Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/edfbrowser-1.79+dfsg/date_time_stamp_parser.c Examining data/edfbrowser-1.79+dfsg/edit_annotation_dock.h Examining data/edfbrowser-1.79+dfsg/z_ratio_filter.h Examining data/edfbrowser-1.79+dfsg/run_qrs_detector.cpp Examining data/edfbrowser-1.79+dfsg/options_dialog.h Examining data/edfbrowser-1.79+dfsg/show_edf_hdr.cpp Examining data/edfbrowser-1.79+dfsg/ecg_export.cpp Examining data/edfbrowser-1.79+dfsg/edit_predefined_mtg.cpp Examining data/edfbrowser-1.79+dfsg/print_to_edf.h Examining data/edfbrowser-1.79+dfsg/import_annotations.h Examining data/edfbrowser-1.79+dfsg/edit_predefined_mtg.h Examining data/edfbrowser-1.79+dfsg/pt_qrs.c Examining data/edfbrowser-1.79+dfsg/ascii2edf.h Examining data/edfbrowser-1.79+dfsg/jump_dialog.cpp Examining data/edfbrowser-1.79+dfsg/filter_dialog.h Examining data/edfbrowser-1.79+dfsg/fma_ecg2edf.h Examining data/edfbrowser-1.79+dfsg/biox2edf.cpp Examining data/edfbrowser-1.79+dfsg/signals_dialog.cpp Examining data/edfbrowser-1.79+dfsg/edf_helper.h Examining data/edfbrowser-1.79+dfsg/utc_date_time.c Examining data/edfbrowser-1.79+dfsg/averager_dialog.h Examining data/edfbrowser-1.79+dfsg/annotations_dock.cpp Examining data/edfbrowser-1.79+dfsg/mit2edf.cpp Examining data/edfbrowser-1.79+dfsg/hypnogram_dialog.cpp Examining data/edfbrowser-1.79+dfsg/emsa2edf.h Examining data/edfbrowser-1.79+dfsg/statistics_dialog.cpp Examining data/edfbrowser-1.79+dfsg/spike_filter.h Examining data/edfbrowser-1.79+dfsg/fir_filter_dialog.h Examining data/edfbrowser-1.79+dfsg/spectrum_dock.cpp Examining data/edfbrowser-1.79+dfsg/scp_ecg2edf.cpp Examining data/edfbrowser-1.79+dfsg/annotlist_filter_dialog.h Examining data/edfbrowser-1.79+dfsg/averager_dialog.cpp Examining data/edfbrowser-1.79+dfsg/wav2edf.h Examining data/edfbrowser-1.79+dfsg/view_montage_dialog.h Examining data/edfbrowser-1.79+dfsg/raw2edf.cpp Examining data/edfbrowser-1.79+dfsg/bdf2edf.h Examining data/edfbrowser-1.79+dfsg/signal_chooser.cpp Examining data/edfbrowser-1.79+dfsg/banned.h Examining data/edfbrowser-1.79+dfsg/edf_annotations.h Examining data/edfbrowser-1.79+dfsg/print_to_edf.cpp Examining data/edfbrowser-1.79+dfsg/edf_annot_list.c Examining data/edfbrowser-1.79+dfsg/fir_filter.h Examining data/edfbrowser-1.79+dfsg/xml.h Examining data/edfbrowser-1.79+dfsg/averager_curve_wnd.cpp Examining data/edfbrowser-1.79+dfsg/flywheel.cpp Examining data/edfbrowser-1.79+dfsg/filter.h Examining data/edfbrowser-1.79+dfsg/show_actual_montage_dialog.h Examining data/edfbrowser-1.79+dfsg/edf_compat.cpp Examining data/edfbrowser-1.79+dfsg/utc_date_time.h Examining data/edfbrowser-1.79+dfsg/hrv_dock.cpp Examining data/edfbrowser-1.79+dfsg/export_filtered_signals.h Examining data/edfbrowser-1.79+dfsg/nexfin2edf.cpp Examining data/edfbrowser-1.79+dfsg/check_for_updates.cpp Examining data/edfbrowser-1.79+dfsg/spectrum_dock.h Examining data/edfbrowser-1.79+dfsg/view_montage_dialog.cpp Examining data/edfbrowser-1.79+dfsg/nk2edf.h Examining data/edfbrowser-1.79+dfsg/ascii_export.cpp Examining data/edfbrowser-1.79+dfsg/run_qrs_detector.h Examining data/edfbrowser-1.79+dfsg/check_for_updates.h Examining data/edfbrowser-1.79+dfsg/mit2edf.h Examining data/edfbrowser-1.79+dfsg/statistics_dialog.h Examining data/edfbrowser-1.79+dfsg/hypnogram_dock.cpp Examining data/edfbrowser-1.79+dfsg/edf_helper.c Examining data/edfbrowser-1.79+dfsg/jump_dialog.h Examining data/edfbrowser-1.79+dfsg/about_dialog.cpp Examining data/edfbrowser-1.79+dfsg/videoplayer.cpp Examining data/edfbrowser-1.79+dfsg/options_dialog.cpp Examining data/edfbrowser-1.79+dfsg/unisens2edf.h Examining data/edfbrowser-1.79+dfsg/z_score_dialog.cpp Examining data/edfbrowser-1.79+dfsg/fino2edf.cpp Examining data/edfbrowser-1.79+dfsg/hypnogram_dock.h Examining data/edfbrowser-1.79+dfsg/colordialog.cpp Examining data/edfbrowser-1.79+dfsg/unisens2edf.cpp Examining data/edfbrowser-1.79+dfsg/filtercurve.cpp Examining data/edfbrowser-1.79+dfsg/fft_wrap.c Examining data/edfbrowser-1.79+dfsg/colordialog.h Examining data/edfbrowser-1.79+dfsg/annotations_dock.h Examining data/edfbrowser-1.79+dfsg/bdf_triggers.h Examining data/edfbrowser-1.79+dfsg/signal_chooser.h Examining data/edfbrowser-1.79+dfsg/ecg_statistics.h Examining data/edfbrowser-1.79+dfsg/about_dialog.h Examining data/edfbrowser-1.79+dfsg/active_file_chooser.cpp Examining data/edfbrowser-1.79+dfsg/plif_ecg_subtract_filter_dialog.h Examining data/edfbrowser-1.79+dfsg/bi9800.cpp Examining data/edfbrowser-1.79+dfsg/save_annots.cpp Examining data/edfbrowser-1.79+dfsg/export_annotations.h Examining data/edfbrowser-1.79+dfsg/hrv_dock.h Examining data/edfbrowser-1.79+dfsg/fft_wrap.h Examining data/edfbrowser-1.79+dfsg/viewbuf.cpp Examining data/edfbrowser-1.79+dfsg/spectrumanalyzer.h Examining data/edfbrowser-1.79+dfsg/raw2edf.h Examining data/edfbrowser-1.79+dfsg/biosemi2bdfplus.h Examining data/edfbrowser-1.79+dfsg/pt_qrs.h Examining data/edfbrowser-1.79+dfsg/show_edf_hdr.h Examining data/edfbrowser-1.79+dfsg/utils.c Examining data/edfbrowser-1.79+dfsg/mortara2edf.cpp Examining data/edfbrowser-1.79+dfsg/nk2edf.cpp Examining data/edfbrowser-1.79+dfsg/ishne2edf.h Examining data/edfbrowser-1.79+dfsg/export_annotations.cpp Examining data/edfbrowser-1.79+dfsg/bi9800.h Examining data/edfbrowser-1.79+dfsg/check_edf_file.h Examining data/edfbrowser-1.79+dfsg/global.h Examining data/edfbrowser-1.79+dfsg/cdsa_dialog.h Examining data/edfbrowser-1.79+dfsg/plif_ecg_subtract_filter.c Examining data/edfbrowser-1.79+dfsg/bdf_triggers.cpp Examining data/edfbrowser-1.79+dfsg/flywheel.h Examining data/edfbrowser-1.79+dfsg/export_filtered_signals.cpp Examining data/edfbrowser-1.79+dfsg/mainwindow_constr.cpp Examining data/edfbrowser-1.79+dfsg/fir_filter_dialog.cpp Examining data/edfbrowser-1.79+dfsg/fino2edf.h Examining data/edfbrowser-1.79+dfsg/adjustfiltersettings.h Examining data/edfbrowser-1.79+dfsg/manscan2edf.h Examining data/edfbrowser-1.79+dfsg/print_to_bdf.h Examining data/edfbrowser-1.79+dfsg/z_ratio_filter.c Examining data/edfbrowser-1.79+dfsg/edf_annotations.cpp Examining data/edfbrowser-1.79+dfsg/save_montage_dialog.cpp Examining data/edfbrowser-1.79+dfsg/nexfin2edf.h Examining data/edfbrowser-1.79+dfsg/spike_filter.c Examining data/edfbrowser-1.79+dfsg/ecg_filter.c Examining data/edfbrowser-1.79+dfsg/header_editor.cpp Examining data/edfbrowser-1.79+dfsg/filter_dialog.cpp Examining data/edfbrowser-1.79+dfsg/scp_ecg2edf.h Examining data/edfbrowser-1.79+dfsg/ishne2edf.cpp Examining data/edfbrowser-1.79+dfsg/spike_filter_dialog.h Examining data/edfbrowser-1.79+dfsg/fir_filter.c Examining data/edfbrowser-1.79+dfsg/filteredblockread.h Examining data/edfbrowser-1.79+dfsg/special_button.cpp Examining data/edfbrowser-1.79+dfsg/mortara2edf.h Examining data/edfbrowser-1.79+dfsg/cdsa_dock.h Examining data/edfbrowser-1.79+dfsg/filtercurve.h Examining data/edfbrowser-1.79+dfsg/load_montage_dialog.h Examining data/edfbrowser-1.79+dfsg/pagetime_dialog.h Examining data/edfbrowser-1.79+dfsg/viewcurve.h Examining data/edfbrowser-1.79+dfsg/reduce_signals.h Examining data/edfbrowser-1.79+dfsg/save_annots.h Examining data/edfbrowser-1.79+dfsg/adjustfiltersettings.cpp Examining data/edfbrowser-1.79+dfsg/cdsa_dialog.cpp Examining data/edfbrowser-1.79+dfsg/edit_annotation_dock.cpp Examining data/edfbrowser-1.79+dfsg/utils.h Examining data/edfbrowser-1.79+dfsg/pagetime_dialog.cpp Examining data/edfbrowser-1.79+dfsg/main.cpp Examining data/edfbrowser-1.79+dfsg/signals_dialog.h Examining data/edfbrowser-1.79+dfsg/spectrumanalyzer.cpp Examining data/edfbrowser-1.79+dfsg/save_montage_dialog.h Examining data/edfbrowser-1.79+dfsg/print_to_bdf.cpp Examining data/edfbrowser-1.79+dfsg/ecg_filter.h Examining data/edfbrowser-1.79+dfsg/edf_compat.h Examining data/edfbrowser-1.79+dfsg/ascii2edf.cpp Examining data/edfbrowser-1.79+dfsg/import_annotations.cpp Examining data/edfbrowser-1.79+dfsg/averager_curve_wnd.h Examining data/edfbrowser-1.79+dfsg/wav2edf.cpp Examining data/edfbrowser-1.79+dfsg/ecg_statistics.c Examining data/edfbrowser-1.79+dfsg/viewcurve.cpp Examining data/edfbrowser-1.79+dfsg/ecg_export.h Examining data/edfbrowser-1.79+dfsg/ravg_filter.c Examining data/edfbrowser-1.79+dfsg/bdf2edf.cpp Examining data/edfbrowser-1.79+dfsg/edfplusd_cnv.h Examining data/edfbrowser-1.79+dfsg/z_score_dialog.h Examining data/edfbrowser-1.79+dfsg/spike_filter_dialog.cpp Examining data/edfbrowser-1.79+dfsg/load_montage_dialog.cpp Examining data/edfbrowser-1.79+dfsg/cdsa_dock.cpp Examining data/edfbrowser-1.79+dfsg/plif_ecg_subtract_filter_dialog.cpp Examining data/edfbrowser-1.79+dfsg/fma_ecg2edf.cpp Examining data/edfbrowser-1.79+dfsg/ravg_filter.h Examining data/edfbrowser-1.79+dfsg/biox2edf.h Examining data/edfbrowser-1.79+dfsg/signalcurve.cpp Examining data/edfbrowser-1.79+dfsg/edfplusd_cnv.cpp Examining data/edfbrowser-1.79+dfsg/show_actual_montage_dialog.cpp Examining data/edfbrowser-1.79+dfsg/xml.c Examining data/edfbrowser-1.79+dfsg/read_write_settings.cpp Examining data/edfbrowser-1.79+dfsg/edf_annot_list.h Examining data/edfbrowser-1.79+dfsg/plif_ecg_subtract_filter.h Examining data/edfbrowser-1.79+dfsg/third_party/fidlib/fidlib.c Examining data/edfbrowser-1.79+dfsg/third_party/fidlib/fidlib.h Examining data/edfbrowser-1.79+dfsg/third_party/fidlib/fidrf_cmdlist.h Examining data/edfbrowser-1.79+dfsg/third_party/fidlib/fidmkf.h Examining data/edfbrowser-1.79+dfsg/third_party/kiss_fft/kiss_fft.h Examining data/edfbrowser-1.79+dfsg/third_party/kiss_fft/kiss_fftr.h Examining data/edfbrowser-1.79+dfsg/third_party/kiss_fft/kiss_fftr.c Examining data/edfbrowser-1.79+dfsg/third_party/kiss_fft/kiss_fft.c Examining data/edfbrowser-1.79+dfsg/third_party/kiss_fft/_kiss_fft_guts.h Examining data/edfbrowser-1.79+dfsg/filter.c Examining data/edfbrowser-1.79+dfsg/special_button.h Examining data/edfbrowser-1.79+dfsg/header_editor.h Examining data/edfbrowser-1.79+dfsg/active_file_chooser.h Examining data/edfbrowser-1.79+dfsg/ascii_export.h Examining data/edfbrowser-1.79+dfsg/filteredblockread.cpp Examining data/edfbrowser-1.79+dfsg/mainwindow.cpp Examining data/edfbrowser-1.79+dfsg/hypnogram_dialog.h Examining data/edfbrowser-1.79+dfsg/manscan2edf.cpp Examining data/edfbrowser-1.79+dfsg/check_edf_file.cpp Examining data/edfbrowser-1.79+dfsg/emsa2edf.cpp Examining data/edfbrowser-1.79+dfsg/mainwindow.h Examining data/edfbrowser-1.79+dfsg/date_time_stamp_parser.h Examining data/edfbrowser-1.79+dfsg/annotlist_filter_dialog.cpp Examining data/edfbrowser-1.79+dfsg/reduce_signals.cpp Examining data/edfbrowser-1.79+dfsg/signalcurve.h Examining data/edfbrowser-1.79+dfsg/biosemi2bdfplus.cpp FINAL RESULTS: data/edfbrowser-1.79+dfsg/banned.h:14:8: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). #undef strcpy data/edfbrowser-1.79+dfsg/banned.h:15:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). #define strcpy(x,y) BANNED(strcpy) data/edfbrowser-1.79+dfsg/banned.h:15:28: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). #define strcpy(x,y) BANNED(strcpy) data/edfbrowser-1.79+dfsg/banned.h:16:8: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). #undef strcat data/edfbrowser-1.79+dfsg/banned.h:17:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). #define strcat(x,y) BANNED(strcat) data/edfbrowser-1.79+dfsg/banned.h:17:28: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). #define strcat(x,y) BANNED(strcat) data/edfbrowser-1.79+dfsg/banned.h:23:8: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. #undef sprintf data/edfbrowser-1.79+dfsg/banned.h:24:8: [4] (buffer) vsprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. #undef vsprintf data/edfbrowser-1.79+dfsg/banned.h:26:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. #define sprintf(...) BANNED(sprintf) data/edfbrowser-1.79+dfsg/banned.h:26:29: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. #define sprintf(...) BANNED(sprintf) data/edfbrowser-1.79+dfsg/banned.h:27:9: [4] (buffer) vsprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. #define vsprintf(...) BANNED(vsprintf) data/edfbrowser-1.79+dfsg/banned.h:27:30: [4] (buffer) vsprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. #define vsprintf(...) BANNED(vsprintf) data/edfbrowser-1.79+dfsg/banned.h:29:9: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. #define sprintf(buf,fmt,arg) BANNED(sprintf) data/edfbrowser-1.79+dfsg/banned.h:29:37: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. #define sprintf(buf,fmt,arg) BANNED(sprintf) data/edfbrowser-1.79+dfsg/banned.h:30:9: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. #define vsprintf(buf,fmt,arg) BANNED(vsprintf) data/edfbrowser-1.79+dfsg/banned.h:30:38: [4] (buffer) vsprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. #define vsprintf(buf,fmt,arg) BANNED(vsprintf) data/edfbrowser-1.79+dfsg/check_for_updates.cpp:117:3: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(buf, 128, PROGRAM_VERSION); data/edfbrowser-1.79+dfsg/mainwindow.cpp:1934:7: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(str, 256, PROGRAM_NAME " subject %s birthdate %s startdate %s", data/edfbrowser-1.79+dfsg/mainwindow.cpp:1947:7: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(str, 256, PROGRAM_NAME " %s startdate %i %s %i", data/edfbrowser-1.79+dfsg/third_party/fidlib/fidlib.c:278:10: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #ifndef vsnprintf data/edfbrowser-1.79+dfsg/third_party/fidlib/fidlib.c:279:11: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define vsnprintf _vsnprintf data/edfbrowser-1.79+dfsg/third_party/fidlib/fidlib.c:281:10: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #ifndef snprintf data/edfbrowser-1.79+dfsg/third_party/fidlib/fidlib.c:282:11: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/edfbrowser-1.79+dfsg/third_party/fidlib/fidlib.c:282:20: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/edfbrowser-1.79+dfsg/third_party/fidlib/fidlib.c:309:4: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(buf, sizeof(buf), fmt, ap); // Ignore overflow data/edfbrowser-1.79+dfsg/third_party/fidlib/fidlib.c:324:9: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. len= vsnprintf(buf, sizeof(buf), fmt, ap); data/edfbrowser-1.79+dfsg/third_party/fidlib/fidlib.c:1969:16: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. case 1: sprintf(buf, "/%s%.15g", sp.adj ? "=" : "", sp.f0); break; data/edfbrowser-1.79+dfsg/third_party/fidlib/fidlib.c:1970:16: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. case 2: sprintf(buf, "/%s%.15g-%.15g", sp.adj ? "=" : "", sp.f0, sp.f1); break; data/edfbrowser-1.79+dfsg/third_party/fidlib/fidlib.c:1976:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(rv+sp.minlen, buf); data/edfbrowser-1.79+dfsg/viewcurve.cpp:2041:11: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(string, 128, str2, data/edfbrowser-1.79+dfsg/viewcurve.cpp:2046:11: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(string, 128, str2, data/edfbrowser-1.79+dfsg/viewcurve.cpp:2056:11: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(string, 128, str2, data/edfbrowser-1.79+dfsg/viewcurve.cpp:2061:11: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(string, 128, str2, data/edfbrowser-1.79+dfsg/read_write_settings.cpp:119:21: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. strlcpy(cfg_path, getenv("HOME"), MAX_PATH_LENGTH); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:311:21: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. strlcpy(cfg_path, getenv("HOME"), MAX_PATH_LENGTH); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:508:21: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. strlcpy(cfg_path, getenv("HOME"), MAX_PATH_LENGTH); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:2115:21: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. strlcpy(cfg_path, getenv("HOME"), MAX_PATH_LENGTH); data/edfbrowser-1.79+dfsg/about_dialog.cpp:34:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[1024]; data/edfbrowser-1.79+dfsg/adjustfiltersettings.cpp:57:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char txtbuf[2048]; data/edfbrowser-1.79+dfsg/adjustfiltersettings.cpp:160:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char txtbuf[2048]={""}; data/edfbrowser-1.79+dfsg/adjustfiltersettings.cpp:518:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *filter_spec, data/edfbrowser-1.79+dfsg/annotations_dock.cpp:176:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[4096]=""; data/edfbrowser-1.79+dfsg/annotations_dock.cpp:251:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[4096]=""; data/edfbrowser-1.79+dfsg/annotations_dock.cpp:458:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filter_str[32]; data/edfbrowser-1.79+dfsg/annotations_dock.cpp:717:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str1[MAX_ANNOTATION_LEN], data/edfbrowser-1.79+dfsg/annotations_dock.cpp:775:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str1[MAX_ANNOTATION_LEN], data/edfbrowser-1.79+dfsg/annotations_dock.cpp:911:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[MAX_ANNOTATION_LEN + 32]; data/edfbrowser-1.79+dfsg/annotlist_filter_dialog.cpp:191:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char annot_str[MAX_ANNOTATION_LEN + 1]; data/edfbrowser-1.79+dfsg/annotlist_filter_dialog.h:100:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sel_annot_str[MAX_ANNOTATION_LEN + 1]; data/edfbrowser-1.79+dfsg/ascii2edf.cpp:301:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAX_PATH_LENGTH], data/edfbrowser-1.79+dfsg/ascii2edf.cpp:1186:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAX_PATH_LENGTH], data/edfbrowser-1.79+dfsg/ascii2edf.cpp:1297:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAX_PATH_LENGTH], data/edfbrowser-1.79+dfsg/ascii2edf.cpp:1385:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). temp = atoi(result); data/edfbrowser-1.79+dfsg/ascii2edf.cpp:1413:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). temp = atoi(result); data/edfbrowser-1.79+dfsg/ascii2edf.cpp:1460:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). autoPhysicalMaximum = atoi(result); data/edfbrowser-1.79+dfsg/ascii2edf.cpp:1485:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). edf_format = atoi(result); data/edfbrowser-1.79+dfsg/ascii2edf.cpp:1616:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[128], data/edfbrowser-1.79+dfsg/ascii2edf.cpp:1849:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char p_path[MAX_PATH_LENGTH]; data/edfbrowser-1.79+dfsg/ascii_export.cpp:110:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAX_PATH_LENGTH], data/edfbrowser-1.79+dfsg/ascii_export.cpp:124:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char four[4]; data/edfbrowser-1.79+dfsg/ascii_export.cpp:221:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). edfsignals = atoi(scratchpad); data/edfbrowser-1.79+dfsg/ascii_export.cpp:249:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). datarecords = atoi(scratchpad); data/edfbrowser-1.79+dfsg/ascii_export.cpp:257:15: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. if(((signed char *)edf_hdr)[0]==-1) data/edfbrowser-1.79+dfsg/ascii_export.cpp:320:39: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). edfparamascii[i].smp_per_record = atoi(scratchpad); data/edfbrowser-1.79+dfsg/ascii_export.cpp:331:32: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). edfparamascii[i].dig_min = atoi(scratchpad); data/edfbrowser-1.79+dfsg/ascii_export.cpp:334:32: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). edfparamascii[i].dig_max = atoi(scratchpad); data/edfbrowser-1.79+dfsg/ascii_export.cpp:440:31: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). fprintf(outputfile, "%i\n", atoi(scratchpad) - nr_annot_chns); data/edfbrowser-1.79+dfsg/ascii_export.cpp:731:39: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. if((((unsigned char *)scratchpad)[m] < 32) || (((unsigned char *)scratchpad)[m] == ',')) data/edfbrowser-1.79+dfsg/ascii_export.cpp:731:82: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. if((((unsigned char *)scratchpad)[m] < 32) || (((unsigned char *)scratchpad)[m] == ',')) data/edfbrowser-1.79+dfsg/averager_curve_wnd.cpp:45:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[1024]={""}; data/edfbrowser-1.79+dfsg/averager_curve_wnd.cpp:227:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAX_PATH_LENGTH], data/edfbrowser-1.79+dfsg/averager_curve_wnd.h:109:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char avg_annotation[MAX_ANNOTATION_LEN + 1]; data/edfbrowser-1.79+dfsg/averager_dialog.cpp:187:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[MAX_ANNOTATION_LEN + 1], data/edfbrowser-1.79+dfsg/averager_dialog.cpp:519:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char four[4]; data/edfbrowser-1.79+dfsg/averager_dialog.cpp:617:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(signalcomp->fidbuf[k], signalcomp->fidbuf2[k], fid_run_bufsize(signalcomp->fid_run[k])); data/edfbrowser-1.79+dfsg/averager_dialog.h:107:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char annot_str[MAX_ANNOTATION_LEN + 1]; data/edfbrowser-1.79+dfsg/bdf2edf.cpp:244:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char txt_string[2048]; data/edfbrowser-1.79+dfsg/bdf2edf.cpp:355:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *readbuf, data/edfbrowser-1.79+dfsg/bdf2edf.cpp:363:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char four[4]; data/edfbrowser-1.79+dfsg/bdf2edf.cpp:368:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char two_bytes[2]; data/edfbrowser-1.79+dfsg/bdf2edf.h:100:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char inputpath[MAX_PATH_LENGTH], data/edfbrowser-1.79+dfsg/bi9800.cpp:96:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAX_PATH_LENGTH], data/edfbrowser-1.79+dfsg/bi9800.cpp:174:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). samplefreq = atoi(str + 14); data/edfbrowser-1.79+dfsg/bi9800.cpp:215:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). startdate_year = atoi(str2); data/edfbrowser-1.79+dfsg/bi9800.cpp:216:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). startdate_month = atoi(str2 + 5); data/edfbrowser-1.79+dfsg/bi9800.cpp:217:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). startdate_day = atoi(str2 + 8); data/edfbrowser-1.79+dfsg/bi9800.cpp:238:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). starttime_hour = atoi(str2); data/edfbrowser-1.79+dfsg/bi9800.cpp:239:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). starttime_minute = atoi(str2 + 3); data/edfbrowser-1.79+dfsg/bi9800.cpp:240:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). starttime_second = atoi(str2 + 6); data/edfbrowser-1.79+dfsg/bi9800.cpp:261:11: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if((atoi(str2) != 24) && (atoi(str2) != 48)) data/edfbrowser-1.79+dfsg/bi9800.cpp:261:33: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if((atoi(str2) != 24) && (atoi(str2) != 48)) data/edfbrowser-1.79+dfsg/bi9800.cpp:469:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). starttime_hour = atoi(str); data/edfbrowser-1.79+dfsg/bi9800.cpp:470:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). starttime_minute = atoi(str + 3); data/edfbrowser-1.79+dfsg/bi9800.cpp:471:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). starttime_second = atoi(str + 6); data/edfbrowser-1.79+dfsg/biosemi2bdfplus.cpp:38:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[128]={""}; data/edfbrowser-1.79+dfsg/biosemi2bdfplus.cpp:154:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[2048], data/edfbrowser-1.79+dfsg/biosemi2bdfplus.h:94:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char inputpath[MAX_PATH_LENGTH], data/edfbrowser-1.79+dfsg/biox2edf.cpp:102:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[512], data/edfbrowser-1.79+dfsg/cdsa_dialog.cpp:37:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[1024]={""}; data/edfbrowser-1.79+dfsg/cdsa_dock.cpp:34:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[1024]={""}; data/edfbrowser-1.79+dfsg/cdsa_dock.cpp:163:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[4096]={"CDSA "}, data/edfbrowser-1.79+dfsg/cdsa_dock.cpp:313:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[128]={""}; data/edfbrowser-1.79+dfsg/cdsa_dock.cpp:449:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[32]={""}; data/edfbrowser-1.79+dfsg/cdsa_dock.cpp:625:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[64]={""}; data/edfbrowser-1.79+dfsg/cdsa_dock.h:102:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char unit[32]; data/edfbrowser-1.79+dfsg/cdsa_dock.h:207:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char unit[32]; data/edfbrowser-1.79+dfsg/cdsa_dock.h:237:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char unit[32]; data/edfbrowser-1.79+dfsg/check_edf_file.cpp:39:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *edf_hdr, data/edfbrowser-1.79+dfsg/check_edf_file.cpp:78:15: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. if(((signed char *)scratchpad)[0]==-1) // BDF-file data/edfbrowser-1.79+dfsg/check_edf_file.cpp:141:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. if((((unsigned char *)scratchpad)[i]<32)||(((unsigned char *)scratchpad)[i]>126)) data/edfbrowser-1.79+dfsg/check_edf_file.cpp:141:59: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. if((((unsigned char *)scratchpad)[i]<32)||(((unsigned char *)scratchpad)[i]>126)) data/edfbrowser-1.79+dfsg/check_edf_file.cpp:161:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. if((((unsigned char *)scratchpad)[i]<32)||(((unsigned char *)scratchpad)[i]>126)) data/edfbrowser-1.79+dfsg/check_edf_file.cpp:161:59: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. if((((unsigned char *)scratchpad)[i]<32)||(((unsigned char *)scratchpad)[i]>126)) data/edfbrowser-1.79+dfsg/check_edf_file.cpp:224:7: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if((atoi(scratchpad)<1)||(atoi(scratchpad)>31)) data/edfbrowser-1.79+dfsg/check_edf_file.cpp:224:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if((atoi(scratchpad)<1)||(atoi(scratchpad)>31)) data/edfbrowser-1.79+dfsg/check_edf_file.cpp:235:7: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if((atoi(scratchpad+3)<1)||(atoi(scratchpad+3)>12)) data/edfbrowser-1.79+dfsg/check_edf_file.cpp:235:31: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if((atoi(scratchpad+3)<1)||(atoi(scratchpad+3)>12)) data/edfbrowser-1.79+dfsg/check_edf_file.cpp:247:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). date_time.day = atoi(scratchpad); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:248:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). date_time.month = atoi(scratchpad + 3); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:249:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). date_time.year = atoi(scratchpad + 6); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:311:6: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(atoi(scratchpad)>23) data/edfbrowser-1.79+dfsg/check_edf_file.cpp:323:6: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(atoi(scratchpad+3)>59) data/edfbrowser-1.79+dfsg/check_edf_file.cpp:335:6: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(atoi(scratchpad+6)>59) data/edfbrowser-1.79+dfsg/check_edf_file.cpp:347:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). date_time.hour = atoi(scratchpad); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:348:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). date_time.minute = atoi(scratchpad + 3); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:349:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). date_time.second = atoi(scratchpad + 6); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:353:32: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). edfhdr->l_starttime = 3600 * atoi(scratchpad); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:354:31: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). edfhdr->l_starttime += 60 * atoi(scratchpad + 3); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:355:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). edfhdr->l_starttime += atoi(scratchpad + 6); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:383:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). edfhdr->edfsignals = atoi(scratchpad); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:429:8: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). n = atoi(scratchpad); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:517:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). edfhdr->datarecords = atoi(scratchpad); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:871:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). n = atoi(scratchpad); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:970:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). n = atoi(scratchpad); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:1140:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). n = atoi(scratchpad); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:1265:11: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if((atoi(scratchpad2)<1)||(atoi(scratchpad2)>31)) error = 1; data/edfbrowser-1.79+dfsg/check_edf_file.cpp:1265:34: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if((atoi(scratchpad2)<1)||(atoi(scratchpad2)>31)) error = 1; data/edfbrowser-1.79+dfsg/check_edf_file.cpp:1417:11: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if((atoi(scratchpad2)<1)||(atoi(scratchpad2)>31)) error = 1; data/edfbrowser-1.79+dfsg/check_edf_file.cpp:1417:34: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if((atoi(scratchpad2)<1)||(atoi(scratchpad2)>31)) error = 1; data/edfbrowser-1.79+dfsg/check_edf_file.cpp:1482:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(atoi(scratchpad)!=atoi(scratchpad2)) error = 1; data/edfbrowser-1.79+dfsg/check_edf_file.cpp:1482:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(atoi(scratchpad)!=atoi(scratchpad2)) error = 1; data/edfbrowser-1.79+dfsg/check_edf_file.cpp:1483:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(atoi(scratchpad+3)!=r) error = 1; data/edfbrowser-1.79+dfsg/check_edf_file.cpp:1484:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(atoi(scratchpad+6)!=atoi(scratchpad2+9)) error = 1; data/edfbrowser-1.79+dfsg/check_edf_file.cpp:1484:30: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(atoi(scratchpad+6)!=atoi(scratchpad2+9)) error = 1; data/edfbrowser-1.79+dfsg/check_edf_file.cpp:1507:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). date_time.year = atoi(scratchpad2 + 7); data/edfbrowser-1.79+dfsg/check_for_updates.cpp:66:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[128]; data/edfbrowser-1.79+dfsg/check_for_updates.cpp:110:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). latest_version = atoi(buf + 27); data/edfbrowser-1.79+dfsg/check_for_updates.cpp:121:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). this_version = atoi(buf + 1); data/edfbrowser-1.79+dfsg/date_time_stamp_parser.c:45:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[1024], data/edfbrowser-1.79+dfsg/date_time_stamp_parser.c:94:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). dat_time.day = atoi(ptr); data/edfbrowser-1.79+dfsg/date_time_stamp_parser.c:95:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). dat_time.year = atoi(ptr + 7); data/edfbrowser-1.79+dfsg/date_time_stamp_parser.c:96:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). dat_time.hour = atoi(ptr + 12); data/edfbrowser-1.79+dfsg/date_time_stamp_parser.c:97:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). dat_time.minute = atoi(ptr + 15); data/edfbrowser-1.79+dfsg/date_time_stamp_parser.c:98:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). dat_time.second = atoi(ptr + 18); data/edfbrowser-1.79+dfsg/ecg_export.cpp:134:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAX_PATH_LENGTH], data/edfbrowser-1.79+dfsg/ecg_export.cpp:477:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char p_path[MAX_PATH_LENGTH]; data/edfbrowser-1.79+dfsg/edf_annot_list.c:324:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cpy->items, list->items, cpy->mem_sz * sizeof(struct annotationblock)); data/edfbrowser-1.79+dfsg/edf_annot_list.c:326:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cpy->idx, list->idx, cpy->mem_sz * sizeof(int)); data/edfbrowser-1.79+dfsg/edf_annot_list.c:374:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(destlist->items, srclist->items, destlist->mem_sz * sizeof(struct annotationblock)); data/edfbrowser-1.79+dfsg/edf_annot_list.c:376:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(destlist->idx, srclist->idx, destlist->mem_sz * sizeof(int)); data/edfbrowser-1.79+dfsg/edf_annot_list.c:438:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char scratchpad[1024]; data/edfbrowser-1.79+dfsg/edf_annot_list.h:46:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char duration[16]; data/edfbrowser-1.79+dfsg/edf_annot_list.h:48:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char description[MAX_ANNOTATION_LEN_II + 1]; data/edfbrowser-1.79+dfsg/edf_annotations.cpp:69:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *scratchpad, data/edfbrowser-1.79+dfsg/edf_compat.cpp:112:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *scratchpad, data/edfbrowser-1.79+dfsg/edf_compat.cpp:125:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char four[4]; data/edfbrowser-1.79+dfsg/edf_helper.c:37:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char scratchpad[256]; data/edfbrowser-1.79+dfsg/edfplusd_cnv.cpp:105:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char txt_string[2048], data/edfbrowser-1.79+dfsg/edit_predefined_mtg.cpp:37:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[1200]; data/edfbrowser-1.79+dfsg/edit_predefined_mtg.cpp:118:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[1200], data/edfbrowser-1.79+dfsg/edit_predefined_mtg.cpp:146:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[32]; data/edfbrowser-1.79+dfsg/emsa2edf.cpp:114:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAX_PATH_LENGTH], data/edfbrowser-1.79+dfsg/emsa2edf.cpp:132:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[4]; data/edfbrowser-1.79+dfsg/emsa2edf.cpp:259:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). year = atoi(scratchpad); data/edfbrowser-1.79+dfsg/emsa2edf.cpp:280:7: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if((atoi(date)<1)||(atoi(date)>31)) error = 1; data/edfbrowser-1.79+dfsg/emsa2edf.cpp:280:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if((atoi(date)<1)||(atoi(date)>31)) error = 1; data/edfbrowser-1.79+dfsg/emsa2edf.cpp:281:7: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if((atoi(date+3)<1)||(atoi(date+3)>12)) error = 1; data/edfbrowser-1.79+dfsg/emsa2edf.cpp:281:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if((atoi(date+3)<1)||(atoi(date+3)>12)) error = 1; data/edfbrowser-1.79+dfsg/emsa2edf.cpp:282:6: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(atoi(time)>23) error = 1; data/edfbrowser-1.79+dfsg/emsa2edf.cpp:283:6: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(atoi(time+3)>59) error = 1; data/edfbrowser-1.79+dfsg/emsa2edf.cpp:284:6: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(atoi(time+6)>59) error = 1; data/edfbrowser-1.79+dfsg/emsa2edf.cpp:297:7: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). i = atoi(date+3); data/edfbrowser-1.79+dfsg/emsa2edf.cpp:340:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). b_date = atoi(scratchpad+6); data/edfbrowser-1.79+dfsg/emsa2edf.cpp:343:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). i = atoi(scratchpad+4); data/edfbrowser-1.79+dfsg/emsa2edf.cpp:375:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). b_year = atoi(scratchpad); data/edfbrowser-1.79+dfsg/emsa2edf.cpp:550:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(atoi(scratchpad)>23) error = 1; data/edfbrowser-1.79+dfsg/emsa2edf.cpp:551:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(atoi(scratchpad+3)>59) error = 1; data/edfbrowser-1.79+dfsg/emsa2edf.cpp:552:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(atoi(scratchpad+6)>59) error = 1; data/edfbrowser-1.79+dfsg/emsa2edf.cpp:562:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). time_on = atoi(scratchpad) * 3600; data/edfbrowser-1.79+dfsg/emsa2edf.cpp:563:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). time_on += atoi(scratchpad+3) * 60; data/edfbrowser-1.79+dfsg/emsa2edf.cpp:564:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). time_on += atoi(scratchpad+6); data/edfbrowser-1.79+dfsg/emsa2edf.cpp:587:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(atoi(scratchpad)>23) error = 1; data/edfbrowser-1.79+dfsg/emsa2edf.cpp:588:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(atoi(scratchpad+3)>59) error = 1; data/edfbrowser-1.79+dfsg/emsa2edf.cpp:589:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(atoi(scratchpad+6)>59) error = 1; data/edfbrowser-1.79+dfsg/emsa2edf.cpp:599:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). time_off = atoi(scratchpad) * 3600; data/edfbrowser-1.79+dfsg/emsa2edf.cpp:600:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). time_off += atoi(scratchpad+3) * 60; data/edfbrowser-1.79+dfsg/emsa2edf.cpp:601:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). time_off += atoi(scratchpad+6); data/edfbrowser-1.79+dfsg/emsa2edf.cpp:619:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). k = (atoi(time) * 3600); data/edfbrowser-1.79+dfsg/emsa2edf.cpp:620:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). k += (atoi(time+3) * 60); data/edfbrowser-1.79+dfsg/emsa2edf.cpp:621:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). k += atoi(time+6); data/edfbrowser-1.79+dfsg/emsa2edf.cpp:704:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). outputfile = fopen(path, "wb"); data/edfbrowser-1.79+dfsg/emsa2edf.cpp:730:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). atoi(date), data/edfbrowser-1.79+dfsg/emsa2edf.h:87:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char description[80]; data/edfbrowser-1.79+dfsg/export_annotations.cpp:234:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAX_PATH_LENGTH], data/edfbrowser-1.79+dfsg/export_annotations.cpp:463:24: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. if((((unsigned char *)str)[i] < 32) || (((unsigned char *)str)[i] == ',')) data/edfbrowser-1.79+dfsg/export_annotations.cpp:463:60: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. if((((unsigned char *)str)[i] < 32) || (((unsigned char *)str)[i] == ',')) data/edfbrowser-1.79+dfsg/export_annotations.cpp:727:32: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). edf_set_birthdate(hdl, atoi(hdr->plus_birthdate + 7), n, atoi(hdr->plus_birthdate)); data/edfbrowser-1.79+dfsg/export_annotations.cpp:727:66: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). edf_set_birthdate(hdl, atoi(hdr->plus_birthdate + 7), n, atoi(hdr->plus_birthdate)); data/edfbrowser-1.79+dfsg/export_annotations.cpp:800:62: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). edfwrite_annotation_utf8(hdl, annot->onset / 1000LL, atoi(str), annot->description); data/edfbrowser-1.79+dfsg/export_filtered_signals.cpp:177:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char scratchpad[256]; data/edfbrowser-1.79+dfsg/export_filtered_signals.cpp:215:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char scratchpad[256]; data/edfbrowser-1.79+dfsg/export_filtered_signals.cpp:249:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char scratchpad[256]; data/edfbrowser-1.79+dfsg/export_filtered_signals.cpp:314:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char txt_string[2048]; data/edfbrowser-1.79+dfsg/export_filtered_signals.cpp:453:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char scratchpad[4096]; data/edfbrowser-1.79+dfsg/export_filtered_signals.cpp:1265:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char txtbuf[2048]="", data/edfbrowser-1.79+dfsg/export_filtered_signals.h:118:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char inputpath[MAX_PATH_LENGTH], data/edfbrowser-1.79+dfsg/filter.c:62:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(settings, src, sizeof(struct filter_settings)); data/edfbrowser-1.79+dfsg/filter_dialog.cpp:516:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[256]; data/edfbrowser-1.79+dfsg/filter_dialog.cpp:587:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[256]; data/edfbrowser-1.79+dfsg/filter_dialog.cpp:736:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[256]; data/edfbrowser-1.79+dfsg/filter_dialog.h:124:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *filter_spec, data/edfbrowser-1.79+dfsg/filteredblockread.cpp:220:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char four[4]; data/edfbrowser-1.79+dfsg/fino2edf.cpp:105:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char txt_string[2048], data/edfbrowser-1.79+dfsg/fino2edf.cpp:125:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char one[2]; data/edfbrowser-1.79+dfsg/fir_filter.c:74:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(settings->vars, vars, sizeof(double) * sz); data/edfbrowser-1.79+dfsg/fir_filter_dialog.cpp:231:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAX_PATH_LENGTH]="", data/edfbrowser-1.79+dfsg/fir_filter_dialog.cpp:306:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char p_path[MAX_PATH_LENGTH]; data/edfbrowser-1.79+dfsg/fir_filter_dialog.h:104:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char textbuf[FIR_FILTER_MAX_BUFSZ + 64], data/edfbrowser-1.79+dfsg/fma_ecg2edf.cpp:130:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAX_PATH_LENGTH], data/edfbrowser-1.79+dfsg/fma_ecg2edf.cpp:788:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char p_path[MAX_PATH_LENGTH]; data/edfbrowser-1.79+dfsg/global.h:49:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). #define fopeno fopen data/edfbrowser-1.79+dfsg/global.h:118:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char label[17]; data/edfbrowser-1.79+dfsg/global.h:119:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char transducer[81]; data/edfbrowser-1.79+dfsg/global.h:120:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char physdimension[9]; data/edfbrowser-1.79+dfsg/global.h:125:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char prefilter[81]; data/edfbrowser-1.79+dfsg/global.h:127:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char reserved[33]; data/edfbrowser-1.79+dfsg/global.h:139:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char version[32]; data/edfbrowser-1.79+dfsg/global.h:140:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[MAX_PATH_LENGTH]; data/edfbrowser-1.79+dfsg/global.h:141:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char patient[81]; data/edfbrowser-1.79+dfsg/global.h:142:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char recording[81]; data/edfbrowser-1.79+dfsg/global.h:143:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char plus_patientcode[81]; data/edfbrowser-1.79+dfsg/global.h:144:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char plus_gender[16]; data/edfbrowser-1.79+dfsg/global.h:145:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char plus_birthdate[16]; data/edfbrowser-1.79+dfsg/global.h:146:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char plus_patient_name[81]; data/edfbrowser-1.79+dfsg/global.h:147:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char plus_patient_additional[81]; data/edfbrowser-1.79+dfsg/global.h:148:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char plus_startdate[16]; data/edfbrowser-1.79+dfsg/global.h:149:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char plus_admincode[81]; data/edfbrowser-1.79+dfsg/global.h:150:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char plus_technician[81]; data/edfbrowser-1.79+dfsg/global.h:151:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char plus_equipment[81]; data/edfbrowser-1.79+dfsg/global.h:152:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char plus_recording_additional[81]; data/edfbrowser-1.79+dfsg/global.h:155:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char reserved[45]; data/edfbrowser-1.79+dfsg/global.h:179:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char unique_annotations_list[MAX_UNIQUE_ANNOTATIONS][MAX_ANNOTATION_LEN]; data/edfbrowser-1.79+dfsg/global.h:207:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char signallabel[512]; data/edfbrowser-1.79+dfsg/global.h:208:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char alias[17]; data/edfbrowser-1.79+dfsg/global.h:210:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char signallabel_bu[512]; data/edfbrowser-1.79+dfsg/global.h:219:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char physdimension[9]; data/edfbrowser-1.79+dfsg/global.h:220:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char physdimension_bu[9]; data/edfbrowser-1.79+dfsg/header_editor.cpp:373:57: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. if((!