
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/chartype.h:153:25: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
#define Strncpy(d,s,n) strncpy(d,s,n)
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/chartype.h:154:25: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
#define Strncat(d,s,n) strncat(d,s,n)
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/common.c:368:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
num = FUN(el,getc)(el, &tc);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/fgetln.c:80:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*len = strlen(buf);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/filecomplete.c:110:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void)strncpy(temp, txt + 1, len - 2);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/filecomplete.c:140:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp = malloc(strlen(pass->pw_dir) + 1 + strlen(txt) + 1);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/filecomplete.c:140:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp = malloc(strlen(pass->pw_dir) + 1 + strlen(txt) + 1);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/filecomplete.c:171:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nptr = realloc(filename, strlen(temp) + 1);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/filecomplete.c:185:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void)strncpy(dirname, text, len);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/filecomplete.c:222:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
filename_len = filename ? strlen(filename) : 0;
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/filecomplete.c:237:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& strlen(entry->d_name) >= filename_len
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/filecomplete.c:246:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(entry->d_name);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/filecomplete.c:248:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp = malloc(strlen(dirname) + len + 1);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/filecomplete.c:316:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
max_equal = strlen(prevstr);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/filecomplete.c:329:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void)strncpy(retstr, match_list[1], max_equal);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/filecomplete.c:503:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
match_len = strlen(matches[i]);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/filecomplete.c:521:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (getc(stdin) != 'y')
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/key.c:285:15: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (FUN(el,getc)(el, ch) != 1) {/* if EOF or error */
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/read.c:203:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
chrs = read(el->el_infd, buf,
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/read.c:247:21: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((num = FUN(el,getc)(el, ch)) != 1) {/* if EOF or error */
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/read.c:323:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((num_read = read(el->el_infd, cbuf + cbp, 1)) == -1) {
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/read.c:381:8: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
FUN(el,getc)(EditLine *el, Char *cp)
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/readline.c:456:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(str);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/readline.c:457:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
with_len = strlen(with);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/readline.c:458:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
what_len = strlen(what);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/readline.c:477:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void)strncpy(r, with, with_len);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/readline.c:563:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void)strncpy(pat, cmd + begin, len);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/readline.c:657:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void)strncpy(aptr, command, offs);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/readline.c:823:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
from_len = strlen(from);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/readline.c:886:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*output = malloc(strlen(str) + 4 + 1);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/readline.c:912:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void)strncpy(&result[idx], what, len); \
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/readline.c:970:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(tmp);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/readline.c:1030:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(arr[i]) + 1;
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/readline.c:1038:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(arr[i]);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/readline.c:1101:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
(void)strncpy(temp, &str[start], len);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/readline.c:1868:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (int)strlen(text);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/readline.c:2044:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