(strncmp(hdr + 1, "BIOSEMI", 7))) && (((unsigned char *)hdr)[0] == 255)) data/edfbrowser-1.79+dfsg/header_editor.cpp:439:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char scratchpad[256], data/edfbrowser-1.79+dfsg/header_editor.cpp:478:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(scratchpad, hdr + 168, 8); data/edfbrowser-1.79+dfsg/header_editor.cpp:482:7: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). r = atoi(scratchpad + 6); data/edfbrowser-1.79+dfsg/header_editor.cpp:491:35: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). startTimeDate->setDate(QDate(r, atoi(scratchpad + 3), atoi(scratchpad))); data/edfbrowser-1.79+dfsg/header_editor.cpp:491:57: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). startTimeDate->setDate(QDate(r, atoi(scratchpad + 3), atoi(scratchpad))); data/edfbrowser-1.79+dfsg/header_editor.cpp:495:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(scratchpad, hdr + 176, 8); data/edfbrowser-1.79+dfsg/header_editor.cpp:499:32: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). startTimeDate->setTime(QTime(atoi(scratchpad), atoi(scratchpad + 3), atoi(scratchpad + 6))); data/edfbrowser-1.79+dfsg/header_editor.cpp:499:50: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). startTimeDate->setTime(QTime(atoi(scratchpad), atoi(scratchpad + 3), atoi(scratchpad + 6))); data/edfbrowser-1.79+dfsg/header_editor.cpp:499:72: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). startTimeDate->setTime(QTime(atoi(scratchpad), atoi(scratchpad + 3), atoi(scratchpad + 6))); data/edfbrowser-1.79+dfsg/header_editor.cpp:604:34: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). dateEdit1->setDate(QDate(atoi(scratchpad + p + 7), r, atoi(scratchpad + p))); data/edfbrowser-1.79+dfsg/header_editor.cpp:604:63: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). dateEdit1->setDate(QDate(atoi(scratchpad + p + 7), r, atoi(scratchpad + p))); data/edfbrowser-1.79+dfsg/header_editor.cpp:681:38: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). startTimeDate->setDate(QDate(atoi(scratchpad + 17), r, atoi(scratchpad + 10))); data/edfbrowser-1.79+dfsg/header_editor.cpp:681:64: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). startTimeDate->setDate(QDate(atoi(scratchpad + 17), r, atoi(scratchpad + 10))); data/edfbrowser-1.79+dfsg/header_editor.cpp:862:8: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(atoi(scratchpad) < 1) data/edfbrowser-1.79+dfsg/header_editor.cpp:874:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). recordsize += (atoi(scratchpad) * 3); data/edfbrowser-1.79+dfsg/header_editor.cpp:878:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). recordsize += (atoi(scratchpad) * 2); data/edfbrowser-1.79+dfsg/header_editor.cpp:922:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char scratchpad[256], data/edfbrowser-1.79+dfsg/header_editor.cpp:1373:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). digmin = atoi(scratchpad); data/edfbrowser-1.79+dfsg/header_editor.cpp:1401:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). digmax = atoi(scratchpad2); data/edfbrowser-1.79+dfsg/header_editor.cpp:1618:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[128]; data/edfbrowser-1.79+dfsg/header_editor.cpp:1688:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[128]; data/edfbrowser-1.79+dfsg/header_editor.cpp:1763:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char p_path[MAX_PATH_LENGTH]; data/edfbrowser-1.79+dfsg/header_editor.h:141:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAX_PATH_LENGTH], data/edfbrowser-1.79+dfsg/hrv_dock.cpp:183:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[128]={""}; data/edfbrowser-1.79+dfsg/hrv_dock.cpp:280:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[32]={""}; data/edfbrowser-1.79+dfsg/hrv_dock.cpp:367:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[64]; data/edfbrowser-1.79+dfsg/hrv_dock.h:82:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char annot_name[32]; data/edfbrowser-1.79+dfsg/hypnogram_dock.cpp:178:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[128]={""}; data/edfbrowser-1.79+dfsg/hypnogram_dock.cpp:321:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[64]; data/edfbrowser-1.79+dfsg/hypnogram_dock.h:82:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char stage_name[6][32]; data/edfbrowser-1.79+dfsg/hypnogram_dock.h:83:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char annot_name[6][32]; data/edfbrowser-1.79+dfsg/import_annotations.cpp:88:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char annotdescrlist[42][48]= data/edfbrowser-1.79+dfsg/import_annotations.cpp:499:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char scratchpad[64]; data/edfbrowser-1.79+dfsg/import_annotations.cpp:522:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[4096]={""}; data/edfbrowser-1.79+dfsg/import_annotations.cpp:644:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAX_PATH_LENGTH], data/edfbrowser-1.79+dfsg/import_annotations.cpp:648:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char a_buf[128]; data/edfbrowser-1.79+dfsg/import_annotations.cpp:868:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAX_PATH_LENGTH]={""}, data/edfbrowser-1.79+dfsg/import_annotations.cpp:970:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). date_time.year = atoi(result); data/edfbrowser-1.79+dfsg/import_annotations.cpp:971:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). date_time.month = atoi(result + 5); data/edfbrowser-1.79+dfsg/import_annotations.cpp:972:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). date_time.day = atoi(result + 8); data/edfbrowser-1.79+dfsg/import_annotations.cpp:973:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). date_time.hour = atoi(result + 11); data/edfbrowser-1.79+dfsg/import_annotations.cpp:974:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). date_time.minute = atoi(result + 14); data/edfbrowser-1.79+dfsg/import_annotations.cpp:975:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). date_time.second = atoi(result + 17); data/edfbrowser-1.79+dfsg/import_annotations.cpp:994:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). l_temp = (atoi(result + 20) * TIME_DIMENSION); data/edfbrowser-1.79+dfsg/import_annotations.cpp:1114:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAX_PATH_LENGTH]={""}, data/edfbrowser-1.79+dfsg/import_annotations.cpp:1430:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAX_PATH_LENGTH], data/edfbrowser-1.79+dfsg/import_annotations.cpp:1566:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char scratchpad[256], data/edfbrowser-1.79+dfsg/import_annotations.cpp:1580:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char four[4]; data/edfbrowser-1.79+dfsg/import_annotations.cpp:1880:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char p_path[MAX_PATH_LENGTH]; data/edfbrowser-1.79+dfsg/import_annotations.cpp:1922:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char scratchpad[64]; data/edfbrowser-1.79+dfsg/import_annotations.cpp:1946:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). onset = atoi(scratchpad) * 3600LL; data/edfbrowser-1.79+dfsg/import_annotations.cpp:1947:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). onset += (atoi(scratchpad + 3) * 60LL); data/edfbrowser-1.79+dfsg/import_annotations.cpp:1948:30: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). onset += (long long)(atoi(scratchpad + 6)); data/edfbrowser-1.79+dfsg/import_annotations.cpp:1967:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). onset = atoi(scratchpad) * 3600LL; data/edfbrowser-1.79+dfsg/import_annotations.cpp:1968:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). onset += (atoi(scratchpad + 2) * 60LL); data/edfbrowser-1.79+dfsg/import_annotations.cpp:1969:30: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). onset += (long long)(atoi(scratchpad + 5)); data/edfbrowser-1.79+dfsg/import_annotations.cpp:1999:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). onset = atoi(scratchpad) * 3600LL; data/edfbrowser-1.79+dfsg/import_annotations.cpp:2000:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). onset += (atoi(scratchpad + 3) * 60LL); data/edfbrowser-1.79+dfsg/import_annotations.cpp:2001:30: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). onset += (long long)(atoi(scratchpad + 6)); data/edfbrowser-1.79+dfsg/import_annotations.cpp:2005:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). l_temp = (atoi(scratchpad + 9) * TIME_DIMENSION); data/edfbrowser-1.79+dfsg/import_annotations.cpp:2036:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). onset = atoi(scratchpad) * 3600LL; data/edfbrowser-1.79+dfsg/import_annotations.cpp:2037:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). onset += (atoi(scratchpad + 2) * 60LL); data/edfbrowser-1.79+dfsg/import_annotations.cpp:2038:30: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). onset += (long long)(atoi(scratchpad + 5)); data/edfbrowser-1.79+dfsg/import_annotations.cpp:2042:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). l_temp = (atoi(scratchpad + 8) * TIME_DIMENSION); data/edfbrowser-1.79+dfsg/import_annotations.cpp:2070:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). date_time.year = atoi(scratchpad); data/edfbrowser-1.79+dfsg/import_annotations.cpp:2071:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). date_time.month = atoi(scratchpad + 5); data/edfbrowser-1.79+dfsg/import_annotations.cpp:2072:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). date_time.day = atoi(scratchpad + 8); data/edfbrowser-1.79+dfsg/import_annotations.cpp:2073:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). date_time.hour = atoi(scratchpad + 11); data/edfbrowser-1.79+dfsg/import_annotations.cpp:2074:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). date_time.minute = atoi(scratchpad + 14); data/edfbrowser-1.79+dfsg/import_annotations.cpp:2075:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). date_time.second = atoi(scratchpad + 17); data/edfbrowser-1.79+dfsg/import_annotations.cpp:2101:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). date_time.year = atoi(scratchpad); data/edfbrowser-1.79+dfsg/import_annotations.cpp:2102:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). date_time.month = atoi(scratchpad + 5); data/edfbrowser-1.79+dfsg/import_annotations.cpp:2103:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). date_time.day = atoi(scratchpad + 8); data/edfbrowser-1.79+dfsg/import_annotations.cpp:2104:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). date_time.hour = atoi(scratchpad + 11); data/edfbrowser-1.79+dfsg/import_annotations.cpp:2105:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). date_time.minute = atoi(scratchpad + 14); data/edfbrowser-1.79+dfsg/import_annotations.cpp:2106:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). date_time.second = atoi(scratchpad + 17); data/edfbrowser-1.79+dfsg/import_annotations.cpp:2112:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). l_temp = (atoi(scratchpad + 20) * TIME_DIMENSION); data/edfbrowser-1.79+dfsg/import_annotations.h:83:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char separator[4]; data/edfbrowser-1.79+dfsg/import_annotations.h:91:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char description[21]; data/edfbrowser-1.79+dfsg/ishne2edf.cpp:105:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAX_PATH_LENGTH]={""}, data/edfbrowser-1.79+dfsg/ishne2edf.cpp:110:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *lead_label[20]={"Unknown","Generic bipolar","X bipolar","Y bipolar","Z bipolar","I","II","III","aVR","aVL", data/edfbrowser-1.79+dfsg/ishne2edf.cpp:146:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). inputfile = fopen(path, "rb"); data/edfbrowser-1.79+dfsg/load_montage_dialog.cpp:127:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char result[XML_STRBUFLEN], data/edfbrowser-1.79+dfsg/load_montage_dialog.cpp:378:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). signal_cnt = atoi(result); data/edfbrowser-1.79+dfsg/load_montage_dialog.cpp:481:33: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). newsignalcomp->polarity = atoi(result); data/edfbrowser-1.79+dfsg/load_montage_dialog.cpp:507:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). newsignalcomp->color = atoi(result); data/edfbrowser-1.79+dfsg/load_montage_dialog.cpp:526:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). filter_cnt = atoi(result); data/edfbrowser-1.79+dfsg/load_montage_dialog.cpp:544:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). spike_filter_cnt = atoi(result); data/edfbrowser-1.79+dfsg/load_montage_dialog.cpp:562:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). ravg_filter_cnt = atoi(result); data/edfbrowser-1.79+dfsg/load_montage_dialog.cpp:586:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). fidfilter_cnt = atoi(result); data/edfbrowser-1.79+dfsg/load_montage_dialog.cpp:699:50: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). newsignalcomp->edfsignal[signals_read] = atoi(result); data/edfbrowser-1.79+dfsg/load_montage_dialog.cpp:857:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). holdoff = atoi(result); data/edfbrowser-1.79+dfsg/load_montage_dialog.cpp:913:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). type = atoi(result); data/edfbrowser-1.79+dfsg/load_montage_dialog.cpp:1039:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). type = atoi(result); data/edfbrowser-1.79+dfsg/load_montage_dialog.cpp:1060:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). size = atoi(result); data/edfbrowser-1.79+dfsg/load_montage_dialog.cpp:1123:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). type = atoi(result); data/edfbrowser-1.79+dfsg/load_montage_dialog.cpp:1144:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). model = atoi(result); data/edfbrowser-1.79+dfsg/load_montage_dialog.cpp:1228:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). order = atoi(result); data/edfbrowser-1.79+dfsg/load_montage_dialog.cpp:1453:33: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). plif_powerlinefrequency = atoi(result); data/edfbrowser-1.79+dfsg/load_montage_dialog.cpp:1541:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). n_taps = atoi(result); data/edfbrowser-1.79+dfsg/load_montage_dialog.cpp:1610:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). type = atoi(result); data/edfbrowser-1.79+dfsg/load_montage_dialog.cpp:1683:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). type = atoi(result); data/edfbrowser-1.79+dfsg/load_montage_dialog.cpp:1766:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp = atoi(result); data/edfbrowser-1.79+dfsg/load_montage_dialog.cpp:1789:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp = atoi(result); data/edfbrowser-1.79+dfsg/load_montage_dialog.cpp:1810:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp = atoi(result); data/edfbrowser-1.79+dfsg/load_montage_dialog.cpp:1831:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp = atoi(result); data/edfbrowser-1.79+dfsg/load_montage_dialog.cpp:1906:32: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). settings[i].signalnr = atoi(result); data/edfbrowser-1.79+dfsg/load_montage_dialog.cpp:1930:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). settings[i].amp = atoi(result); data/edfbrowser-1.79+dfsg/load_montage_dialog.cpp:1950:34: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). settings[i].log_min_sl = atoi(result); data/edfbrowser-1.79+dfsg/load_montage_dialog.cpp:1974:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). settings[i].wheel = atoi(result); data/edfbrowser-1.79+dfsg/load_montage_dialog.cpp:1998:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). settings[i].span = atoi(result); data/edfbrowser-1.79+dfsg/load_montage_dialog.cpp:2022:30: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). settings[i].center = atoi(result); data/edfbrowser-1.79+dfsg/load_montage_dialog.cpp:2046:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). settings[i].log = atoi(result); data/edfbrowser-1.79+dfsg/load_montage_dialog.cpp:2070:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). settings[i].sqrt = atoi(result); data/edfbrowser-1.79+dfsg/load_montage_dialog.cpp:2094:32: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). settings[i].colorbar = atoi(result); data/edfbrowser-1.79+dfsg/load_montage_dialog.h:92:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mtg_path[MAX_PATH_LENGTH]; data/edfbrowser-1.79+dfsg/mainwindow.cpp:293:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char f_path[MAX_PATH_LENGTH]; data/edfbrowser-1.79+dfsg/mainwindow.cpp:1538:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[2048]; data/edfbrowser-1.79+dfsg/mainwindow.cpp:1918:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[MAX_PATH_LENGTH + 64]={""}; data/edfbrowser-1.79+dfsg/mainwindow.cpp:2294:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char f_path[MAX_PATH_LENGTH]; data/edfbrowser-1.79+dfsg/mainwindow.cpp:3565:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[2048]={""}; data/edfbrowser-1.79+dfsg/mainwindow.cpp:3827:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char p_path[MAX_PATH_LENGTH]; data/edfbrowser-1.79+dfsg/mainwindow.cpp:3894:13: [2] (buffer) TCHAR: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. TCHAR path[MAX_PATH]; data/edfbrowser-1.79+dfsg/mainwindow.cpp:3902:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAX_PATH]; data/edfbrowser-1.79+dfsg/mainwindow.cpp:3945:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[1024]; data/edfbrowser-1.79+dfsg/mainwindow.cpp:3992:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char spec_str[256], data/edfbrowser-1.79+dfsg/mainwindow.h:280:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *viewbuf, data/edfbrowser-1.79+dfsg/mainwindow.h:314:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char annot_label[MAX_ANNOTATION_LEN + 1]; data/edfbrowser-1.79+dfsg/mainwindow.h:421:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAX_PATH_LENGTH], data/edfbrowser-1.79+dfsg/mainwindow_constr.cpp:1109:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp_str[MAX_PATH_LENGTH]={""}; data/edfbrowser-1.79+dfsg/mainwindow_constr.cpp:1196:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char v_str[32]; data/edfbrowser-1.79+dfsg/mainwindow_constr.cpp:1201:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). v_nr = 0x10000 * atoi(v_str); data/edfbrowser-1.79+dfsg/mainwindow_constr.cpp:1202:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). v_nr += 0x100 * atoi(v_str + 2); data/edfbrowser-1.79+dfsg/mainwindow_constr.cpp:1205:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). v_nr += atoi(v_str + 4); data/edfbrowser-1.79+dfsg/mainwindow_constr.cpp:1209:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). v_nr += atoi(v_str + 5); data/edfbrowser-1.79+dfsg/manscan2edf.cpp:45:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char label[MAXSIGNALS][17]; data/edfbrowser-1.79+dfsg/manscan2edf.cpp:55:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char recorder_version[128]; data/edfbrowser-1.79+dfsg/manscan2edf.cpp:56:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char recorder_brand[128]; data/edfbrowser-1.79+dfsg/manscan2edf.cpp:57:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char datafilename[MAX_PATH_LENGTH]; data/edfbrowser-1.79+dfsg/manscan2edf.cpp:62:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ev_description[MBIMAXEVENTS][MBIMAXEVLEN + 1]; data/edfbrowser-1.79+dfsg/manscan2edf.cpp:119:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char header_filename[MAX_PATH_LENGTH], data/edfbrowser-1.79+dfsg/manscan2edf.cpp:131:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char four[4]; data/edfbrowser-1.79+dfsg/manscan2edf.cpp:728:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char linebuf[MBILINEBUFSZ], data/edfbrowser-1.79+dfsg/manscan2edf.cpp:869:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char linebuf[MBILINEBUFSZ]; data/edfbrowser-1.79+dfsg/manscan2edf.cpp:930:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char linebuf[MBILINEBUFSZ]; data/edfbrowser-1.79+dfsg/manscan2edf.cpp:987:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char linebuf[MBILINEBUFSZ], data/edfbrowser-1.79+dfsg/manscan2edf.cpp:1137:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char linebuf[MBILINEBUFSZ]; data/edfbrowser-1.79+dfsg/manscan2edf.cpp:1200:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sf = atoi(linebuf + 11); data/edfbrowser-1.79+dfsg/manscan2edf.cpp:1245:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char linebuf[MBILINEBUFSZ]; data/edfbrowser-1.79+dfsg/manscan2edf.cpp:1315:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). startdate_year = atoi(linebuf + p + 6); data/edfbrowser-1.79+dfsg/manscan2edf.cpp:1321:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). startdate_year = atoi(linebuf + p + 6); data/edfbrowser-1.79+dfsg/manscan2edf.cpp:1336:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). startdate_year = atoi(linebuf + p + 6); data/edfbrowser-1.79+dfsg/manscan2edf.cpp:1349:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). startdate_day = atoi(linebuf + p + 3); data/edfbrowser-1.79+dfsg/manscan2edf.cpp:1351:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). startdate_month = atoi(linebuf + p); data/edfbrowser-1.79+dfsg/manscan2edf.cpp:1382:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). starttime_hour = atoi(linebuf + p); data/edfbrowser-1.79+dfsg/manscan2edf.cpp:1383:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). starttime_minute = atoi(linebuf + p + 3); data/edfbrowser-1.79+dfsg/manscan2edf.cpp:1384:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). starttime_second = atoi(linebuf + p + 6); data/edfbrowser-1.79+dfsg/manscan2edf.cpp:1428:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char linebuf[MBILINEBUFSZ], data/edfbrowser-1.79+dfsg/manscan2edf.cpp:1568:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char linebuf[MBILINEBUFSZ], data/edfbrowser-1.79+dfsg/manscan2edf.cpp:1699:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp = atoi(scratchpad); // field 1 data/edfbrowser-1.79+dfsg/manscan2edf.cpp:1724:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). segprop->data_offset = atoi(scratchpad); // field 2 data/edfbrowser-1.79+dfsg/manscan2edf.cpp:1752:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). segprop->sweeps = atoi(scratchpad); // field 3 data/edfbrowser-1.79+dfsg/manscan2edf.cpp:1787:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char linebuf[MBILINEBUFSZ]; data/edfbrowser-1.79+dfsg/mit2edf.cpp:81:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char annotdescrlist[42][48]= data/edfbrowser-1.79+dfsg/mit2edf.cpp:177:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char header_filename[MAX_PATH_LENGTH], data/edfbrowser-1.79+dfsg/mit2edf.cpp:186:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char a_buf[128], data/edfbrowser-1.79+dfsg/mit2edf.cpp:193:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char four[4]; data/edfbrowser-1.79+dfsg/mit2edf.cpp:288:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). mit_hdr.chns = atoi(charpntr + p); data/edfbrowser-1.79+dfsg/mit2edf.cpp:326:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). mit_hdr.sf_base = atoi(charpntr + p); data/edfbrowser-1.79+dfsg/mit2edf.cpp:436:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). mit_hdr.format[j] = atoi(charpntr + p); data/edfbrowser-1.79+dfsg/mit2edf.cpp:487:49: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). mit_hdr.sf_frame[j] = mit_hdr.sf_base * atoi(charpntr + k); data/edfbrowser-1.79+dfsg/mit2edf.cpp:520:8: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(atoi(charpntr + p) != 0) data/edfbrowser-1.79+dfsg/mit2edf.cpp:555:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). mit_hdr.baseline[j] = atoi(charpntr + p); data/edfbrowser-1.79+dfsg/mit2edf.cpp:614:33: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). mit_hdr.adc_resolution[j] = atoi(charpntr + p); data/edfbrowser-1.79+dfsg/mit2edf.cpp:633:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). mit_hdr.adc_zero[j] = atoi(charpntr + p); data/edfbrowser-1.79+dfsg/mit2edf.cpp:657:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). mit_hdr.init_val[j] = atoi(charpntr + p); data/edfbrowser-1.79+dfsg/mit2edf.h:100:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char label[MAXSIGNALS][17]; data/edfbrowser-1.79+dfsg/mit2edf.h:102:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char unit[MAXSIGNALS][9]; data/edfbrowser-1.79+dfsg/mortara2edf.cpp:83:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAX_PATH_LENGTH], data/edfbrowser-1.79+dfsg/mortara2edf.cpp:177:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). chan_offset[i] = atoi(scratchpad); data/edfbrowser-1.79+dfsg/mortara2edf.cpp:201:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). chan_bits[i] = atoi(scratchpad); data/edfbrowser-1.79+dfsg/mortara2edf.cpp:243:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). chan_units_per_mv[i] = atoi(scratchpad); data/edfbrowser-1.79+dfsg/mortara2edf.cpp:258:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). chan_duration[i] = atoi(scratchpad); data/edfbrowser-1.79+dfsg/mortara2edf.cpp:282:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). chan_sample_freq[i] = atoi(scratchpad); data/edfbrowser-1.79+dfsg/mortara2edf.cpp:443:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if((atoi(start_date_time) < 1985) || (atoi(start_date_time) > 2099)) err = 1; data/edfbrowser-1.79+dfsg/mortara2edf.cpp:443:43: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if((atoi(start_date_time) < 1985) || (atoi(start_date_time) > 2099)) err = 1; data/edfbrowser-1.79+dfsg/mortara2edf.cpp:444:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if((atoi(start_date_time + 5) < 1) || (atoi(start_date_time + 5) > 12)) err = 1; data/edfbrowser-1.79+dfsg/mortara2edf.cpp:444:44: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if((atoi(start_date_time + 5) < 1) || (atoi(start_date_time + 5) > 12)) err = 1; data/edfbrowser-1.79+dfsg/mortara2edf.cpp:445:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if((atoi(start_date_time + 8) < 1) || (atoi(start_date_time + 8) > 31)) err = 1; data/edfbrowser-1.79+dfsg/mortara2edf.cpp:445:44: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if((atoi(start_date_time + 8) < 1) || (atoi(start_date_time + 8) > 31)) err = 1; data/edfbrowser-1.79+dfsg/mortara2edf.cpp:446:8: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(atoi(start_date_time + 