num_read = read(el->el_infd, cp, 1);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/readline.c:2052:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
num_read = read(el->el_infd, cp, 1);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/readline.c:2057:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
num_read = read(el->el_infd, cp, 1);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/search.c:251:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (FUN(el,getc)(el, &ch) != 1)
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/search.c:603:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (FUN(el,getc)(el, &c) != 1)
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/strlcat.c:62:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(dlen + strlen(s));
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/sys.h:144:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
extern int fgetc(FILE *);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/term.c:400:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
clen = strlen(cap);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/term.c:402:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tlen = *str == NULL ? 0 : strlen(*str);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/term.c:1398:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(what, ct_encode_string(argv[1], &el->el_scratch), sizeof(what));
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/term.c:1400:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(how, ct_encode_string(argv[2], &el->el_scratch), sizeof(how));
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/tty.c:1188:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(name, ct_encode_string(*argv++, &el->el_scratch), sizeof(name));
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/tty.c:1229:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(el->el_tty.t_t[z][m->m_type].t_name);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/tty.c:1242:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cu = strlen(m->m_name) + (x != '\0') + 1;
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/vi.c:1036:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(cp);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/vi.c:1056:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
st = read(fd, cp, TMP_BUFSIZ);
data/eclipse-titan-7.1.1/mctr2/editline/libedit/src/wcsdup.c:35:8: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = wcslen(str) + 1;
data/eclipse-titan-7.1.1/mctr2/mctr/MainController.cc:2622:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(pipe_fd[0], &buf, 1) != 1) {
data/eclipse-titan-7.1.1/mctr2/mctr/MainController.cc:3486:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t arg_len = strlen(arguments);
data/eclipse-titan-7.1.1/mctr2/mctr/MainController.cc:6768:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(arguments);
data/eclipse-titan-7.1.1/mctr2/mctr/main.cc:215:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(ttcn3_asciiart_dir)==0) return;
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/Abstract_Socket.cc:1984:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ssl_key_file=new char[strlen(parameter_value)+1];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/Abstract_Socket.cc:1988:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ssl_trustedCAlist_file=new char[strlen(parameter_value)+1];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/Abstract_Socket.cc:1992:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ssl_certificate_file=new char[strlen(parameter_value)+1];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/Abstract_Socket.cc:1996:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ssl_cipher_list=new char[strlen(parameter_value)+1];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/Abstract_Socket.cc:1999:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ssl_password=new char[strlen(parameter_value)+1];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/Abstract_Socket.cc:2568:98: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
log_debug("Context is: %s; length = %lu", ssl_server_auth_session_id_context, (unsigned long)strlen((const char*)ssl_server_auth_session_id_context));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/Abstract_Socket.cc:2569:85: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (SSL_CTX_set_session_id_context(ssl_ctx, ssl_server_auth_session_id_context, strlen((const char*)ssl_server_auth_session_id_context))!=1)
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/Abstract_Socket.cc:2668:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int pass_len = strlen(pass) + 1;
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/Abstract_Socket.cc:2672:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(strlen(pass));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_NQueue_ExternalFunctions.cc:947:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *fn_dot = new char[strlen(name) + 5];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_NQueue_ExternalFunctions.cc:956:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *fn_png = new char[strlen(name) + 5];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_NQueue_ExternalFunctions.cc:975:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *tmp = new char[strlen(cmd) + strlen(fn_dot) + strlen(fn_png) + 1];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_NQueue_ExternalFunctions.cc:975:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *tmp = new char[strlen(cmd) + strlen(fn_dot) + strlen(fn_png) + 1];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_NQueue_ExternalFunctions.cc:975:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *tmp = new char[strlen(cmd) + strlen(fn_dot) + strlen(fn_png) + 1];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_RBT_ExternalFunctions.cc:235:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name = new char[strlen(pl_name) + 1];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_RBT_ExternalFunctions.cc:1245:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *fn_dot = new char[strlen(name) + 5];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_RBT_ExternalFunctions.cc:1254:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *fn_png = new char[strlen(name) + 5];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_RBT_ExternalFunctions.cc:1272:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *tmp = new char[strlen(cmd) + strlen(fn_dot) + strlen(fn_png) + 1];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_RBT_ExternalFunctions.cc:1272:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *tmp = new char[strlen(cmd) + strlen(fn_dot) + strlen(fn_png) + 1];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_RBT_ExternalFunctions.cc:1272:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *tmp = new char[strlen(cmd) + strlen(fn_dot) + strlen(fn_png) + 1];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_RBT_ExternalFunctions.cc:1477:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(src);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_TransportIPL2_ExternalFunctions.cc:791:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, " ");
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_TransportIPL2_ExternalFunctions.cc:811:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(format, " ");
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/EPTF_CLL_TransportIPL2_ExternalFunctions.cc:876:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pl__table[i].iface() = CHARSTRING(strlen(iface), (const char*)iface);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:114:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bool locName_empty=(strlen(locName)==0);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:116:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(portRef.defaultLocHost)==0){
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:639:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ssl_key_file=new char[strlen(parameter_value)+1];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:643:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ssl_trustedCAlist_file=new char[strlen(parameter_value)+1];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:647:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ssl_certificate_file=new char[strlen(parameter_value)+1];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:651:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ssl_cipher_list=new char[strlen(parameter_value)+1];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:654:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ssl_password=new char[strlen(parameter_value)+1];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:4559:96: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
log_debug("Context is: %s; length = %lu", ssl_server_auth_session_id_context, (unsigned long)strlen((const char*)ssl_server_auth_session_id_context));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:4560:83: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (SSL_CTX_set_session_id_context(ssl_ctx, ssl_server_auth_session_id_context, strlen((const char*)ssl_server_auth_session_id_context))!=1)
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:4661:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int pass_len = strlen(pass) + 1;
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:4665:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return(strlen(pass));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:5014:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(pipe_fds[0], &buf, 1) != 1){
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:5111:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep (500000);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:5181:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ip_struct[0].addrLength=strlen(ip_addr)+1;
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:5207:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ip_struct[i].addrLength=strlen(ip_addr)+1;
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:5437:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ip_struct.addrLength=strlen(rem_addr)+1;
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:5580:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int len = read(pipe_to_TTCN_thread_log_fds[0], &r, sizeof(thread_log *));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_PT.cc:5683:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ip_struct.addrLength=strlen(rem_addr)+1;
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_discovery.cc:626:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy ( filter, filterStr, sizeof ( filter ) - 1 );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_discovery.cc:628:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy ( ifName, ifNameStr, sizeof ( ifName ) - 1 );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_discovery.cc:657:11: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy ( errBuf, pcap_geterr ( pcap_hnd ), sizeof ( errBuf ) - 1 );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_discovery.cc:1076:5: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep ( 500 );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_discovery.cc:1091:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fNlen = strlen ( fName );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IPL4asp_discovery.cc:1665:5: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep ( 1000 );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IP_EncDec.cc:398:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return