11) > 23) err = 1; data/edfbrowser-1.79+dfsg/mortara2edf.cpp:447:8: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(atoi(start_date_time + 14) > 59) err = 1; data/edfbrowser-1.79+dfsg/mortara2edf.cpp:448:8: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(atoi(start_date_time + 17) > 59) err = 1; data/edfbrowser-1.79+dfsg/mortara2edf.cpp:626:37: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(edf_set_startdatetime(edf_hdl, atoi(start_date_time), atoi(start_date_time + 5), atoi(start_date_time + 8), data/edfbrowser-1.79+dfsg/mortara2edf.cpp:626:60: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(edf_set_startdatetime(edf_hdl, atoi(start_date_time), atoi(start_date_time + 5), atoi(start_date_time + 8), data/edfbrowser-1.79+dfsg/mortara2edf.cpp:626:87: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(edf_set_startdatetime(edf_hdl, atoi(start_date_time), atoi(start_date_time + 5), atoi(start_date_time + 8), data/edfbrowser-1.79+dfsg/mortara2edf.cpp:627:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). atoi(start_date_time + 11), atoi(start_date_time + 14), atoi(start_date_time + 17))) data/edfbrowser-1.79+dfsg/mortara2edf.cpp:627:56: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). atoi(start_date_time + 11), atoi(start_date_time + 14), atoi(start_date_time + 17))) data/edfbrowser-1.79+dfsg/mortara2edf.cpp:627:84: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). atoi(start_date_time + 11), atoi(start_date_time + 14), atoi(start_date_time + 17))) data/edfbrowser-1.79+dfsg/mortara2edf.h:107:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char chan_format[MORTARA_MAX_CHNS][17], data/edfbrowser-1.79+dfsg/nexfin2edf.cpp:133:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char txt_string[2048], data/edfbrowser-1.79+dfsg/nexfin2edf.cpp:153:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char one[2]; data/edfbrowser-1.79+dfsg/nk2edf.cpp:115:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char txt_string[2048], data/edfbrowser-1.79+dfsg/nk2edf.cpp:345:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. if(((unsigned char *)log_buf)[(i * 45) + j]<32) log_buf[(i * 45) + j] = ' '; data/edfbrowser-1.79+dfsg/nk2edf.cpp:661:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *buf, data/edfbrowser-1.79+dfsg/nk2edf.cpp:738:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). temp = atoi(scratchpad); data/edfbrowser-1.79+dfsg/nk2edf.cpp:754:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). temp = atoi(scratchpad); data/edfbrowser-1.79+dfsg/nk2edf.cpp:762:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). temp = atoi(scratchpad); data/edfbrowser-1.79+dfsg/nk2edf.cpp:786:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). temp = atoi(scratchpad); data/edfbrowser-1.79+dfsg/nk2edf.cpp:814:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). temp = atoi(scratchpad); data/edfbrowser-1.79+dfsg/nk2edf.cpp:858:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). temp = atoi(scratchpad); data/edfbrowser-1.79+dfsg/nk2edf.cpp:923:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). temp = atoi(scratchpad); data/edfbrowser-1.79+dfsg/nk2edf.cpp:939:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). temp = atoi(scratchpad); data/edfbrowser-1.79+dfsg/nk2edf.cpp:947:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). temp = atoi(scratchpad); data/edfbrowser-1.79+dfsg/nk2edf.cpp:971:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). temp = atoi(scratchpad); data/edfbrowser-1.79+dfsg/nk2edf.cpp:992:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). temp = atoi(scratchpad); data/edfbrowser-1.79+dfsg/nk2edf.cpp:1033:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). temp = atoi(scratchpad); data/edfbrowser-1.79+dfsg/nk2edf.cpp:1456:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *electrode_name, data/edfbrowser-1.79+dfsg/nk2edf.cpp:1503:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). idx = atoi(electrode_name_buffer); data/edfbrowser-1.79+dfsg/nk2edf.h:84:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *recent_opendir, data/edfbrowser-1.79+dfsg/options_dialog.cpp:1082:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[256]; data/edfbrowser-1.79+dfsg/options_dialog.cpp:1792:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAX_PATH_LENGTH]; data/edfbrowser-1.79+dfsg/options_dialog.cpp:1816:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). colorfile = fopen(path, "wb"); data/edfbrowser-1.79+dfsg/options_dialog.cpp:1947:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAX_PATH_LENGTH], data/edfbrowser-1.79+dfsg/options_dialog.cpp:2008:41: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). mainwindow->maincurve->signal_color = atoi(result); data/edfbrowser-1.79+dfsg/options_dialog.cpp:2022:49: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). mainwindow->maincurve->floating_ruler_color = atoi(result); data/edfbrowser-1.79+dfsg/options_dialog.cpp:2036:48: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). mainwindow->maincurve->blackwhite_printing = atoi(result); data/edfbrowser-1.79+dfsg/options_dialog.cpp:2050:36: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). mainwindow->show_annot_markers = atoi(result); data/edfbrowser-1.79+dfsg/options_dialog.cpp:2064:32: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). mainwindow->show_baselines = atoi(result); data/edfbrowser-1.79+dfsg/options_dialog.cpp:2078:30: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). mainwindow->clip_to_pane = atoi(result); data/edfbrowser-1.79+dfsg/options_dialog.cpp:2092:46: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). mainwindow->maincurve->crosshair_1.color = atoi(result); data/edfbrowser-1.79+dfsg/options_dialog.cpp:2106:46: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). mainwindow->maincurve->crosshair_2.color = atoi(result); data/edfbrowser-1.79+dfsg/options_dialog.cpp:2407:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[32]; data/edfbrowser-1.79+dfsg/plif_ecg_subtract_filter.c:273:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(st->ravg_buf, st_ori->ravg_buf, sizeof(double) * st->tpl); data/edfbrowser-1.79+dfsg/plif_ecg_subtract_filter.c:282:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(st->ref_buf, st_ori->ref_buf, sizeof(double) * st->tpl); data/edfbrowser-1.79+dfsg/plif_ecg_subtract_filter.c:294:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(st->ravg_noise_buf[i], st_ori->ravg_noise_buf[i], sizeof(double) * st->tpl); data/edfbrowser-1.79+dfsg/plif_ecg_subtract_filter.c:307:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(st->input_buf[i], st_ori->input_buf[i], sizeof(double) * st->tpl); data/edfbrowser-1.79+dfsg/plif_ecg_subtract_filter.c:386:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest->ravg_buf, src->ravg_buf, sizeof(double) * dest->tpl); data/edfbrowser-1.79+dfsg/plif_ecg_subtract_filter.c:387:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest->ref_buf, src->ref_buf, sizeof(double) * dest->tpl); data/edfbrowser-1.79+dfsg/plif_ecg_subtract_filter.c:391:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest->ravg_noise_buf[i], src->ravg_noise_buf[i], sizeof(double) * dest->tpl); data/edfbrowser-1.79+dfsg/plif_ecg_subtract_filter.c:392:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest->input_buf[i], src->input_buf[i], sizeof(double) * dest->tpl); data/edfbrowser-1.79+dfsg/plif_ecg_subtract_filter_dialog.cpp:37:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[256]; data/edfbrowser-1.79+dfsg/plif_ecg_subtract_filter_dialog.cpp:176:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[256]; data/edfbrowser-1.79+dfsg/plif_ecg_subtract_filter_dialog.cpp:299:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char p_path[MAX_PATH_LENGTH]; data/edfbrowser-1.79+dfsg/print_to_bdf.cpp:67:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAX_PATH_LENGTH], data/edfbrowser-1.79+dfsg/print_to_bdf.cpp:85:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char four[4]; data/edfbrowser-1.79+dfsg/print_to_bdf.cpp:91:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char four[4]; data/edfbrowser-1.79+dfsg/print_to_bdf.cpp:99:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char four[4]; data/edfbrowser-1.79+dfsg/print_to_bdf.cpp:1117:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(signalcomp[i]->fidbuf[p], signalcomp[i]->fidbuf2[p], fid_run_bufsize(signalcomp[i]->fid_run[p])); data/edfbrowser-1.79+dfsg/print_to_edf.cpp:67:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAX_PATH_LENGTH], data/edfbrowser-1.79+dfsg/print_to_edf.cpp:85:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char four[4]; data/edfbrowser-1.79+dfsg/print_to_edf.cpp:90:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char two[2]; data/edfbrowser-1.79+dfsg/print_to_edf.cpp:1079:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(signalcomp[i]->fidbuf[p], signalcomp[i]->fidbuf2[p], fid_run_bufsize(signalcomp[i]->fid_run[p])); data/edfbrowser-1.79+dfsg/ravg_filter.c:80:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(settings, src, sizeof(struct ravg_filter_settings)); data/edfbrowser-1.79+dfsg/ravg_filter.c:88:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(settings->buf, src->buf, settings->size); data/edfbrowser-1.79+dfsg/ravg_filter.c:97:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(settings->buf2, src->buf2, settings->size); data/edfbrowser-1.79+dfsg/ravg_filter.c:112:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(settings->buf2, settings->buf, settings->size * sizeof(double)); data/edfbrowser-1.79+dfsg/ravg_filter.c:126:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(settings->buf, settings->buf2, settings->size * sizeof(double)); data/edfbrowser-1.79+dfsg/ravg_filter.c:136:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(settings->buf2, settings->buf, settings->size * sizeof(double)); data/edfbrowser-1.79+dfsg/raw2edf.cpp:227:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[1024], data/edfbrowser-1.79+dfsg/raw2edf.cpp:491:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char four[4]; data/edfbrowser-1.79+dfsg/raw2edf.cpp:808:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAX_PATH_LENGTH], data/edfbrowser-1.79+dfsg/raw2edf.cpp:893:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAX_PATH_LENGTH], data/edfbrowser-1.79+dfsg/raw2edf.cpp:931:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). raw2edf_var->sf = atoi(result); data/edfbrowser-1.79+dfsg/raw2edf.cpp:946:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). raw2edf_var->chns = atoi(result); data/edfbrowser-1.79+dfsg/raw2edf.cpp:961:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). raw2edf_var->phys_max = atoi(result); data/edfbrowser-1.79+dfsg/raw2edf.cpp:976:35: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). raw2edf_var->straightbinary = atoi(result); data/edfbrowser-1.79+dfsg/raw2edf.cpp:991:31: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). raw2edf_var->endianness = atoi(result); data/edfbrowser-1.79+dfsg/raw2edf.cpp:1006:31: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). raw2edf_var->samplesize = atoi(result); data/edfbrowser-1.79+dfsg/raw2edf.cpp:1021:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). raw2edf_var->offset = atoi(result); data/edfbrowser-1.79+dfsg/raw2edf.cpp:1036:34: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). raw2edf_var->skipblocksize = atoi(result); data/edfbrowser-1.79+dfsg/raw2edf.cpp:1051:30: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). raw2edf_var->skipbytes = atoi(result); data/edfbrowser-1.79+dfsg/raw2edf.cpp:1155:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char p_path[MAX_PATH_LENGTH]; data/edfbrowser-1.79+dfsg/raw2edf.h:78:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char phys_dim[16]; data/edfbrowser-1.79+dfsg/read_write_settings.cpp:33:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char result[XML_STRBUFLEN]; data/edfbrowser-1.79+dfsg/read_write_settings.cpp:54:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp_color.setRed(atoi(result)); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:69:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp_color.setGreen(atoi(result)); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:84:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp_color.setBlue(atoi(result)); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:92:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp_color.setAlpha(atoi(result)); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:106:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cfg_path[MAX_PATH_LENGTH], data/edfbrowser-1.79+dfsg/read_write_settings.cpp:177:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). maincurve->signal_color = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:191:37: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). maincurve->floating_ruler_color = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:205:36: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). maincurve->blackwhite_printing = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:219:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). show_annot_markers = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:230:33: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). annotations_show_duration = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:242:44: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). annotations_duration_background_type = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:257:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). show_baselines = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:271:34: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). maincurve->crosshair_1.color = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:285:34: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). maincurve->crosshair_2.color = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:296:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cfg_path[MAX_PATH_LENGTH], data/edfbrowser-1.79+dfsg/read_write_settings.cpp:495:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cfg_path[MAX_PATH_LENGTH], data/edfbrowser-1.79+dfsg/read_write_settings.cpp:553:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). font_size = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:567:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). monofont_size = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:602:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). auto_dpi = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:636:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). clip_to_pane = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:653:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). auto_reload_mtg = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:670:34: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). read_biosemi_status_signal = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:687:30: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). read_nk_trigger_signal = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:721:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). use_threads = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:744:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if((atoi(result) > MAXSPECTRUMMARKERS) || (atoi(result) < 0)) data/edfbrowser-1.79+dfsg/read_write_settings.cpp:744:48: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if((atoi(result) > MAXSPECTRUMMARKERS) || (atoi(result) < 0)) data/edfbrowser-1.79+dfsg/read_write_settings.cpp:750:32: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). spectrum_colorbar->items = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:766:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if((atoi(result) > 2) || (atoi(result) < 0)) data/edfbrowser-1.79+dfsg/read_write_settings.cpp:766:31: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if((atoi(result) > 2) || (atoi(result) < 0)) data/edfbrowser-1.79+dfsg/read_write_settings.cpp:772:33: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). spectrum_colorbar->method = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:784:40: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). spectrum_colorbar->auto_adjust = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:872:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if((atoi(result) > 18) || (atoi(result) < 2)) data/edfbrowser-1.79+dfsg/read_write_settings.cpp:872:32: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if((atoi(result) > 18) || (atoi(result) < 2)) data/edfbrowser-1.79+dfsg/read_write_settings.cpp:878:35: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). spectrum_colorbar->color[0] = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:894:11: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if((atoi(result) > 18) || (atoi(result) < 2)) data/edfbrowser-1.79+dfsg/read_write_settings.cpp:894:34: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if((atoi(result) > 18) || (atoi(result) < 2)) data/edfbrowser-1.79+dfsg/read_write_settings.cpp:900:37: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). spectrum_colorbar->color[i] = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:948:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). maxdftblocksize = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:973:40: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). import_annotations_var->format = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:991:49: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). import_annotations_var->onsettimeformat = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1004:45: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). import_annotations_var->onsetcolumn = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1017:51: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). import_annotations_var->descriptioncolumn = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1030:45: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). import_annotations_var->useduration = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1048:48: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). import_annotations_var->durationcolumn = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1066:47: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). import_annotations_var->datastartline = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1094:48: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). import_annotations_var->dceventbittime = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1120:51: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). import_annotations_var->manualdescription = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1153:51: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). import_annotations_var->ignoreconsecutive = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1176:43: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). export_annotations_var->separator = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1189:40: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). export_annotations_var->format = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1202:42: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). export_annotations_var->duration = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1220:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cdsa_segmentlen = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1233:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cdsa_blocklen = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1246:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cdsa_overlap = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1259:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cdsa_window_func = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1272:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cdsa_min_hz = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1285:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cdsa_max_hz = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1298:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cdsa_max_pwr = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1311:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cdsa_min_pwr = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1324:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cdsa_log = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1337:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). cdsa_pwr_voltage = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1425:35: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). live_stream_update_interval = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1442:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). powerlinefreq = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1459:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). mousewheelsens = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1476:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). average_period = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1491:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). average_ratio = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1508:8: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(atoi(result) == 1) data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1528:8: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(atoi(result) == 1) data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1548:8: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(atoi(result) == 1) data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1568:8: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(atoi(result) == 1) data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1588:8: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(atoi(result) == 1) data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1608:8: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(atoi(result) == 1) data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1628:8: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(atoi(result) == 1) data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1648:8: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(atoi(result) == 1) data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1668:35: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). z_score_var.zscore_page_len = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1740:42: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). z_score_var.zscore_error_detection = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1760:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). raw2edf_var.sf = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1775:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). raw2edf_var.chns = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1790:30: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). raw2edf_var.phys_max = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1805:36: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). raw2edf_var.straightbinary = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1820:32: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). raw2edf_var.endianness = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1835:32: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). raw2edf_var.samplesize = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1850:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). raw2edf_var.offset = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1865:35: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). raw2edf_var.skipblocksize = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1880:31: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). raw2edf_var.skipbytes = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1916:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). annot_filter->tmin = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1931:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). annot_filter->tmax = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1946:30: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). annot_filter->invert = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1961:34: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). annot_filter->hide_other = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1976:41: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). annot_filter->hide_in_list_only = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1994:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). check_for_updates = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:2008:31: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). viewtime_indicator_type = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:2022:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). mainwindow_title_type = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:2050:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). linear_interpol = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:2067:31: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). auto_update_annot_onset = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:2084:33: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). use_diverse_signal_colors = atoi(result); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:2101:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cfg_path[MAX_PATH_LENGTH], data/edfbrowser-1.79+dfsg/reduce_signals.cpp:250:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char scratchpad[256]; data/edfbrowser-1.79+dfsg/reduce_signals.cpp:288:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char scratchpad[256]; data/edfbrowser-1.79+dfsg/reduce_signals.cpp:322:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char scratchpad[256]; data/edfbrowser-1.79+dfsg/reduce_signals.cpp:464:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char txt_string[2048], data/edfbrowser-1.79+dfsg/reduce_signals.cpp:694:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char four[4]; data/edfbrowser-1.79+dfsg/reduce_signals.cpp:1438:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char p_path[MAX_PATH_LENGTH]; data/edfbrowser-1.79+dfsg/reduce_signals.h:122:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char inputpath[MAX_PATH_LENGTH], data/edfbrowser-1.79+dfsg/run_qrs_detector.cpp:42:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[32]={""}; data/edfbrowser-1.79+dfsg/save_annots.cpp:49:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *readbuf, data/edfbrowser-1.79+dfsg/save_montage_dialog.cpp:95:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mtg_path[MAX_PATH_LENGTH]; data/edfbrowser-1.79+dfsg/scp_ecg2edf.cpp:102:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char input_filename[MAX_PATH_LENGTH], data/edfbrowser-1.79+dfsg/scp_ecg2edf.cpp:1343:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[256]; data/edfbrowser-1.79+dfsg/scp_ecg2edf.cpp:1460:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char scp_labels[256][9]={"unspec.", "I", "II", "V1", "V2", "V3", "V4", "V5", "V6", "V7", data/edfbrowser-1.79+dfsg/scp_ecg2edf.cpp:1500:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[2048]; data/edfbrowser-1.79+dfsg/scp_ecg2edf.cpp:1718:19: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char four[8]; data/edfbrowser-1.79+dfsg/scp_ecg2edf.cpp:1741:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&var, buf_in + (bits / 8), 5); data/edfbrowser-1.79+dfsg/scp_ecg2edf.h:110:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char reserved[6]; data/edfbrowser-1.79+dfsg/scp_ecg2edf.h:134:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pat_id[21]; data/edfbrowser-1.79+dfsg/scp_ecg2edf.h:141:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char last_name[21]; data/edfbrowser-1.79+dfsg/scp_ecg2edf.h:142:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char first_name[21]; data/edfbrowser-1.79+dfsg/scp_ecg2edf.h:147:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char device_model[6]; data/edfbrowser-1.79+dfsg/scp_ecg2edf.h:148:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char device_serial[49]; data/edfbrowser-1.79+dfsg/scp_ecg2edf.h:149:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char device_ident[49]; data/edfbrowser-1.79+dfsg/scp_ecg2edf.h:150:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char manufacturer[49]; data/edfbrowser-1.79+dfsg/show_actual_montage_dialog.cpp:42:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char txtbuf[2048]="", data/edfbrowser-1.79+dfsg/show_edf_hdr.cpp:180:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[512]={""}; data/edfbrowser-1.79+dfsg/signalcurve.cpp:605:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[SC_MAX_PATH_LEN]; data/edfbrowser-1.79+dfsg/signalcurve.cpp:628:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). outputfile = fopen(path, "wb"); data/edfbrowser-1.79+dfsg/signalcurve.cpp:669:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[SC_MAX_PATH_LEN]; data/edfbrowser-1.79+dfsg/signalcurve.cpp:712:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[SC_MAX_PATH_LEN]; data/edfbrowser-1.79+dfsg/signalcurve.cpp:757:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[SC_MAX_PATH_LEN]; data/edfbrowser-1.79+dfsg/signalcurve.cpp:847:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[128]; data/edfbrowser-1.79+dfsg/signalcurve.cpp:1408:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[128]; data/edfbrowser-1.79+dfsg/signalcurve.h:71:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char label[MAXSPECTRUMMARKERS][17]; data/edfbrowser-1.79+dfsg/signalcurve.h:240:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char h_label[32], data/edfbrowser-1.79+dfsg/signals_dialog.cpp:275:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[512]="", data/edfbrowser-1.79+dfsg/signals_dialog.cpp:295:95: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). snprintf(str, 512, "Signal %i in the Composition list has a Factor too close to zero.", atoi(str2)); data/edfbrowser-1.79+dfsg/signals_dialog.cpp:332:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). edfsignal = atoi(str) - 1; data/edfbrowser-1.79+dfsg/signals_dialog.cpp:501:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[256]; data/edfbrowser-1.79+dfsg/signals_dialog.cpp:593:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if((s + 1) == atoi(str)) data/edfbrowser-1.79+dfsg/signals_dialog.cpp:650:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[256]; data/edfbrowser-1.79+dfsg/signals_dialog.h:120:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char physdimension[64]; data/edfbrowser-1.79+dfsg/special_button.h:67:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buttonText[2048]; data/edfbrowser-1.79+dfsg/spectrum_dock.cpp:39:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[1024]; data/edfbrowser-1.79+dfsg/spectrum_dock.cpp:393:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[512]={""}; data/edfbrowser-1.79+dfsg/spectrum_dock.cpp:578:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[1024], data/edfbrowser-1.79+dfsg/spectrum_dock.cpp:603:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). outputfile = fopen(path, "wb"); data/edfbrowser-1.79+dfsg/spectrum_dock.cpp:691:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[2048]; data/edfbrowser-1.79+dfsg/spectrum_dock.cpp:738:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[600]; data/edfbrowser-1.79+dfsg/spectrum_dock.cpp:788:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[1024]; data/edfbrowser-1.79+dfsg/spectrum_dock.cpp:855:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[2048]; data/edfbrowser-1.79+dfsg/spectrum_dock.cpp:980:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[1024]; data/edfbrowser-1.79+dfsg/spectrum_dock.cpp:990:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char four[4]; data/edfbrowser-1.79+dfsg/spectrum_dock.cpp:1146:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(signalcomp->fidbuf[k], signalcomp->fidbuf2[k], fid_run_bufsize(signalcomp->fid_run[k])); data/edfbrowser-1.79+dfsg/spectrum_dock.h:191:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *viewbuf, data/edfbrowser-1.79+dfsg/spectrumanalyzer.cpp:45:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[2048]; data/edfbrowser-1.79+dfsg/spectrumanalyzer.cpp:552:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[1024], data/edfbrowser-1.79+dfsg/spectrumanalyzer.cpp:576:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). outputfile = fopen(path, "wb"); data/edfbrowser-1.79+dfsg/spectrumanalyzer.cpp:661:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[2048]; data/edfbrowser-1.79+dfsg/spectrumanalyzer.cpp:820:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char four[4]; data/edfbrowser-1.79+dfsg/spectrumanalyzer.cpp:922:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(signalcomp->fidbuf[k], signalcomp->fidbuf2[k], fid_run_bufsize(signalcomp->fid_run[k])); data/edfbrowser-1.79+dfsg/spectrumanalyzer.cpp:1244:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[4096]; data/edfbrowser-1.79+dfsg/spectrumanalyzer.h:156:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *viewbuf, data/edfbrowser-1.79+dfsg/spike_filter.c:283:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(settings, src, sizeof(struct spike_filter_settings)); data/edfbrowser-1.79+dfsg/statistics_dialog.cpp:60:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char stat_str[2048]={""}, data/edfbrowser-1.79+dfsg/third_party/fidlib/fidlib.c:305:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/edfbrowser-1.79+dfsg/third_party/fidlib/fidlib.c:321:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024], *rv; data/edfbrowser-1.79+dfsg/third_party/fidlib/fidlib.c:416:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(aa, bb, 2*sizeof(double)); // Assigning doubles is really slow data/edfbrowser-1.79+dfsg/third_party/fidlib/fidlib.c:715:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(p, q, len); data/edfbrowser-1.79+dfsg/third_party/fidlib/fidlib.c:921:19: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. bessel(order); memcpy(tmp, pol, order * sizeof(double)); data/edfbrowser-1.79+dfsg/third_party/fidlib/fidlib.c:1417:12: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p, "%d", sp.order); data/edfbrowser-1.79+dfsg/third_party/fidlib/fidlib.c:1420:12: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p, "%g", f0*rate); data/edfbrowser-1.79+dfsg/third_party/fidlib/fidlib.c:1423:12: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p, "%g-%g", f0*rate, f1*rate); data/edfbrowser-1.79+dfsg/third_party/fidlib/fidlib.c:1430:12: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf(p, "%g", *arg++); data/edfbrowser-1.79+dfsg/third_party/fidlib/fidlib.c:1591:19: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case 'o': p += sprintf(p, "<optional-order>"); break; data/edfbrowser-1.79+dfsg/third_party/fidlib/fidlib.c:1592:19: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case 'O': p += sprintf(p, "<order>"); break; data/edfbrowser-1.79+dfsg/third_party/fidlib/fidlib.c:1593:19: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case 'F': p += sprintf(p, "<freq>"); break; data/edfbrowser-1.79+dfsg/third_party/fidlib/fidlib.c:1594:19: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case 'R': p += sprintf(p, "<range>"); break; data/edfbrowser-1.79+dfsg/third_party/fidlib/fidlib.c:1595:19: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. case 'V': p += sprintf(p, "<value>"); break; data/edfbrowser-1.79+dfsg/third_party/fidlib/fidlib.c:1596:18: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. default: p += sprintf(p, "<%c>", str[-1]); break; data/edfbrowser-1.79+dfsg/third_party/fidlib/fidlib.c:1705:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[4096]; data/edfbrowser-1.79+dfsg/third_party/fidlib/fidlib.c:1721:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[4096]; data/edfbrowser-1.79+dfsg/third_party/fidlib/fidlib.c:1965:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[128]; data/edfbrowser-1.79+dfsg/third_party/fidlib/fidlib.c:1975:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(rv, spec, sp.minlen); data/edfbrowser-1.79+dfsg/third_party/fidlib/fidlib.c:1982:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(rv, spec, sp.minlen); data/edfbrowser-1.79+dfsg/third_party/fidlib/fidlib.c:2041:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ff->val, dp, len * sizeof(double)); data/edfbrowser-1.79+dfsg/third_party/fidlib/fidlib.c:2084:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst, ff0, cnt); data/edfbrowser-1.79+dfsg/third_party/fidlib/fidlib.c:2137:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf, p, len); data/edfbrowser-1.79+dfsg/third_party/fidlib/fidlib.c:2159:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[128]; data/edfbrowser-1.79+dfsg/third_party/fidlib/fidlib.c:2256:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(rvp, ff, len); rvp += len; data/edfbrowser-1.79+dfsg/third_party/fidlib/fidmkf.h:204:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char poltyp[MAXPZ]; // Pole value types: 1 real, 2 first of complex pair, 0 second data/edfbrowser-1.79+dfsg/third_party/fidlib/fidmkf.h:207:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char zertyp[MAXPZ]; data/edfbrowser-1.79+dfsg/third_party/fidlib/fidmkf.h:300:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pol, bessel_poles[order-1], n_pol * sizeof(double)); data/edfbrowser-1.79+dfsg/third_party/fidlib/fidmkf.h:773:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tmp1, val, 2*sizeof(double)); data/edfbrowser-1.79+dfsg/third_party/fidlib/fidmkf.h:774:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tmp2, val, 2*sizeof(double)); data/edfbrowser-1.79+dfsg/third_party/fidlib/fidmkf.h:775:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tmp3, val, 2*sizeof(double)); data/edfbrowser-1.79+dfsg/third_party/fidlib/fidmkf.h:776:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tmp4, val, 2*sizeof(double)); data/edfbrowser-1.79+dfsg/third_party/fidlib/fidmkf.h:815:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(zer, pol, 2*sizeof(double)); data/edfbrowser-1.79+dfsg/third_party/fidlib/fidrf_cmdlist.h:366:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(rr->coef, coef_tmp, coef_cnt*sizeof(double)); data/edfbrowser-1.79+dfsg/third_party/fidlib/fidrf_cmdlist.h:367:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(rr->cmd, cmd_tmp, cmd_cnt*sizeof(char)); data/edfbrowser-1.79+dfsg/third_party/kiss_fft/kiss_fft.c:378:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fout,tmpbuf,sizeof(kiss_fft_cpx)*st->nfft); data/edfbrowser-1.79+dfsg/unisens2edf.cpp:125:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAX_PATH_LENGTH], data/edfbrowser-1.79+dfsg/unisens2edf.cpp:206:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). starttime_fraction = atoi(str + 20); data/edfbrowser-1.79+dfsg/unisens2edf.cpp:796:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). tmp = atoi(linebuf); data/edfbrowser-1.79+dfsg/unisens2edf.cpp:1018:33: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(edf_set_startdatetime(hdl, atoi(str_timestampStart), atoi(str_timestampStart + 5), data/edfbrowser-1.79+dfsg/unisens2edf.cpp:1018:59: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if(edf_set_startdatetime(hdl, atoi(str_timestampStart), atoi(str_timestampStart + 5), data/edfbrowser-1.79+dfsg/unisens2edf.cpp:1019:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). atoi(str_timestampStart + 8), atoi(str_timestampStart + 11), data/edfbrowser-1.79+dfsg/unisens2edf.cpp:1019:57: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). atoi(str_timestampStart + 8), atoi(str_timestampStart + 11), data/edfbrowser-1.79+dfsg/unisens2edf.cpp:1020:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). atoi(str_timestampStart + 14), atoi(str_timestampStart + 17))) err = 1; data/edfbrowser-1.79+dfsg/unisens2edf.cpp:1020:58: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). atoi(str_timestampStart + 14), atoi(str_timestampStart + 17))) err = 1; data/edfbrowser-1.79+dfsg/unisens2edf.cpp:1115:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char four[4]; data/edfbrowser-1.79+dfsg/unisens2edf.cpp:1169:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). nedval_smpl[k] = atoi(linebuf); data/edfbrowser-1.79+dfsg/unisens2edf.cpp:1245:38: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). nedval_smpl[k] = atoi(linebuf); data/edfbrowser-1.79+dfsg/unisens2edf.cpp:1739:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char scratchpad[2048], data/edfbrowser-1.79+dfsg/unisens2edf.cpp:1816:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). onset = atoi(linebuf); data/edfbrowser-1.79+dfsg/unisens2edf.cpp:1892:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char scratchpad[2048], data/edfbrowser-1.79+dfsg/unisens2edf.cpp:1937:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[256], data/edfbrowser-1.79+dfsg/unisens2edf.cpp:1965:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). else adcres[file_nr] = atoi(str); data/edfbrowser-1.79+dfsg/unisens2edf.cpp:2349:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[256]; data/edfbrowser-1.79+dfsg/unisens2edf.cpp:2377:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). evt_sf[file_nr] = atoi(str); data/edfbrowser-1.79+dfsg/unisens2edf.h:84:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *recent_opendir, data/edfbrowser-1.79+dfsg/utc_date_time.h:52:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char month_str[4]; data/edfbrowser-1.79+dfsg/utils.c:460:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char *str, tmp_str[1024]; data/edfbrowser-1.79+dfsg/utils.c:719:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[4096]; data/edfbrowser-1.79+dfsg/utils.c:1496:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char scratchpad[4]; data/edfbrowser-1.79+dfsg/utils.c:1517:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char scratchpad[16]; data/edfbrowser-1.79+dfsg/utils.c:1537:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char scratchpad[16]; data/edfbrowser-1.79+dfsg/utils.c:1563:22: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. tmp = ((unsigned char *)str)[i] / 16; data/edfbrowser-1.79+dfsg/utils.c:1573:22: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. tmp = ((unsigned char *)str)[i] % 16; data/edfbrowser-1.79+dfsg/utils.c:1598:21: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. if(((unsigned char *)str)[i] & (1<<(7-j))) data/edfbrowser-1.79+dfsg/utils.c:1619:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char scratchpad[4]; data/edfbrowser-1.79+dfsg/utils.c:1957:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *ptr, data/edfbrowser-1.79+dfsg/utils.c:1973:11: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). val = atoi(ptr) << 24; data/edfbrowser-1.79+dfsg/utils.c:1984:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). val += atoi(ptr) << (16 - (i * 8)); data/edfbrowser-1.79+dfsg/utils.c:2029:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char four[4]; data/edfbrowser-1.79+dfsg/utils.c:2034:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char base64[256]={ data/edfbrowser-1.79+dfsg/utils.c:2193:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst, src, srclen); data/edfbrowser-1.79+dfsg/utils.c:2216:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst + dstlen, src, srclen); data/edfbrowser-1.79+dfsg/videoplayer.cpp:46:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[4096]={""}; data/edfbrowser-1.79+dfsg/videoplayer.cpp:323:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). debug_vpr = fopen("debug_vpr.txt", "wb"); data/edfbrowser-1.79+dfsg/videoplayer.cpp:360:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[4096]; data/edfbrowser-1.79+dfsg/videoplayer.cpp:494:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). vpos = atoi(buf + p); data/edfbrowser-1.79+dfsg/videoplayer.cpp:541:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[512]; data/edfbrowser-1.79+dfsg/videoplayer.cpp:565:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[512]; data/edfbrowser-1.79+dfsg/videoplayer.cpp:589:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[512]; data/edfbrowser-1.79+dfsg/videoplayer.cpp:730:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[2048], data/edfbrowser-1.79+dfsg/videoplayer.cpp:750:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[2048], data/edfbrowser-1.79+dfsg/view_montage_dialog.cpp:113:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char result[XML_STRBUFLEN]="", data/edfbrowser-1.79+dfsg/view_montage_dialog.cpp:197:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). signal_cnt = atoi(result); data/edfbrowser-1.79+dfsg/view_montage_dialog.cpp:238:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). screen_offset = atoi(result); data/edfbrowser-1.79+dfsg/view_montage_dialog.cpp:250:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). polarity = atoi(result); data/edfbrowser-1.79+dfsg/view_montage_dialog.cpp:272:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). color = atoi(result); data/edfbrowser-1.79+dfsg/view_montage_dialog.cpp:284:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). spike_filter_cnt = atoi(result); data/edfbrowser-1.79+dfsg/view_montage_dialog.cpp:297:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). filter_cnt = atoi(result); data/edfbrowser-1.79+dfsg/view_montage_dialog.cpp:310:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). ravg_filter_cnt = atoi(result); data/edfbrowser-1.79+dfsg/view_montage_dialog.cpp:323:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). fidfilter_cnt = atoi(result); data/edfbrowser-1.79+dfsg/view_montage_dialog.cpp:529:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). holdoff = atoi(result); data/edfbrowser-1.79+dfsg/view_montage_dialog.cpp:569:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). islpf = atoi(result); data/edfbrowser-1.79+dfsg/view_montage_dialog.cpp:629:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). type = atoi(result); data/edfbrowser-1.79+dfsg/view_montage_dialog.cpp:646:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). size = atoi(result); data/edfbrowser-1.79+dfsg/view_montage_dialog.cpp:688:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). type = atoi(result); data/edfbrowser-1.79+dfsg/view_montage_dialog.cpp:756:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). order = atoi(result); data/edfbrowser-1.79+dfsg/view_montage_dialog.cpp:773:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). model = atoi(result); data/edfbrowser-1.79+dfsg/view_montage_dialog.cpp:876:33: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). plif_powerlinefrequency = atoi(result); data/edfbrowser-1.79+dfsg/view_montage_dialog.cpp:902:31: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). plif_linear_threshold = atoi(result); data/edfbrowser-1.79+dfsg/view_montage_dialog.cpp:936:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). n_taps = atoi(result); data/edfbrowser-1.79+dfsg/view_montage_dialog.cpp:1001:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). type = atoi(result); data/edfbrowser-1.79+dfsg/view_montage_dialog.cpp:1030:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). type = atoi(result); data/edfbrowser-1.79+dfsg/view_montage_dialog.h:95:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mtg_path[MAX_PATH_LENGTH], data/edfbrowser-1.79+dfsg/viewbuf.cpp:54:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char