CHARSTRING(strlen(toAddr), toAddr);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/IP_EncDec.cc:656:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return CHARSTRING(strlen(toAddr), toAddr);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/LANL2asp_PT.cc:103:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(parameter_value);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/LANL2asp_PT.cc:122:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(parameter_value);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/LANL2asp_PT.cc:135:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(parameter_value);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/LANL2asp_PT.cc:152:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(parameter_value);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/LANL2asp_PT.cc:169:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(parameter_value);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/LANL2asp_PT.cc:320:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ifr.ifr_name, interface_name, IFNAMSIZ-1);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/LANL2asp_PT.cc:884:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ifr.ifr_name, interface_name, sizeof(ifr.ifr_name)-1);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/LANL2asp_PT.cc:895:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ifr.ifr_name, interface_name, sizeof(ifr.ifr_name)-1);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/LANL2asp_PT.cc:909:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ifr.ifr_name, interface_name, sizeof(ifr.ifr_name)-1);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/LANL2asp_PT.cc:920:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ifr.ifr_name, interface_name, sizeof(ifr.ifr_name)-1);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/PIPEasp_PT.cc:156:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = read(processServerUp,buffer,(int)nBytes);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/PIPEasp_PT.cc:968:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = read(processServerDown,buffer,(int)nBytes);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/PIPEasp_PT.cc:1043:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = read(processStdout,buffer,(int)nBytes);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/PIPEasp_PT.cc:1059:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = read(processStderr,buffer,(int)nBytes);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/PIPEasp_PT.cc:1075:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = read(processPty,buffer,(int)nBytes);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIP_parse_.tab.c:2372:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
# define yystrlen strlen
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIP_parse_.tab.c:4629:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t comment_buflen = strlen(comment_buf+1);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIP_parse_.tab.c:4645:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *atm=(char *)Malloc(strlen((yyvsp[(1) - (1)].sv))+1);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIP_parse_.tab.c:4705:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(yyvsp[(5) - (5)].sv)[strlen((yyvsp[(5) - (5)].sv))-1]='\0';
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIP_parse_.tab.c:7905:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len2 = strlen((yyvsp[(2) - (4)].sv));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIP_parse_.tab.c:7906:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t buflen = len2+strlen((yyvsp[(4) - (4)].sv))+2;
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIP_parse_.tab.c:7931:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len2 = strlen((yyvsp[(2) - (5)].sv));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIP_parse_.tab.c:7932:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t buflen = len2+strlen((yyvsp[(4) - (5)].sv))+2;
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIP_parse_.tab.c:9033:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j = string+strlen(string);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIP_parse_.tab.c:9059:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str[strlen(str)-1]='\0';
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:213:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
conn_list[0].addr=(char *)Realloc(conn_list[0].addr,strlen(target_addr) + 1);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:344:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
local_addr=(char *)Realloc(local_addr,strlen(parameter_value)+1);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:358:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
target_addr=(char *)Realloc(target_addr,strlen(parameter_value)+1);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:501:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int msg_in_len = strlen(msg_in_buffer);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:1328:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
conn_list[0].addr=(char *)Realloc(conn_list[0].addr,strlen(dest_comm_addr)+1);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:1458:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
msgsize=strlen(Method::enum_to_str(send_par.request().requestLine().method()))-2;
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:1459:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(msg_encode_buff, Method::enum_to_str(send_par.request().requestLine().method()),msgsize);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:1500:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
msgsize=strlen(Method::enum_to_str(send_par.requestLine().method()))-2;
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:1501:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(msg_encode_buff, Method::enum_to_str(send_par.requestLine().method()),msgsize);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:3243:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int mh=strlen(mit);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:3567:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
target_addr=(char *)Realloc(target_addr,strlen(destination_address->host()())+1);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:3627:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
target_addr=(char *)Realloc(target_addr,strlen(destination_address->remote__host()())+1);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:3633:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
local_addr=(char *)Realloc(local_addr,strlen(destination_address->local__host()())+1);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:3716:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
conn_list[0].addr=(char *)Realloc(conn_list[0].addr,strlen(dest_comm_addr)+1);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:3779:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
conn_list[index].addr=(char *)Realloc(conn_list[index].addr,strlen(hostname)+1);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:3861:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ELib::OctetString tmp(cid, strlen(cid));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:3874:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ELib::OctetString tmp(lastCpmtId, strlen(lastCpmtId));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:3896:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
OctetString um(msg, strlen(msg));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:3899:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
OctetString tmp(lastCpmtId, strlen(lastCpmtId));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:3934:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(msg);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:4171:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
msgsize=strlen(Method::enum_to_str(pdu.request().requestLine().method()))-2;
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:4172:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(msg_encode_buff, Method::enum_to_str(pdu.request().requestLine().method()),msgsize);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:4238:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
msgsize=strlen(Method::enum_to_str(pdu.request().requestLine().method()))-2;
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:4239:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(msg_encode_buff, Method::enum_to_str(pdu.request().requestLine().method()),msgsize);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:4434:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
msgsize=strlen(Method::enum_to_str(pdu.firstLine()().requestLine().method()))-2;
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:4435:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(msg_encode_buff, Method::enum_to_str(pdu.firstLine()().requestLine().method()),msgsize);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/SIPmsg_PT.cc:4479:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int spsp=strlen(data);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCFileIO.cc:652:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bytes = read (pl__fd, buf, pl__bytes);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCFileIO.cc:729:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int bytes = read (pl__fd, buf_tmp, BUF_SIZE);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCFileIO.cc:766:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (buf) >= strlen (pl__separator))
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCFileIO.cc:766:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (buf) >= strlen (pl__separator))
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCFileIO.cc:771:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen (pl__separator);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCFileIO.cc:815:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int bytes = read (pl__fd, &c, 1);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCFileIO.cc:885:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bytes = read (pl__fd, buf_tmp, BUF_SIZE);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCFileIO.cc:891:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bytes = read (pl__fd, buf_tmp, length);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCFileIO.cc:956:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int bytes = read (pl__fd, buf_tmp, BUF_SIZE);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCIPsec.cc:195:7: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep ( 0 );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface.cc:137:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ifname, interface_str, strlen(interface_str)-strlen(strchr(interface_str,':'))+2);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface.cc:137:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(ifname, interface_str, strlen(interface_str)-strlen(strchr(interface_str,':'))+2);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface.cc:137:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(ifname, interface_str, strlen(interface_str)-strlen(strchr(interface_str,':'))+2);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface.cc:138:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ifname[strlen(interface_str)-strlen(strchr(interface_str,':'))+1] = '\0';
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface.cc:138:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ifname[strlen(interface_str)-strlen(strchr(interface_str,':'))+1] = '\0';