four[4]; data/edfbrowser-1.79+dfsg/viewbuf.cpp:489:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(signalcomp[i]->fidbuf2[j], signalcomp[i]->fidbuf[j], fid_run_bufsize(signalcomp[i]->fid_run[j])); data/edfbrowser-1.79+dfsg/viewcurve.cpp:1074:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAX_PATH_LENGTH]; data/edfbrowser-1.79+dfsg/viewcurve.cpp:1180:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAX_PATH_LENGTH]; data/edfbrowser-1.79+dfsg/viewcurve.cpp:1300:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAX_PATH_LENGTH]; data/edfbrowser-1.79+dfsg/viewcurve.cpp:1419:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAX_PATH_LENGTH], data/edfbrowser-1.79+dfsg/viewcurve.cpp:1535:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *viewbuf, data/edfbrowser-1.79+dfsg/viewcurve.cpp:2595:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char four[4]; data/edfbrowser-1.79+dfsg/viewcurve.cpp:2858:15: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(signalcomp[i]->fidbuf2[k], signalcomp[i]->fidbuf[k], fid_run_bufsize(signalcomp[i]->fid_run[k])); data/edfbrowser-1.79+dfsg/viewcurve.cpp:2862:15: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(signalcomp[i]->fidbuf[k], signalcomp[i]->fidbuf2[k], fid_run_bufsize(signalcomp[i]->fid_run[k])); data/edfbrowser-1.79+dfsg/viewcurve.cpp:3204:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char four[4]; data/edfbrowser-1.79+dfsg/viewcurve.cpp:3366:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(signalcomp->fidbuf2[k], signalcomp->fidbuf[k], fid_run_bufsize(signalcomp->fid_run[k])); data/edfbrowser-1.79+dfsg/viewcurve.cpp:3370:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(signalcomp->fidbuf[k], signalcomp->fidbuf2[k], fid_run_bufsize(signalcomp->fid_run[k])); data/edfbrowser-1.79+dfsg/viewcurve.cpp:3655:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[32]={""}; data/edfbrowser-1.79+dfsg/viewcurve.cpp:3846:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[32]={""}; data/edfbrowser-1.79+dfsg/viewcurve.cpp:3958:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[32]={""}; data/edfbrowser-1.79+dfsg/viewcurve.cpp:4801:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str_hz[7][16]={" 9", "10", "11", "12", "13", "14", "15"}; data/edfbrowser-1.79+dfsg/viewcurve.cpp:4803:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str_uv[5][16]={"200", "150", "100", "50", "0"}; data/edfbrowser-1.79+dfsg/viewcurve.cpp:4805:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str_s[4][16]={"1.00", "0.75", "0.50", "0.25"}; data/edfbrowser-1.79+dfsg/wav2edf.cpp:129:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char path[MAX_PATH_LENGTH], data/edfbrowser-1.79+dfsg/wav2edf.cpp:144:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char four[4]; data/edfbrowser-1.79+dfsg/xml.c:482:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char scratchpad[4096]; data/edfbrowser-1.79+dfsg/xml.c:489:20: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). handle_p->file = fopen(filename, "rb"); data/edfbrowser-1.79+dfsg/xml.c:1170:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char circ_buf[16]; data/edfbrowser-1.79+dfsg/xml.h:63:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *elementname[XML_MAX_ED]; data/edfbrowser-1.79+dfsg/xml.h:65:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *attributes[XML_MAX_ED]; data/edfbrowser-1.79+dfsg/xml.h:69:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *content[XML_MAX_ED]; data/edfbrowser-1.79+dfsg/z_ratio_filter.c:204:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(settings->fft_inputbuf_bu, settings->fft_inputbuf, settings->dftblocksize); data/edfbrowser-1.79+dfsg/z_ratio_filter.c:212:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(settings->fft_inputbuf, settings->fft_inputbuf_bu, settings->dftblocksize); data/edfbrowser-1.79+dfsg/z_score_dialog.cpp:694:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fft_inputbuf + smpls_in_inputbuf, buf, smpls * sizeof(double)); data/edfbrowser-1.79+dfsg/z_score_dialog.cpp:721:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fft_inputbuf + smpls_in_inputbuf, buf + smpls_copied, (dftblocksize - smpls_in_inputbuf) * sizeof(double)); data/edfbrowser-1.79+dfsg/z_score_dialog.cpp:1055:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[1024]; data/edfbrowser-1.79+dfsg/about_dialog.cpp:41:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(str + strlen(str), 512, "\n CPU-cores detected on this system: %i", mainwindow->maincurve->cpu_cnt); data/edfbrowser-1.79+dfsg/adjustfiltersettings.cpp:260:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(txtbuf + strlen(txtbuf), 2048, " %f", frequency1); data/edfbrowser-1.79+dfsg/annotations_dock.cpp:494:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(filter_str); data/edfbrowser-1.79+dfsg/annotations_dock.cpp:516:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n = strlen(annot->description) - len + 1; data/edfbrowser-1.79+dfsg/annotations_dock.cpp:545:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n = strlen(annot->description) - len + 1; data/edfbrowser-1.79+dfsg/annotations_dock.cpp:1032:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(str + strlen(str), (MAX_ANNOTATION_LEN + 32) / 2, "\nduration: %s",annot->duration); data/edfbrowser-1.79+dfsg/ascii2edf.cpp:331:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(!(strlen(PatientnameLineEdit->text().toLatin1().data()))) data/edfbrowser-1.79+dfsg/ascii2edf.cpp:339:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(!(strlen(RecordingLineEdit->text().toLatin1().data()))) data/edfbrowser-1.79+dfsg/ascii2edf.cpp:374:12: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). temp = fgetc(inputfile); data/edfbrowser-1.79+dfsg/ascii2edf.cpp:401:12: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). temp = fgetc(inputfile); data/edfbrowser-1.79+dfsg/ascii2edf.cpp:489:14: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). temp = fgetc(inputfile); data/edfbrowser-1.79+dfsg/ascii2edf.cpp:560:16: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(fgetc(inputfile) == EOF) data/edfbrowser-1.79+dfsg/ascii2edf.cpp:663:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(outputfilename); data/edfbrowser-1.79+dfsg/ascii2edf.cpp:965:12: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). temp = fgetc(inputfile); data/edfbrowser-1.79+dfsg/ascii2edf.cpp:1036:14: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(fgetc(inputfile) == EOF) data/edfbrowser-1.79+dfsg/ascii2edf.cpp:1349:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(result)!=1) data/edfbrowser-1.79+dfsg/ascii2edf.cpp:1630:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(str)!=1) data/edfbrowser-1.79+dfsg/ascii2edf.cpp:1697:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(str); data/edfbrowser-1.79+dfsg/ascii_export.cpp:167:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(path); data/edfbrowser-1.79+dfsg/ascii_export.cpp:190:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(!(strcmp(path + strlen(path) - 9, "_data.txt"))) data/edfbrowser-1.79+dfsg/ascii_export.cpp:192:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). path[strlen(path) - 9] = 0; data/edfbrowser-1.79+dfsg/ascii_export.cpp:247:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, edf_hdr + 0xec, 8); data/edfbrowser-1.79+dfsg/ascii_export.cpp:251:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, edf_hdr + 0xf4, 8); data/edfbrowser-1.79+dfsg/ascii_export.cpp:318:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, edf_hdr + 256 + edfsignals * 216 + i * 8, 8); data/edfbrowser-1.79+dfsg/ascii_export.cpp:323:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, edf_hdr + 256 + edfsignals * 104 + i * 8, 8); data/edfbrowser-1.79+dfsg/ascii_export.cpp:326:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, edf_hdr + 256 + edfsignals * 112 + i * 8, 8); data/edfbrowser-1.79+dfsg/ascii_export.cpp:329:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, edf_hdr + 256 + edfsignals * 120 + i * 8, 8); data/edfbrowser-1.79+dfsg/ascii_export.cpp:332:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, edf_hdr + 256 + edfsignals * 128 + i * 8, 8); data/edfbrowser-1.79+dfsg/averager_curve_wnd.cpp:247:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). get_filename_from_path(path + strlen(path), signalcomp->edfhdr->filename, 512); data/edfbrowser-1.79+dfsg/averager_curve_wnd.cpp:249:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(path + strlen(path), MAX_PATH_LENGTH - strlen(path), " averaging %s %i triggers [%s]", data/edfbrowser-1.79+dfsg/averager_curve_wnd.cpp:249:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(path + strlen(path), MAX_PATH_LENGTH - strlen(path), " averaging %s %i triggers [%s]", data/edfbrowser-1.79+dfsg/averager_curve_wnd.cpp:358:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p = strlen(str); data/edfbrowser-1.79+dfsg/averager_curve_wnd.cpp:375:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p = strlen(str); data/edfbrowser-1.79+dfsg/averager_curve_wnd.cpp:392:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p = strlen(str); data/edfbrowser-1.79+dfsg/bdf2edf.cpp:451:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(outputpath); data/edfbrowser-1.79+dfsg/bdf2edf.cpp:611:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for(j=strlen(scratchpad); j<200; j++) data/edfbrowser-1.79+dfsg/bi9800.cpp:153:13: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). tmp = fgetc(evtfile); data/edfbrowser-1.79+dfsg/bi9800.cpp:194:7: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(modelnumber_str, str + 13, 8); data/edfbrowser-1.79+dfsg/bi9800.cpp:212:7: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(str2, str + 12, 10); data/edfbrowser-1.79+dfsg/bi9800.cpp:235:7: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(str2, str + 12, 10); data/edfbrowser-1.79+dfsg/bi9800.cpp:258:7: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(str2, str + 13, 10); data/edfbrowser-1.79+dfsg/bi9800.cpp:448:13: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). tmp = fgetc(evtfile); data/edfbrowser-1.79+dfsg/bi9800.cpp:480:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(str) > 9) data/edfbrowser-1.79+dfsg/check_edf_file.cpp:75:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, edf_hdr, 8); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:131:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(edfhdr->version, edf_hdr, 8); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:137:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, edf_hdr + 8, 80); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:152:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(edfhdr->patient, edf_hdr + 8, 80); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:157:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, edf_hdr + 88, 80); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:172:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(edfhdr->recording, edf_hdr + 88, 80); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:177:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, edf_hdr + 168, 8); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:208:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, edf_hdr + 168, 8); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:226:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, edf_hdr + 168, 8); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:237:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, edf_hdr + 168, 8); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:261:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, edf_hdr + 176, 8); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:293:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, edf_hdr + 176, 8); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:297:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, edf_hdr + 176, 8); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:313:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, edf_hdr + 176, 8); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:325:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, edf_hdr + 176, 8); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:337:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, edf_hdr + 176, 8); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:361:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, edf_hdr + 252, 4); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:405:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, edf_hdr + 184, 8); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:444:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, edf_hdr + 192, 44); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:487:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(edfhdr->reserved, edf_hdr + 192, 44); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:492:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, edf_hdr + 236, 8); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:539:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, edf_hdr + 244, 8); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:610:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, edf_hdr + 256 + (i * 16), 16); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:643:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(edfhdr->edfparam[i].label, edf_hdr + 256 + (i * 16), 16); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:678:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, edf_hdr + 256 + (edfhdr->edfsignals * 16) + (i * 80), 80); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:693:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(edfhdr->edfparam[i].transducer, edf_hdr + 256 + (edfhdr->edfsignals * 16) + (i * 80), 80); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:738:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, edf_hdr + 256 + (edfhdr->edfsignals * 96) + (i * 8), 8); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:753:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(edfhdr->edfparam[i].physdimension, edf_hdr + 256 + (edfhdr->edfsignals * 96) + (i * 8), 8); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:761:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, edf_hdr + 256 + (edfhdr->edfsignals * 104) + (i * 8), 8); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:797:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, edf_hdr + 256 + (edfhdr->edfsignals * 112) + (i * 8), 8); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:842:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, edf_hdr + 256 + (edfhdr->edfsignals * 120) + (i * 8), 8); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:941:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, edf_hdr + 256 + (edfhdr->edfsignals * 128) + (i * 8), 8); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:1050:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, edf_hdr + 256 + (edfhdr->edfsignals * 136) + (i * 80), 80); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:1065:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(edfhdr->edfparam[i].prefilter, edf_hdr + 256 + (edfhdr->edfsignals * 136) + (i * 80), 80); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:1112:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, edf_hdr + 256 + (edfhdr->edfsignals * 216) + (i * 8), 8); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:1201:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, edf_hdr + 256 + (edfhdr->edfsignals * 224) + (i * 32), 32); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:1215:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(edfhdr->edfparam[i].reserved, edf_hdr + 256 + (edfhdr->edfsignals * 224) + (i * 32), 32); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:1225:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, edf_hdr + 8, 80); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:1254:7: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad2, scratchpad + dotposition, 11); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:1392:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, edf_hdr + 88, 80); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:1406:7: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad2, scratchpad + 10, 11); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:1477:7: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, edf_hdr + 168, 8); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:1677:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). l = strlen(str); data/edfbrowser-1.79+dfsg/check_edf_file.cpp:1724:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). l = strlen(str); data/edfbrowser-1.79+dfsg/check_for_updates.cpp:87:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). n = reply->read(buf, 100); data/edfbrowser-1.79+dfsg/date_time_stamp_parser.c:48:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(src); data/edfbrowser-1.79+dfsg/date_time_stamp_parser.c:54:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(str); data/edfbrowser-1.79+dfsg/ecg_export.cpp:278:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(annotation.description, mainwindow->ecg_qrs_rpeak_descr, MAX_ANNOTATION_LEN); data/edfbrowser-1.79+dfsg/ecg_export.cpp:345:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(path); data/edfbrowser-1.79+dfsg/edf_annot_list.c:478:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(annot->description); data/edfbrowser-1.79+dfsg/edf_annot_list.c:485:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(annot->duration); data/edfbrowser-1.79+dfsg/edf_annot_list.c:527:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(str); data/edfbrowser-1.79+dfsg/edf_annotations.cpp:598:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). l = strlen(str); data/edfbrowser-1.79+dfsg/edf_annotations.cpp:626:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). l = strlen(str); data/edfbrowser-1.79+dfsg/edf_annotations.cpp:668:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(str); data/edfbrowser-1.79+dfsg/edf_annotations.cpp:719:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(str) < 29) return 1; data/edfbrowser-1.79+dfsg/edf_compat.cpp:575:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(txt_string); data/edfbrowser-1.79+dfsg/edf_compat.cpp:634:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). l = strlen(str); data/edfbrowser-1.79+dfsg/edf_compat.cpp:662:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). l = strlen(str); data/edfbrowser-1.79+dfsg/edf_compat.cpp:692:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). l = strlen(str); data/edfbrowser-1.79+dfsg/edf_compat.cpp:739:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). l = strlen(str); data/edfbrowser-1.79+dfsg/edfplusd_cnv.cpp:258:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(output_path + strlen(output_path), MAX_PATH_LENGTH, "_%04i.edf", file_number); data/edfbrowser-1.79+dfsg/edfplusd_cnv.cpp:262:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(output_path + strlen(output_path), MAX_PATH_LENGTH, "_%04i.bdf", file_number); data/edfbrowser-1.79+dfsg/edfplusd_cnv.cpp:266:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(txt_string); data/edfbrowser-1.79+dfsg/edfplusd_cnv.cpp:403:16: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(fgetc(outputfile)==0) break; data/edfbrowser-1.79+dfsg/edfplusd_cnv.cpp:416:19: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while(fgetc(outputfile)=='0') data/edfbrowser-1.79+dfsg/edfplusd_cnv.cpp:477:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(output_path + strlen(output_path), MAX_PATH_LENGTH - strlen(output_path), "_%04i.edf", file_number); data/edfbrowser-1.79+dfsg/edfplusd_cnv.cpp:477:71: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(output_path + strlen(output_path), MAX_PATH_LENGTH - strlen(output_path), "_%04i.edf", file_number); data/edfbrowser-1.79+dfsg/edfplusd_cnv.cpp:481:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(output_path + strlen(output_path), MAX_PATH_LENGTH - strlen(output_path), "_%04i.bdf", file_number); data/edfbrowser-1.79+dfsg/edfplusd_cnv.cpp:481:71: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(output_path + strlen(output_path), MAX_PATH_LENGTH - strlen(output_path), "_%04i.bdf", file_number); data/edfbrowser-1.79+dfsg/edfplusd_cnv.cpp:485:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(txt_string); data/edfbrowser-1.79+dfsg/edfplusd_cnv.cpp:576:12: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(fgetc(outputfile)==0) break; data/edfbrowser-1.79+dfsg/edfplusd_cnv.cpp:589:15: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while(fgetc(outputfile)=='0') data/edfbrowser-1.79+dfsg/edfplusd_cnv.cpp:659:6: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(fgetc(outputfile) != 'X') data/edfbrowser-1.79+dfsg/edit_annotation_dock.cpp:206:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(annot->description, annot_descript_lineEdit->text().toUtf8().data(), MAX_ANNOTATION_LEN); data/edfbrowser-1.79+dfsg/edit_annotation_dock.cpp:303:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(annotation.description, annot_descript_lineEdit->text().toUtf8().data(), MAX_ANNOTATION_LEN); data/edfbrowser-1.79+dfsg/edit_annotation_dock.cpp:431:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(annot->duration)) data/edfbrowser-1.79+dfsg/edit_annotation_dock.cpp:490:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(annot->duration)) data/edfbrowser-1.79+dfsg/emsa2edf.cpp:187:14: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). channels = fgetc(inputfile); data/edfbrowser-1.79+dfsg/emsa2edf.cpp:214:27: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). samplefrequency = 256 * fgetc(inputfile); data/edfbrowser-1.79+dfsg/emsa2edf.cpp:216:22: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). samplefrequency += fgetc(inputfile); data/edfbrowser-1.79+dfsg/emsa2edf.cpp:414:12: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). seq_nr = fgetc(inputfile); data/edfbrowser-1.79+dfsg/emsa2edf.cpp:424:12: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). gender = fgetc(inputfile); data/edfbrowser-1.79+dfsg/emsa2edf.cpp:430:9: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). len = fgetc(inputfile); data/edfbrowser-1.79+dfsg/emsa2edf.cpp:645:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(logbuf[i].description); data/edfbrowser-1.79+dfsg/emsa2edf.cpp:788:9: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if((fgetc(inputfile)=='E')&&(len<13)) data/edfbrowser-1.79+dfsg/emsa2edf.cpp:915:47: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). buf[j+(k*raster)+(i*record_size)] = fgetc(inputfile); data/edfbrowser-1.79+dfsg/emsa2edf.cpp:916:49: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). buf[j+(k*raster)+(i*record_size)+1] = fgetc(inputfile); data/edfbrowser-1.79+dfsg/emsa2edf.cpp:998:9: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). len = fgetc(file); data/edfbrowser-1.79+dfsg/export_annotations.cpp:360:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(path); data/edfbrowser-1.79+dfsg/export_annotations.cpp:456:7: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(str, annot->description, 1024); data/edfbrowser-1.79+dfsg/export_annotations.cpp:460:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(str); data/edfbrowser-1.79+dfsg/export_annotations.cpp:760:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(str); data/edfbrowser-1.79+dfsg/export_filtered_signals.cpp:652:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(outputpath); data/edfbrowser-1.79+dfsg/export_filtered_signals.cpp:871:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for(p = strlen(scratchpad) - 1; p>=0; p--) data/edfbrowser-1.79+dfsg/export_filtered_signals.cpp:900:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p = strlen(scratchpad); data/edfbrowser-1.79+dfsg/export_filtered_signals.cpp:946:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p = strlen(scratchpad); data/edfbrowser-1.79+dfsg/export_filtered_signals.cpp:963:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p = strlen(scratchpad); data/edfbrowser-1.79+dfsg/export_filtered_signals.cpp:980:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p = strlen(scratchpad); data/edfbrowser-1.79+dfsg/export_filtered_signals.cpp:1300:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(txtbuf + strlen(txtbuf), 2048 - strlen(txtbuf), "%sx %s", data/edfbrowser-1.79+dfsg/export_filtered_signals.cpp:1300:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(txtbuf + strlen(txtbuf), 2048 - strlen(txtbuf), "%sx %s", data/edfbrowser-1.79+dfsg/export_filtered_signals.cpp:1363:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(txtbuf + strlen(txtbuf), 2048 - strlen(txtbuf), " %s/0.5mSec. Hold-off: %i mSec.", data/edfbrowser-1.79+dfsg/export_filtered_signals.cpp:1363:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(txtbuf + strlen(txtbuf), 2048 - strlen(txtbuf), " %s/0.5mSec. Hold-off: %i mSec.", data/edfbrowser-1.79+dfsg/fino2edf.cpp:137:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(!