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface.cc:143:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(ifname,":");
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface.cc:158:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(ifr.ifr_name, ifname, strlen(ifname));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface.cc:168:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(ifr.ifr_name, ifname, strlen(ifname));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface.cc:179:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(ifr.ifr_name, ifname, strlen(ifname));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface.cc:555:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ifr.ifr_name, interface, sizeof(ifr.ifr_name)-1);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface.cc:629:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ifr.ifr_name, interface, sizeof(ifr.ifr_name)-1);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface.cc:807:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *ip = (char *)malloc((ipaddress.lengthof() + strlen(buf) + 1 + 1)*sizeof(char));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TCCInterface.cc:809:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(ip,"/");
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TELNETasp_PT.cc:136:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(parameter_name) < 7) TTCN_error("%s: PROMPT "
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TELNETasp_PT.cc:144:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(parameter_value)!=0) {
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TELNETasp_PT.cc:153:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(parameter_name) < 13) TTCN_error("%s: REGEX_PROMPT "
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TELNETasp_PT.cc:161:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(parameter_value)!=0) {
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TELNETasp_PT.cc:170:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(parameter_name) < 16) TTCN_error("%s: REGEX_PROMPT "
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TELNETasp_PT.cc:178:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(parameter_value)!=0) {
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TELNETasp_PT.cc:387:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( ::send(nvtsock, ctrl_server_prompt, strlen(ctrl_server_prompt), 0) < 0)
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TELNETasp_PT.cc:398:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( ::send(nvtsock,ctrl_loginname_prompt, strlen(ctrl_loginname_prompt),0 ) < 0)
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TELNETasp_PT.cc:419:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ttcn_buf.set_pos(strlen((const char*)echobuf));
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TELNETasp_PT.cc:713:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
::send(nvtsock, ctrl_username, strlen(ctrl_username), 0);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TELNETasp_PT.cc:724:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
::send( nvtsock, ctrl_password, strlen(ctrl_password), 0);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TELNETasp_PT.cc:738:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(ctrl_domain))::send( nvtsock, ctrl_domain, strlen(ctrl_domain), 0);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TELNETasp_PT.cc:738:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(ctrl_domain))::send( nvtsock, ctrl_domain, strlen(ctrl_domain), 0);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TELNETasp_PT.cc:840:109: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (::send(nvtsock, (const char*) (send_par + "\r\n" + ctrl_server_prompt), send_par.lengthof() + 2 + strlen(ctrl_server_prompt), 0 ) < 0){
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TELNETasp_PT.cc:977:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
par = (char*) malloc(strlen(val)+1);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TELNETasp_PT.cc:1135:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
CMD.put_s(strlen(ctrl_terminal_type),
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TELNETasp_PT.cc:1321:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t s1_len = strlen(s1);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TELNETasp_PT.cc:1420:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(p)==0) TTCN_error("%s: prompt parameter must contain at "
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TELNETasp_PT.cc:1580:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (::send(fd, ctrl_password_prompt, strlen(ctrl_password_prompt), 0) < 0 )
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TELNETasp_PT.cc:1608:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (::send(fd, welcome, strlen(welcome), 0) < 0)
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TELNETasp_PT.cc:1610:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (::send(fd, ctrl_server_prompt, strlen(ctrl_server_prompt),0) < 0)
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TELNETasp_PT.cc:1695:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int s1_len = strlen(s1);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TELNETasp_PT.cc:1709:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int plen = strlen( pattern );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TELNETasp_PT.cc:1710:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int mlen = strlen( msg );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TELNETasp_PT.cc:1727:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