(strlen(PatientnameLineEdit->text().toLatin1().data()))) data/edfbrowser-1.79+dfsg/fino2edf.cpp:145:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(!(strlen(RecordingLineEdit->text().toLatin1().data()))) data/edfbrowser-1.79+dfsg/fino2edf.cpp:197:12: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). temp = fgetc(inputfile); data/edfbrowser-1.79+dfsg/fino2edf.cpp:235:12: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). temp = fgetc(inputfile); data/edfbrowser-1.79+dfsg/fino2edf.cpp:256:12: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). temp = fgetc(inputfile); data/edfbrowser-1.79+dfsg/fino2edf.cpp:608:12: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). temp = fgetc(inputfile); data/edfbrowser-1.79+dfsg/fino2edf.cpp:641:12: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). temp = fgetc(inputfile); data/edfbrowser-1.79+dfsg/fir_filter_dialog.cpp:153:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(textbuf, textEdit->toPlainText().toLatin1().data(), FIR_FILTER_MAX_BUFSZ); data/edfbrowser-1.79+dfsg/fir_filter_dialog.cpp:155:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(textbuf); data/edfbrowser-1.79+dfsg/fma_ecg2edf.cpp:155:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(!(strlen(PatientnameLineEdit->text().toLatin1().data()))) data/edfbrowser-1.79+dfsg/fma_ecg2edf.cpp:163:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(!(strlen(RecordingLineEdit->text().toLatin1().data()))) data/edfbrowser-1.79+dfsg/header_editor.cpp:535:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, hdr + 8, 80); data/edfbrowser-1.79+dfsg/header_editor.cpp:811:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, hdr + 8, 80); data/edfbrowser-1.79+dfsg/header_editor.cpp:816:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, hdr + 88, 80); data/edfbrowser-1.79+dfsg/header_editor.cpp:832:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, hdr + 256 + (i * 16), 16); data/edfbrowser-1.79+dfsg/header_editor.cpp:839:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, hdr + 256 + (edfsignals * 96) + (i * 8), 8); data/edfbrowser-1.79+dfsg/header_editor.cpp:846:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, hdr + 256 + (edfsignals * 136) + (i * 80), 80); data/edfbrowser-1.79+dfsg/header_editor.cpp:853:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, hdr + 256 + (edfsignals * 16) + (i * 80), 80); data/edfbrowser-1.79+dfsg/header_editor.cpp:860:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, hdr + 256 + (edfsignals * 216) + (i * 8), 8); data/edfbrowser-1.79+dfsg/header_editor.cpp:956:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(lineEdit3->text().toLatin1().data()); // patient code data/edfbrowser-1.79+dfsg/header_editor.cpp:966:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(!strlen(scratchpad)) data/edfbrowser-1.79+dfsg/header_editor.cpp:1030:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(lineEdit4->text().toLatin1().data()); // patient name data/edfbrowser-1.79+dfsg/header_editor.cpp:1040:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(!strlen(scratchpad)) data/edfbrowser-1.79+dfsg/header_editor.cpp:1052:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(lineEdit5->text().toLatin1().data()); // additional info data/edfbrowser-1.79+dfsg/header_editor.cpp:1112:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(lineEdit6->text().toLatin1().data()); // administration code data/edfbrowser-1.79+dfsg/header_editor.cpp:1122:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(!strlen(scratchpad)) data/edfbrowser-1.79+dfsg/header_editor.cpp:1134:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(lineEdit7->text().toLatin1().data()); // technician data/edfbrowser-1.79+dfsg/header_editor.cpp:1144:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(!strlen(scratchpad)) data/edfbrowser-1.79+dfsg/header_editor.cpp:1156:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(lineEdit8->text().toLatin1().data()); // device data/edfbrowser-1.79+dfsg/header_editor.cpp:1166:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(!strlen(scratchpad)) data/edfbrowser-1.79+dfsg/header_editor.cpp:1178:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(lineEdit9->text().toLatin1().data()); // additional info data/edfbrowser-1.79+dfsg/header_editor.cpp:1200:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for(j=strlen(scratchpad); j<80; j++) data/edfbrowser-1.79+dfsg/header_editor.cpp:1210:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for(j=strlen(scratchpad); j<80; j++) data/edfbrowser-1.79+dfsg/header_editor.cpp:1309:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for(j=strlen(scratchpad); j<16; j++) data/edfbrowser-1.79+dfsg/header_editor.cpp:1319:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for(j=strlen(scratchpad); j<8; j++) data/edfbrowser-1.79+dfsg/header_editor.cpp:1329:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for(j=strlen(scratchpad); j<80; j++) data/edfbrowser-1.79+dfsg/header_editor.cpp:1339:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for(j=strlen(scratchpad); j<80; j++) data/edfbrowser-1.79+dfsg/header_editor.cpp:1498:7: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad2, hdr + 256 + (edfsignals * 112) + (i * 8), 8); // physical maximum data/edfbrowser-1.79+dfsg/header_editor.cpp:1629:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(lineEdit3->text().toLatin1().data()); data/edfbrowser-1.79+dfsg/header_editor.cpp:1635:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(lineEdit4->text().toLatin1().data()); data/edfbrowser-1.79+dfsg/header_editor.cpp:1641:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(lineEdit5->text().toLatin1().data()); data/edfbrowser-1.79+dfsg/header_editor.cpp:1649:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). lineEdit3->setMaxLength(strlen(lineEdit3->text().toLatin1().data())); data/edfbrowser-1.79+dfsg/header_editor.cpp:1650:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). lineEdit4->setMaxLength(strlen(lineEdit4->text().toLatin1().data())); data/edfbrowser-1.79+dfsg/header_editor.cpp:1651:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). lineEdit5->setMaxLength(strlen(lineEdit5->text().toLatin1().data())); data/edfbrowser-1.79+dfsg/header_editor.cpp:1696:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(lineEdit6->text().toLatin1().data()); data/edfbrowser-1.79+dfsg/header_editor.cpp:1702:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(lineEdit7->text().toLatin1().data()); data/edfbrowser-1.79+dfsg/header_editor.cpp:1708:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(lineEdit8->text().toLatin1().data()); data/edfbrowser-1.79+dfsg/header_editor.cpp:1714:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(lineEdit9->text().toLatin1().data()); data/edfbrowser-1.79+dfsg/header_editor.cpp:1722:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). lineEdit6->setMaxLength(strlen(lineEdit6->text().toLatin1().data())); data/edfbrowser-1.79+dfsg/header_editor.cpp:1723:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). lineEdit7->setMaxLength(strlen(lineEdit7->text().toLatin1().data())); data/edfbrowser-1.79+dfsg/header_editor.cpp:1724:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). lineEdit8->setMaxLength(strlen(lineEdit8->text().toLatin1().data())); data/edfbrowser-1.79+dfsg/header_editor.cpp:1725:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). lineEdit9->setMaxLength(strlen(lineEdit9->text().toLatin1().data())); data/edfbrowser-1.79+dfsg/import_annotations.cpp:606:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(str + strlen(str), 4096 - strlen(str)," %i,", mal_formatted_line_nrs[i]); data/edfbrowser-1.79+dfsg/import_annotations.cpp:606:44: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(str + strlen(str), 4096 - strlen(str)," %i,", mal_formatted_line_nrs[i]); data/edfbrowser-1.79+dfsg/import_annotations.cpp:785:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(annotation.description, aux_str, MAX_ANNOTATION_LEN); data/edfbrowser-1.79+dfsg/import_annotations.cpp:818:17: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(annotation.description, annotdescrlist[annot_code], MAX_ANNOTATION_LEN); data/edfbrowser-1.79+dfsg/import_annotations.cpp:822:17: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(annotation.description, "user-defined", MAX_ANNOTATION_LEN); data/edfbrowser-1.79+dfsg/import_annotations.cpp:966:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(result) > 17) data/edfbrowser-1.79+dfsg/import_annotations.cpp:980:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(result) > 19) data/edfbrowser-1.79+dfsg/import_annotations.cpp:1062:7: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(annotation.description, result, MAX_ANNOTATION_LEN); data/edfbrowser-1.79+dfsg/import_annotations.cpp:1151:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(str)!=1) data/edfbrowser-1.79+dfsg/import_annotations.cpp:1301:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(line); data/edfbrowser-1.79+dfsg/import_annotations.cpp:1337:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(!strlen(charpntr)) continue; data/edfbrowser-1.79+dfsg/import_annotations.cpp:1348:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(!strlen(charpntr)) continue; data/edfbrowser-1.79+dfsg/import_annotations.cpp:1352:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(description, charpntr, max_descr_length); data/edfbrowser-1.79+dfsg/import_annotations.cpp:1362:15: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(duration, charpntr, 15); data/edfbrowser-1.79+dfsg/import_annotations.cpp:1377:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(annotation.description, description, MAX_ANNOTATION_LEN); data/edfbrowser-1.79+dfsg/import_annotations.cpp:1817:19: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(annotation.description, scratchpad, MAX_ANNOTATION_LEN); data/edfbrowser-1.79+dfsg/import_annotations.cpp:1926:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, str, 30); data/edfbrowser-1.79+dfsg/import_annotations.cpp:1941:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(scratchpad) > 6) data/edfbrowser-1.79+dfsg/import_annotations.cpp:1962:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(scratchpad) > 5) data/edfbrowser-1.79+dfsg/import_annotations.cpp:1987:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(scratchpad) > 8) data/edfbrowser-1.79+dfsg/import_annotations.cpp:2024:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(scratchpad) > 7) data/edfbrowser-1.79+dfsg/import_annotations.cpp:2065:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(scratchpad) > 17) data/edfbrowser-1.79+dfsg/import_annotations.cpp:2089:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(scratchpad) > 19) data/edfbrowser-1.79+dfsg/ishne2edf.cpp:427:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(tmp_str, hdr + 28, 40); data/edfbrowser-1.79+dfsg/ishne2edf.cpp:433:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, hdr + 68, 40); data/edfbrowser-1.79+dfsg/ishne2edf.cpp:441:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(tmp_str)) data/edfbrowser-1.79+dfsg/ishne2edf.cpp:450:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(tmp_str, hdr + 108, 20); data/edfbrowser-1.79+dfsg/ishne2edf.cpp:455:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(tmp_str)) data/edfbrowser-1.79+dfsg/ishne2edf.cpp:490:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(tmp_str, hdr + 232, 40); data/edfbrowser-1.79+dfsg/ishne2edf.cpp:495:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(tmp_str)) data/edfbrowser-1.79+dfsg/load_montage_dialog.cpp:420:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(newsignalcomp->alias, result, 16); data/edfbrowser-1.79+dfsg/load_montage_dialog.cpp:422:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). latin1_to_ascii(newsignalcomp->alias, strlen(newsignalcomp->alias)); data/edfbrowser-1.79+dfsg/load_montage_dialog.cpp:793:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). newsignalcomp->signallabellen = strlen(newsignalcomp->signallabel); data/edfbrowser-1.79+dfsg/load_montage_dialog.cpp:1650:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). newsignalcomp->signallabellen = strlen(newsignalcomp->signallabel); data/edfbrowser-1.79+dfsg/load_montage_dialog.cpp:1733:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). newsignalcomp->signallabellen = strlen(newsignalcomp->signallabel); data/edfbrowser-1.79+dfsg/load_montage_dialog.cpp:2333:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(label); data/edfbrowser-1.79+dfsg/mainwindow.cpp:311:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(f_path); data/edfbrowser-1.79+dfsg/mainwindow.cpp:1666:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(path); data/edfbrowser-1.79+dfsg/mainwindow.cpp:1952:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(str); data/edfbrowser-1.79+dfsg/mainwindow.cpp:3703:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(str); data/edfbrowser-1.79+dfsg/mainwindow_constr.cpp:1119:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if((strlen(tmp_str) > 2) && (!strncmp(tmp_str, "--", 2))) data/edfbrowser-1.79+dfsg/mainwindow_constr.cpp:1198:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(v_str, qVersion(), 32); data/edfbrowser-1.79+dfsg/manscan2edf.cpp:322:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(edf_filename + strlen(edf_filename), MAX_PATH_LENGTH - strlen(edf_filename), "_%02i", segment_cnt + 1); data/edfbrowser-1.79+dfsg/manscan2edf.cpp:322:71: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(edf_filename + strlen(edf_filename), MAX_PATH_LENGTH - strlen(edf_filename), "_%02i", segment_cnt + 1); data/edfbrowser-1.79+dfsg/manscan2edf.cpp:551:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(scratchpad + strlen(scratchpad), MAX_PATH_LENGTH - strlen(scratchpad), "HP:%f", segment_properties->hpf); data/edfbrowser-1.79+dfsg/manscan2edf.cpp:551:67: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(scratchpad + strlen(scratchpad), MAX_PATH_LENGTH - strlen(scratchpad), "HP:%f", segment_properties->hpf); data/edfbrowser-1.79+dfsg/manscan2edf.cpp:560:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(scratchpad + strlen(scratchpad), MAX_PATH_LENGTH - strlen(scratchpad), "LP:%f", segment_properties->lpf); data/edfbrowser-1.79+dfsg/manscan2edf.cpp:560:67: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(scratchpad + strlen(scratchpad), MAX_PATH_LENGTH - strlen(scratchpad), "LP:%f", segment_properties->lpf); data/edfbrowser-1.79+dfsg/manscan2edf.cpp:621:25: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). var.four[2] = fgetc(data_inputfile); data/edfbrowser-1.79+dfsg/manscan2edf.cpp:622:17: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). tmp = fgetc(data_inputfile); data/edfbrowser-1.79+dfsg/manscan2edf.cpp:799:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(linebuf) == 0) data/edfbrowser-1.79+dfsg/manscan2edf.cpp:804:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(linebuf) < 5) data/edfbrowser-1.79+dfsg/manscan2edf.cpp:811:16: [1] (buffer) sscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. if(sscanf(linebuf, "%40s %i %i", annot_descr, &startsmpl, &durationsmpl) != 3) data/edfbrowser-1.79+dfsg/manscan2edf.cpp:818:16: [1] (buffer) sscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. if(sscanf(linebuf, "%40s %i %i", annot_descr, &durationsmpl, &startsmpl) != 3) data/edfbrowser-1.79+dfsg/manscan2edf.cpp:913:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(linebuf) < 25) data/edfbrowser-1.79+dfsg/manscan2edf.cpp:972:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(linebuf) < 26) data/edfbrowser-1.79+dfsg/manscan2edf.cpp:977:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(segprop->recorder_version, linebuf + 25, 100); data/edfbrowser-1.79+dfsg/manscan2edf.cpp:1032:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(linebuf) < 53) data/edfbrowser-1.79+dfsg/manscan2edf.cpp:1037:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(segprop->recorder_brand, linebuf + 8, 13); data/edfbrowser-1.79+dfsg/manscan2edf.cpp:1177:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(linebuf) < 12) data/edfbrowser-1.79+dfsg/manscan2edf.cpp:1189:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(linebuf) < 17) data/edfbrowser-1.79+dfsg/manscan2edf.cpp:1287:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(linebuf); data/edfbrowser-1.79+dfsg/manscan2edf.cpp:1487:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if((chrpntr == NULL) || (strlen(chrpntr) < 17)) data/edfbrowser-1.79+dfsg/manscan2edf.cpp:1523:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(label, linebuf, len); data/edfbrowser-1.79+dfsg/manscan2edf.cpp:1540:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(chrpntr >= (linebuf + strlen(linebuf))) data/edfbrowser-1.79+dfsg/manscan2edf.cpp:1679:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(linebuf) < 9) data/edfbrowser-1.79+dfsg/manscan2edf.cpp:1697:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, linebuf, len); data/edfbrowser-1.79+dfsg/manscan2edf.cpp:1722:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, linebuf + p, len); data/edfbrowser-1.79+dfsg/manscan2edf.cpp:1750:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, linebuf + p, len); data/edfbrowser-1.79+dfsg/manscan2edf.cpp:1775:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, linebuf + p, len); data/edfbrowser-1.79+dfsg/mit2edf.cpp:233:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(charpntr); data/edfbrowser-1.79+dfsg/mit2edf.cpp:381:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(charpntr); data/edfbrowser-1.79+dfsg/mit2edf.cpp:587:7: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(mit_hdr.unit[j], charpntr + p, 8); data/edfbrowser-1.79+dfsg/mit2edf.cpp:714:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(mit_hdr.label[j], charpntr + p, 16); data/edfbrowser-1.79+dfsg/mit2edf.cpp:1002:20: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). tmp1 = fgetc(data_inputfile); data/edfbrowser-1.79+dfsg/mit2edf.cpp:1020:20: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). tmp1 = fgetc(data_inputfile); data/edfbrowser-1.79+dfsg/mit2edf.cpp:1021:20: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). tmp2 = fgetc(data_inputfile); data/edfbrowser-1.79+dfsg/mit2edf.cpp:1124:18: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). tmp1 = fgetc(data_inputfile); data/edfbrowser-1.79+dfsg/mit2edf.cpp:1132:22: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). tmp1 += (fgetc(data_inputfile) << 8); data/edfbrowser-1.79+dfsg/mit2edf.cpp:1138:21: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). tmp1 += fgetc(data_inputfile); data/edfbrowser-1.79+dfsg/mit2edf.cpp:1192:18: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). tmp1 = fgetc(data_inputfile); data/edfbrowser-1.79+dfsg/mit2edf.cpp:1199:25: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). var.four[1] = fgetc(data_inputfile); data/edfbrowser-1.79+dfsg/mit2edf.cpp:1200:25: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). var.four[2] = fgetc(data_inputfile); data/edfbrowser-1.79+dfsg/mit2edf.cpp:1201:25: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). var.four[3] = fgetc(data_inputfile); data/edfbrowser-1.79+dfsg/mortara2edf.cpp:477:79: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = xml_get_attribute_of_element(xml_hdl, "LAST_NAME", subject_name + strlen(subject_name), 128); data/edfbrowser-1.79+dfsg/mortara2edf.cpp:633:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(subject_name)) data/edfbrowser-1.79+dfsg/mortara2edf.cpp:651:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(device_name)) data/edfbrowser-1.79+dfsg/nexfin2edf.cpp:179:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(!(strlen(PatientnameLineEdit->text().toLatin1().data()))) data/edfbrowser-1.79+dfsg/nexfin2edf.cpp:187:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(!(strlen(RecordingLineEdit->text().toLatin1().data()))) data/edfbrowser-1.79+dfsg/nexfin2edf.cpp:258:12: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). temp = fgetc(inputfile); data/edfbrowser-1.79+dfsg/nexfin2edf.cpp:279:12: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). temp = fgetc(inputfile); data/edfbrowser-1.79+dfsg/nexfin2edf.cpp:670:12: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). temp = fgetc(inputfile); data/edfbrowser-1.79+dfsg/nexfin2edf.cpp:703:12: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). temp = fgetc(inputfile); data/edfbrowser-1.79+dfsg/nexfin2edf.cpp:857:16: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). temp = fgetc(inputfile); data/edfbrowser-1.79+dfsg/nexfin2edf.cpp:860:16: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). temp = fgetc(inputfile); data/edfbrowser-1.79+dfsg/nexfin2edf.cpp:883:18: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). temp = fgetc(inputfile); data/edfbrowser-1.79+dfsg/nexfin2edf.cpp:887:16: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). temp = fgetc(inputfile); data/edfbrowser-1.79+dfsg/nk2edf.cpp:187:6: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(fgetc(inputfile)!