port_name = new char[strlen(p_port_name) + 1];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TELNETasp_PT.cc:1948:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
elems[index]->prompt = new char[strlen(p_prompt)+1];
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/TELNETasp_PT.cc:1999:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t prompt_len = strlen(elems[i]->prompt);
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:132638:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( (result = read( fileno(SIP_parse_in), (char *) buf, max_size )) < 0 ) \
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:135240:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SIP_parse_lval.sv[strlen(SIP_parse_lval.sv)-1]='\0';
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.SIP_parse_.c:136069:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return SIP_parse__scan_bytes(yystr,strlen(yystr) );
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.xtdp.c:9477:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
(c = getc( xtdpin )) != EOF && c != '\n'; ++n ) \
data/eclipse-titan-7.1.1/performance_test/SIPApplibPerfTest/src/lex.xtdp.c:14744:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return xtdp_scan_bytes(yystr,strlen(yystr) );
data/eclipse-titan-7.1.1/regression_test/XML/XmlWorkflow/PIPEasp_CNL113334/src/PIPEasp_PT.cc:105:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = read(processStdout,buffer,(int)nBytes);
data/eclipse-titan-7.1.1/regression_test/XML/XmlWorkflow/PIPEasp_CNL113334/src/PIPEasp_PT.cc:142:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = read(processStderr,buffer,(int)nBytes);
data/eclipse-titan-7.1.1/regression_test/XML/XmlWorkflow/PIPEasp_CNL113334/test/PIPEasp_PT.cc:112:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = read(processStdout,buffer,(int)nBytes);
data/eclipse-titan-7.1.1/regression_test/XML/XmlWorkflow/PIPEasp_CNL113334/test/PIPEasp_PT.cc:149:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = read(processStderr,buffer,(int)nBytes);
data/eclipse-titan-7.1.1/regression_test/cfgFile/testport_parameters/PCOType.cc:50:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int c = getc(stdin);
data/eclipse-titan-7.1.1/regression_test/compileonly/mfgen-tpd/buildconfig_param/HelloTpd/src/PCOType.cc:53:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int c = getc(stdin);
data/eclipse-titan-7.1.1/regression_test/compileonly/mfgen-tpd/invalid_buildconfig_param/HelloTpd/src/PCOType.cc:53:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int c = getc(stdin);
data/eclipse-titan-7.1.1/regression_test/compileonly/mfgen-tpd/invalid_buildconfig_tpd/Hello000/src/PCOType0.cc:53:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int c = getc(stdin);
data/eclipse-titan-7.1.1/regression_test/compileonly/mfgen-tpd/invalid_buildconfig_tpd/Hello123/src/PCOType1.cc:53:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int c = getc(stdin);
data/eclipse-titan-7.1.1/regression_test/compileonly/mfgen-tpd/invalid_buildconfig_tpd/HelloTpd/src/PCOType.cc:53:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int c = getc(stdin);
data/eclipse-titan-7.1.1/regression_test/compileonly/mfgen-tpd/library/HelloTpd/src/PCOType.cc:53:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int c = getc(stdin);
data/eclipse-titan-7.1.1/regression_test/compileonly/mfgen-tpd/search_paths/dep1/Test/src/PCOType.cc:40:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int c = getc(stdin);
data/eclipse-titan-7.1.1/regression_test/implicitMsgEncoding/PCOType.cc:60:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int c = getc(stdin);
data/eclipse-titan-7.1.1/regression_test/logFiles/extfunc.cc:34:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t str_len = strlen(line);
data/eclipse-titan-7.1.1/regression_test/makefilegen/makefilegen_envvar_test/testA/Test/src/PCOType.cc:40:11: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int c = getc(stdin);
data/eclipse-titan-7.1.1/regression_test/profiler/PIPEasp_PT.cc:105:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = read(processStdout,buffer,(int)nBytes);
data/eclipse-titan-7.1.1/regression_test/profiler/PIPEasp_PT.cc:142:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = read(processStderr,buffer,(int)nBytes);
data/eclipse-titan-7.1.1/regression_test/tryCatch/PCOType.cc:51:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int c = getc(stdin);
data/eclipse-titan-7.1.1/regression_test/ttcn2json/PIPEasp_PT.cc:105:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = read(processStdout,buffer,(int)nBytes);
data/eclipse-titan-7.1.1/regression_test/ttcn2json/PIPEasp_PT.cc:142:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = read(processStderr,buffer,(int)nBytes);
data/eclipse-titan-7.1.1/repgen/logfilter.c:156:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr1=buf+strlen(buf);
data/eclipse-titan-7.1.1/repgen/logfilter.c:161:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(*(ptr2+strlen(EventTypeNames[a]))==' '&& *(ptr2-1)==' '
data/eclipse-titan-7.1.1/repgen/logfilter.c:162:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& *(ptr2+strlen(EventTypeNames[a])+1)!='|')
data/eclipse-titan-7.1.1/repgen/logfilter.c:291:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(*(argv[a]+strlen(argv[a])-1)=='-') {/*type to ignore*/
data/eclipse-titan-7.1.1/repgen/logfilter.c:294:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(EventTypeNames[b]))&&strlen(EventTypeNames[b])==
data/eclipse-titan-7.1.1/repgen/logfilter.c:294:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(EventTypeNames[b]))&&strlen(EventTypeNames[b])==
data/eclipse-titan-7.1.1/repgen/logfilter.c:295:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(argv[a])-1) {
data/eclipse-titan-7.1.1/repgen/logfilter.c:300:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tmp,argv[a],sizeof(tmp)-1);
data/eclipse-titan-7.1.1/repgen/logfilter.c:301:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(argv[a])>sizeof(tmp)-1)
data/eclipse-titan-7.1.1/repgen/logfilter.c:303:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else tmp[strlen(argv[a])-1]='\0';
data/eclipse-titan-7.1.1/repgen/logfilter.c:305:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(tmp))fprintf(stderr,"Warning: %s is not a valid "
data/eclipse-titan-7.1.1/repgen/logfilter.c:314:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(*(argv[a]+strlen(argv[a])-1)=='+') {/*type to write out*/
data/eclipse-titan-7.1.1/repgen/logfilter.c:317:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(EventTypeNames[b]))&&strlen(EventTypeNames[b])==
data/eclipse-titan-7.1.1/repgen/logfilter.c:317:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(EventTypeNames[b]))&&strlen(EventTypeNames[b])==
data/eclipse-titan-7.1.1/repgen/logfilter.c:318:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(argv[a])-1) {
data/eclipse-titan-7.1.1/repgen/logfilter.c:323:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tmp,argv[a],sizeof(tmp)-1);
data/eclipse-titan-7.1.1/repgen/logfilter.c:324:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(argv[a])>sizeof(tmp)-1)
data/eclipse-titan-7.1.1/repgen/logfilter.c:326:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else tmp[strlen(argv[a])-1]='\0';
data/eclipse-titan-7.1.1/repgen/logfilter.c:328:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(tmp))fprintf(stderr,"Warning: %s is not a valid "
data/eclipse-titan-7.1.1/repgen/logmerge.c:188:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t name_len = strlen(path_name);
data/eclipse-titan-7.1.1/repgen/logmerge.c:410:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(str,TSstr,MAXTIMESTAMPLENGTH);
data/eclipse-titan-7.1.1/repgen/logmerge.c:488:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
a = strlen(buf);
data/eclipse-titan-7.1.1/repgen/repgen.c:145:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy ( buf, buf + colnum, bufpos + 1 );
data/eclipse-titan-7.1.1/repgen/repgen.c:163:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( code_srcdir[strlen(code_srcdir)-1] == '/' ) code_srcdir[strlen(code_srcdir)-1] = '\0';
data/eclipse-titan-7.1.1/repgen/repgen.c:163:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( code_srcdir[strlen(code_srcdir)-1] == '/' ) code_srcdir[strlen(code_srcdir)-1] = '\0';
data/eclipse-titan-7.1.1/repgen/repgen.c:197:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( ctemp && ( strncmp ( ctemp, tclist->tcname, strlen ( tclist->tcname ) ) == 0 ) )
data/eclipse-titan-7.1.1/repgen/repgen.c:209:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
indent = GetIndent ( inbuf, strlen ( inbuf ), indent, comment );
data/eclipse-titan-7.1.1/repgen/repgen.c:211:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
TruncateLine ( inbuf, strlen ( inbuf ), tablen, fillcol, wfile );
data/eclipse-titan-7.1.1/repgen/repgen.c:215:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
indent = GetIndent ( inbuf, strlen ( inbuf ), indent, comment );
data/eclipse-titan-7.1.1/repgen/repgen.c:218:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
TruncateLine ( inbuf, strlen ( inbuf ), tablen, fillcol, wfile );
data/eclipse-titan-7.1.1/repgen/repgen.c:273:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( log_absrcdir[strlen(log_absrcdir)-1] == '/' ) log_absrcdir[strlen(log_absrcdir)-1] = '\0';
data/eclipse-titan-7.1.1/repgen/repgen.c:273:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( log_absrcdir[strlen(log_absrcdir)-1] == '/' ) log_absrcdir[strlen(log_absrcdir)-1] = '\0';
data/eclipse-titan-7.1.1/repgen/repgen.c:380:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( dump_srcdir[strlen(dump_srcdir)-1] == '/' ) dump_srcdir[strlen(dump_srcdir)-1] = '\0';
data/eclipse-titan-7.1.1/repgen/repgen.c:380:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( dump_srcdir[strlen(dump_srcdir)-1] == '/' ) dump_srcdir[strlen(dump_srcdir)-1] = '\0';
data/eclipse-titan-7.1.1/repgen/repgen.c:418:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
GetIndent ( inbuf, strlen ( inbuf ), 0, 0 );
data/eclipse-titan-7.1.1/repgen/repgen.c:419:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
TruncateLine ( inbuf, strlen ( inbuf ), tablen, fillcol, wfile );
data/eclipse-titan-7.1.1/repgen/repgen.c:622:18: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ( ( c = getc ( rfile ) ) != EOF )
data/eclipse-titan-7.1.1/repgen/repgen.c:647:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( ctemp[strlen(ctemp)-1] == '\n' ) ctemp[strlen(ctemp)-1] = '\0';
data/eclipse-titan-7.1.1/repgen/repgen.c:647:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( ctemp[strlen(ctemp)-1] == '\n' ) ctemp[strlen(ctemp)-1] = '\0';
data/eclipse-titan-7.1.1/repgen/repgen.c:664:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( ctemp[strlen(ctemp)-1] == '\n' ) ctemp[strlen(ctemp)-1] = '\0';
data/eclipse-titan-7.1.1/repgen/repgen.c:664:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( ctemp[strlen(ctemp)-1] == '\n' ) ctemp[strlen(ctemp)-1] = '\0';
data/eclipse-titan-7.1.1/xsdconvert/XMLParser.cc:454:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
old_length = strlen(temp);
data/eclipse-titan-7.1.1/xsdconvert/converter.cc:382:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(name))
ANALYSIS SUMMARY:
Hits = 1856
Lines analyzed = 492388 in approximately 19.42 seconds (25352 lines/second)
Physical Source Lines of Code (SLOC) = 417547
Hits@level = [0] 1261 [1] 505 [2] 961 [3] 53 [4] 335 [5] 2
Hits@level+ = [0+] 3117 [1+] 1856 [2+] 1351 [3+] 390 [4+] 337 [5+] 2
Hits/KSLOC@level+ = [0+] 7.46503 [1+] 4.44501 [2+] 3.23556 [3+] 0.934027 [4+] 0.807095 [5+] 0.00478988
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.