=0x01) data/edfbrowser-1.79+dfsg/nk2edf.cpp:200:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(logfilepath, path, MAX_PATH_LENGTH); data/edfbrowser-1.79+dfsg/nk2edf.cpp:242:19: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). n_logblocks = fgetc(logfile); data/edfbrowser-1.79+dfsg/nk2edf.cpp:281:16: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). n_logs = fgetc(logfile); data/edfbrowser-1.79+dfsg/nk2edf.cpp:314:27: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). n_sublogs = fgetc(logfile); data/edfbrowser-1.79+dfsg/nk2edf.cpp:352:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(log_buf + (i * 45) + 26, sublog_buf + (i * 45) + 24, 6); data/edfbrowser-1.79+dfsg/nk2edf.cpp:358:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(pntfilepath, path, MAX_PATH_LENGTH); data/edfbrowser-1.79+dfsg/nk2edf.cpp:480:19: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ctl_block_cnt = fgetc(inputfile); data/edfbrowser-1.79+dfsg/nk2edf.cpp:514:21: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). datablock_cnt = fgetc(inputfile); data/edfbrowser-1.79+dfsg/nk2edf.cpp:552:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(edfplus) snprintf(outputpath + strlen(outputpath), MAX_PATH_LENGTH - strlen(outputpath), "_%u-%u+.edf", i + 1, j + 1); data/edfbrowser-1.79+dfsg/nk2edf.cpp:552:80: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(edfplus) snprintf(outputpath + strlen(outputpath), MAX_PATH_LENGTH - strlen(outputpath), "_%u-%u+.edf", i + 1, j + 1); data/edfbrowser-1.79+dfsg/nk2edf.cpp:553:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else snprintf(outputpath + strlen(outputpath), MAX_PATH_LENGTH - strlen(outputpath), "_%u-%u.edf", i + 1, j + 1); data/edfbrowser-1.79+dfsg/nk2edf.cpp:553:73: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else snprintf(outputpath + strlen(outputpath), MAX_PATH_LENGTH - strlen(outputpath), "_%u-%u.edf", i + 1, j + 1); data/edfbrowser-1.79+dfsg/nk2edf.cpp:695:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). latin1_to_ascii(scratchpad, strlen(scratchpad)); data/edfbrowser-1.79+dfsg/nk2edf.cpp:889:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). latin1_to_ascii(scratchpad, strlen(scratchpad)); data/edfbrowser-1.79+dfsg/nk2edf.cpp:1059:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). latin1_to_ascii(scratchpad, strlen(scratchpad)); data/edfbrowser-1.79+dfsg/nk2edf.cpp:1088:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). latin1_to_ascii(scratchpad, strlen(scratchpad)); data/edfbrowser-1.79+dfsg/nk2edf.cpp:1122:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). latin1_to_ascii(scratchpad, strlen(scratchpad)); data/edfbrowser-1.79+dfsg/nk2edf.cpp:1144:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). latin1_to_ascii(scratchpad, strlen(scratchpad)); data/edfbrowser-1.79+dfsg/nk2edf.cpp:1166:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). latin1_to_ascii(scratchpad, strlen(scratchpad)); data/edfbrowser-1.79+dfsg/nk2edf.cpp:1180:10: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). temp = fgetc(inputfile); data/edfbrowser-1.79+dfsg/nk2edf.cpp:1183:10: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). temp = fgetc(inputfile); data/edfbrowser-1.79+dfsg/nk2edf.cpp:1186:10: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). temp = fgetc(inputfile); data/edfbrowser-1.79+dfsg/nk2edf.cpp:1190:10: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). temp = fgetc(inputfile); data/edfbrowser-1.79+dfsg/nk2edf.cpp:1192:10: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). temp = fgetc(inputfile); data/edfbrowser-1.79+dfsg/nk2edf.cpp:1194:10: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). temp = fgetc(inputfile); data/edfbrowser-1.79+dfsg/nk2edf.cpp:1198:14: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). channels = fgetc(inputfile) + 1; data/edfbrowser-1.79+dfsg/nk2edf.cpp:1227:12: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). temp = fgetc(inputfile); data/edfbrowser-1.79+dfsg/nk2edf.cpp:1248:12: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). temp = fgetc(inputfile); data/edfbrowser-1.79+dfsg/nk2edf.cpp:1258:12: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). temp = fgetc(inputfile); data/edfbrowser-1.79+dfsg/nk2edf.cpp:1268:12: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). temp = fgetc(inputfile); data/edfbrowser-1.79+dfsg/nk2edf.cpp:1285:21: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). samplefrequency = fgetc(inputfile) * 256; data/edfbrowser-1.79+dfsg/nk2edf.cpp:1287:22: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). samplefrequency += fgetc(inputfile); data/edfbrowser-1.79+dfsg/nk2edf.cpp:1346:47: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). buf[j+(k*raster)+(i*record_size)] = fgetc(inputfile); data/edfbrowser-1.79+dfsg/nk2edf.cpp:1347:49: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). buf[j+(k*raster)+(i*record_size)+1] = fgetc(inputfile) + 128; data/edfbrowser-1.79+dfsg/nk2edf.cpp:1349:45: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). buf[j+(k*raster)+(i*record_size)] = fgetc(inputfile); data/edfbrowser-1.79+dfsg/nk2edf.cpp:1350:16: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). temp = fgetc(inputfile); data/edfbrowser-1.79+dfsg/nk2edf.cpp:1384:17: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(annotations + p, log_buf + (n_log_processed * 45) + 26, 3); data/edfbrowser-1.79+dfsg/nk2edf.cpp:1388:15: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(annotations + p, log_buf + (n_log_processed * 45), 20); data/edfbrowser-1.79+dfsg/nk2edf.cpp:1487:54: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strncmp(electrode_name_buffer, ELECTRODE_TAG, strlen(ELECTRODE_TAG)) == 0) data/edfbrowser-1.79+dfsg/nk2edf.cpp:1493:58: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strncmp(electrode_name_buffer, ELECTRODE_UNTAG, strlen(ELECTRODE_UNTAG)) == 0) data/edfbrowser-1.79+dfsg/nk2edf.cpp:1509:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n = strlen(electrode_name); data/edfbrowser-1.79+dfsg/nk2edf.cpp:1521:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n = strlen(electrode_name); data/edfbrowser-1.79+dfsg/nk2edf.cpp:1527:15: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, electrode_name, 16); data/edfbrowser-1.79+dfsg/options_dialog.cpp:1110:7: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(mainwindow->spectrum_colorbar->label[row], ((QLineEdit *)(colorBarTable->cellWidget(row, 3)))->text().toLatin1().data(), 16); data/edfbrowser-1.79+dfsg/options_dialog.cpp:1806:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(path) > 4) data/edfbrowser-1.79+dfsg/options_dialog.cpp:1808:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strcmp(path + strlen(path) - 6, ".color")) data/edfbrowser-1.79+dfsg/options_dialog.cpp:2411:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(str); data/edfbrowser-1.79+dfsg/options_dialog.cpp:2432:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(mainwindow->ecg_qrs_rpeak_descr)) data/edfbrowser-1.79+dfsg/print_to_bdf.cpp:258:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(path); data/edfbrowser-1.79+dfsg/print_to_bdf.cpp:760:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for(p = strlen(scratchpad) - 1; p>=0; p--) data/edfbrowser-1.79+dfsg/print_to_bdf.cpp:779:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p = strlen(scratchpad); data/edfbrowser-1.79+dfsg/print_to_bdf.cpp:804:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p = strlen(scratchpad); data/edfbrowser-1.79+dfsg/print_to_bdf.cpp:850:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p = strlen(scratchpad); data/edfbrowser-1.79+dfsg/print_to_bdf.cpp:867:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p = strlen(scratchpad); data/edfbrowser-1.79+dfsg/print_to_bdf.cpp:884:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p = strlen(scratchpad); data/edfbrowser-1.79+dfsg/print_to_edf.cpp:258:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(path); data/edfbrowser-1.79+dfsg/print_to_edf.cpp:752:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for(p = strlen(scratchpad) - 1; p>=0; p--) data/edfbrowser-1.79+dfsg/print_to_edf.cpp:771:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p = strlen(scratchpad); data/edfbrowser-1.79+dfsg/print_to_edf.cpp:796:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p = strlen(scratchpad); data/edfbrowser-1.79+dfsg/print_to_edf.cpp:842:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p = strlen(scratchpad); data/edfbrowser-1.79+dfsg/print_to_edf.cpp:859:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p = strlen(scratchpad); data/edfbrowser-1.79+dfsg/print_to_edf.cpp:876:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). p = strlen(scratchpad); data/edfbrowser-1.79+dfsg/raw2edf.cpp:267:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(!(strlen(PatientnameLineEdit->text().toLatin1().data()))) data/edfbrowser-1.79+dfsg/raw2edf.cpp:274:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(!(strlen(RecordingLineEdit->text().toLatin1().data()))) data/edfbrowser-1.79+dfsg/raw2edf.cpp:522:19: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). tmp = fgetc(inputfile); data/edfbrowser-1.79+dfsg/raw2edf.cpp:537:25: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). tmp = fgetc(inputfile); data/edfbrowser-1.79+dfsg/raw2edf.cpp:567:17: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). tmp = fgetc(inputfile); data/edfbrowser-1.79+dfsg/raw2edf.cpp:582:23: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). tmp = fgetc(inputfile); data/edfbrowser-1.79+dfsg/raw2edf.cpp:653:20: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). tmp1 = fgetc(inputfile); data/edfbrowser-1.79+dfsg/raw2edf.cpp:665:25: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). tmp = fgetc(inputfile); data/edfbrowser-1.79+dfsg/raw2edf.cpp:701:20: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). tmp1 = fgetc(inputfile); data/edfbrowser-1.79+dfsg/raw2edf.cpp:713:25: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). tmp = fgetc(inputfile); data/edfbrowser-1.79+dfsg/raw2edf.cpp:724:20: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). tmp2 = fgetc(inputfile); data/edfbrowser-1.79+dfsg/raw2edf.cpp:736:25: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). tmp = fgetc(inputfile); data/edfbrowser-1.79+dfsg/raw2edf.cpp:1066:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(raw2edf_var->phys_dim, result, 16); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:343:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(recent_montagedir, result, MAX_PATH_LENGTH); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:357:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(recent_savedir, result, MAX_PATH_LENGTH); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:371:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(recent_opendir, result, MAX_PATH_LENGTH); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:385:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(recent_colordir, result, MAX_PATH_LENGTH); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:400:7: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(&recent_file_path[0][0], result, MAX_PATH_LENGTH); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:421:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(&recent_file_path[i][0], result, MAX_PATH_LENGTH); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:439:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(&recent_file_mtg_path[0][0], result, MAX_PATH_LENGTH); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:452:7: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(&recent_file_mtg_path[i][0], result, MAX_PATH_LENGTH); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:466:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(&predefined_mtg_path[0][0], result, MAX_PATH_LENGTH); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:479:7: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(&predefined_mtg_path[i][0], result, MAX_PATH_LENGTH); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:534:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(cfg_app_version, result, 16); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:913:7: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(spectrum_colorbar->label[0], result, 16); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:930:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(spectrum_colorbar->label[i], result, 16); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1079:7: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(import_annotations_var->separator, result, 3); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1138:7: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(import_annotations_var->description, result, 20); data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1406:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(result)) data/edfbrowser-1.79+dfsg/read_write_settings.cpp:1895:7: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(raw2edf_var.phys_dim, result, 16); data/edfbrowser-1.79+dfsg/reduce_signals.cpp:578:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). convert_to_metric_suffix(str + strlen(str), edfhdr->edfparam[i].sf_f / j, 3, 256 - strlen(str)); data/edfbrowser-1.79+dfsg/reduce_signals.cpp:578:94: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). convert_to_metric_suffix(str + strlen(str), edfhdr->edfparam[i].sf_f / j, 3, 256 - strlen(str)); data/edfbrowser-1.79+dfsg/reduce_signals.cpp:889:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(outputpath); data/edfbrowser-1.79+dfsg/run_qrs_detector.cpp:156:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(annotation.description, mainwindow->ecg_qrs_rpeak_descr, MAX_ANNOTATION_LEN); data/edfbrowser-1.79+dfsg/save_montage_dialog.cpp:112:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(mtg_path) > 4) data/edfbrowser-1.79+dfsg/save_montage_dialog.cpp:114:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strcmp(mtg_path + strlen(mtg_path) - 4, ".mtg")) data/edfbrowser-1.79+dfsg/scp_ecg2edf.cpp:1563:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(pat_dat.pat_id, str, 20); data/edfbrowser-1.79+dfsg/scp_ecg2edf.cpp:1571:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(pat_dat.last_name, str, 20); data/edfbrowser-1.79+dfsg/scp_ecg2edf.cpp:1579:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(pat_dat.first_name, str, 20); data/edfbrowser-1.79+dfsg/scp_ecg2edf.cpp:1616:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(pat_dat.device_model, str + 8, 5); data/edfbrowser-1.79+dfsg/scp_ecg2edf.cpp:1624:11: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(pat_dat.device_serial, str + i + 1, 48); data/edfbrowser-1.79+dfsg/scp_ecg2edf.cpp:1640:15: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(pat_dat.device_ident, str + i + 1, 48); data/edfbrowser-1.79+dfsg/scp_ecg2edf.cpp:1648:15: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(pat_dat.manufacturer, str + i + 1, 48); data/edfbrowser-1.79+dfsg/show_actual_montage_dialog.cpp:107:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(txtbuf + strlen(txtbuf), 2048 - strlen(txtbuf), "%sx %s", data/edfbrowser-1.79+dfsg/show_actual_montage_dialog.cpp:107:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(txtbuf + strlen(txtbuf), 2048 - strlen(txtbuf), "%sx %s", data/edfbrowser-1.79+dfsg/show_actual_montage_dialog.cpp:131:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(txtbuf + strlen(txtbuf), 2048 - strlen(txtbuf), "/cm offset: %f%s", data/edfbrowser-1.79+dfsg/show_actual_montage_dialog.cpp:131:46: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(txtbuf + strlen(txtbuf), 2048 - strlen(txtbuf), "/cm offset: %f%s", data/edfbrowser-1.79+dfsg/show_actual_montage_dialog.cpp:210:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(txtbuf + strlen(txtbuf), 2048 - strlen(txtbuf), " %s/0.5mSec. Hold-off: %i mSec.", data/edfbrowser-1.79+dfsg/show_actual_montage_dialog.cpp:210:48: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(txtbuf + strlen(txtbuf), 2048 - strlen(txtbuf), " %s/0.5mSec. Hold-off: %i mSec.", data/edfbrowser-1.79+dfsg/show_edf_hdr.cpp:229:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). __mingw_snprintf(str + strlen(str), 100, ".%07lli", mainwindow->edfheaderlist[row]->starttime_offset); data/edfbrowser-1.79+dfsg/show_edf_hdr.cpp:231:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(str + strlen(str), 100, ".%07lli", mainwindow->edfheaderlist[row]->starttime_offset); data/edfbrowser-1.79+dfsg/signal_chooser.cpp:645:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(label); data/edfbrowser-1.79+dfsg/signalcurve.cpp:568:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(extra_button_txt, txt, 16); data/edfbrowser-1.79+dfsg/signalcurve.cpp:1715:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(str + strlen(str), 128 - strlen(str), " (%.1f%%)", (spectrum_color->value[0] * 100.0) / sum_colorbar_value); data/edfbrowser-1.79+dfsg/signalcurve.cpp:1715:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(str + strlen(str), 128 - strlen(str), " (%.1f%%)", (spectrum_color->value[0] * 100.0) / sum_colorbar_value); data/edfbrowser-1.79+dfsg/signalcurve.cpp:1740:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(str + strlen(str), 128 - strlen(str), " (%.1f%%)", (spectrum_color->value[i] * 100.0) / sum_colorbar_value); data/edfbrowser-1.79+dfsg/signalcurve.cpp:1740:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(str + strlen(str), 128 - strlen(str), " (%.1f%%)", (spectrum_color->value[i] * 100.0) / sum_colorbar_value); data/edfbrowser-1.79+dfsg/signalcurve.cpp:2483:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(h_label, str, 32); data/edfbrowser-1.79+dfsg/signalcurve.cpp:2491:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(v_label, str, 20); data/edfbrowser-1.79+dfsg/signalcurve.cpp:2499:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(upperlabel1, str, 128); data/edfbrowser-1.79+dfsg/signalcurve.cpp:2507:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(upperlabel2, str, 64); data/edfbrowser-1.79+dfsg/signalcurve.cpp:2515:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(lowerlabel, str, 64); data/edfbrowser-1.79+dfsg/signalcurve.cpp:2626:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(src); data/edfbrowser-1.79+dfsg/signalcurve.cpp:2643:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(dest, src, ssize); data/edfbrowser-1.79+dfsg/signalcurve.cpp:2654:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return strlen(dest); data/edfbrowser-1.79+dfsg/signals_dialog.cpp:371:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). newsignalcomp->signallabellen = strlen(newsignalcomp->signallabel); data/edfbrowser-1.79+dfsg/signals_dialog.cpp:456:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). newsignalcomp->signallabellen = strlen(newsignalcomp->signallabel); data/edfbrowser-1.79+dfsg/signals_dialog.cpp:688:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(str); data/edfbrowser-1.79+dfsg/signals_dialog.cpp:699:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(str); data/edfbrowser-1.79+dfsg/signals_dialog.cpp:773:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). convert_to_metric_suffix(str + strlen(str), mainwindow->edfheaderlist[row]->edfparam[i].sf_f, 6, 256 - strlen(str)); data/edfbrowser-1.79+dfsg/signals_dialog.cpp:773:108: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). convert_to_metric_suffix(str + strlen(str), mainwindow->edfheaderlist[row]->edfparam[i].sf_f, 6, 256 - strlen(str)); data/edfbrowser-1.79+dfsg/signals_dialog.cpp:832:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(label); data/edfbrowser-1.79+dfsg/special_button.cpp:115:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(buttonText, str, 2047); data/edfbrowser-1.79+dfsg/special_button.cpp:118:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(buttonText) > 0) data/edfbrowser-1.79+dfsg/spectrum_dock.cpp:840:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). convert_to_metric_suffix(str + strlen(str), start_freq + ((max_freq - start_freq) / 2.0), 3, 1024 - strlen(str)); data/edfbrowser-1.79+dfsg/spectrum_dock.cpp:840:103: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). convert_to_metric_suffix(str + strlen(str), start_freq + ((max_freq - start_freq) / 2.0), 3, 1024 - strlen(str)); data/edfbrowser-1.79+dfsg/spectrum_dock.cpp:846:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). convert_to_metric_suffix(str + strlen(str), max_freq - start_freq, 3, 1024 - strlen(str)); data/edfbrowser-1.79+dfsg/spectrum_dock.cpp:846:80: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). convert_to_metric_suffix(str + strlen(str), max_freq - start_freq, 3, 1024 - strlen(str)); data/edfbrowser-1.79+dfsg/spectrum_dock.cpp:1422:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). convert_to_metric_suffix(str + strlen(str), freqstep, 3, 1024 - strlen(str)); data/edfbrowser-1.79+dfsg/spectrum_dock.cpp:1422:67: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). convert_to_metric_suffix(str + strlen(str), freqstep, 3, 1024 - strlen(str)); data/edfbrowser-1.79+dfsg/spectrum_dock.cpp:1424:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(str + strlen(str), 1024 - strlen(str), "Hz %i blocks of %i samples", fft_data->blocks_processed, fft_data->dft_sz); data/edfbrowser-1.79+dfsg/spectrum_dock.cpp:1424:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(str + strlen(str), 1024 - strlen(str), "Hz %i blocks of %i samples", fft_data->blocks_processed, fft_data->dft_sz); data/edfbrowser-1.79+dfsg/spectrumanalyzer.cpp:85:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for(i=strlen(signalcomp->edfhdr->filename); i>0; i--) data/edfbrowser-1.79+dfsg/spectrumanalyzer.cpp:793:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). convert_to_metric_suffix(str + strlen(str), start_freq + ((max_freq - start_freq) / 2.0), 3, 2048 - strlen(str)); data/edfbrowser-1.79+dfsg/spectrumanalyzer.cpp:793:103: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). convert_to_metric_suffix(str + strlen(str), start_freq + ((max_freq - start_freq) / 2.0), 3, 2048 - strlen(str)); data/edfbrowser-1.79+dfsg/spectrumanalyzer.cpp:799:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). convert_to_metric_suffix(str + strlen(str), max_freq - start_freq, 3, 2048 - strlen(str)); data/edfbrowser-1.79+dfsg/spectrumanalyzer.cpp:799:80: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). convert_to_metric_suffix(str + strlen(str), max_freq - start_freq, 3, 2048 - strlen(str)); data/edfbrowser-1.79+dfsg/spectrumanalyzer.cpp:1270:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). convert_to_metric_suffix(str + strlen(str), freqstep, 3, 4096 - strlen(str)); data/edfbrowser-1.79+dfsg/spectrumanalyzer.cpp:1270:67: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). convert_to_metric_suffix(str + strlen(str), freqstep, 3, 4096 - strlen(str)); data/edfbrowser-1.79+dfsg/spectrumanalyzer.cpp:1272:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(str + strlen(str), 4096 - strlen(str), "Hz %i blocks of %i samples", fft_data->blocks_processed, fft_data->dft_sz); data/edfbrowser-1.79+dfsg/spectrumanalyzer.cpp:1272:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(str + strlen(str), 4096 - strlen(str), "Hz %i blocks of %i samples", fft_data->blocks_processed, fft_data->dft_sz); data/edfbrowser-1.79+dfsg/third_party/fidlib/fidlib.c:1402:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int max= strlen(fmt) + 60 + sp.n_arg * 20; data/edfbrowser-1.79+dfsg/third_party/fidlib/fidlib.c:1973:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len= strlen(buf); data/edfbrowser-1.79+dfsg/unisens2edf.cpp:182:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if((strlen(str) < 19) || (strlen(str) > 23) || (str[4] != '-') || (str[7] != '-') || (str[10] != 'T') || (str[13] != ':') || (str[16] != ':')) data/edfbrowser-1.79+dfsg/unisens2edf.cpp:182:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if((strlen(str) < 19) || (strlen(str) > 23) || (str[4] != '-') || (str[7] != '-') || (str[10] != 'T') || (str[13] != ':') || (str[16] != ':')) data/edfbrowser-1.79+dfsg/unisens2edf.cpp:197:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(str) == 23) data/edfbrowser-1.79+dfsg/unisens2edf.cpp:221:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(str_timestampStart, str, 19); data/edfbrowser-1.79+dfsg/unisens2edf.cpp:231:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(str) < 1) data/edfbrowser-1.79+dfsg/unisens2edf.cpp:239:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(str_measurementId, QString::fromLatin1(str).toLocal8Bit().data(), 128); data/edfbrowser-1.79+dfsg/unisens2edf.cpp:243:7: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(str_measurementId, QString::fromUtf8(str).toLocal8Bit().data(), 128); data/edfbrowser-1.79+dfsg/unisens2edf.cpp:248:7: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(str_measurementId, QString::fromUtf8(str).toLocal8Bit().data(), 128); // default for XML is UTF-8 data/edfbrowser-1.79+dfsg/unisens2edf.cpp:333:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(str) != 1) data/edfbrowser-1.79+dfsg/unisens2edf.cpp:349:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(str) != 1) data/edfbrowser-1.79+dfsg/unisens2edf.cpp:389:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(str) < 1) data/edfbrowser-1.79+dfsg/unisens2edf.cpp:438:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(signallabel[total_edf_signals], str, 16); data/edfbrowser-1.79+dfsg/unisens2edf.cpp:442:11: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(signallabel[total_edf_signals], QString::fromUtf8(str).toLatin1().data(), 16); data/edfbrowser-1.79+dfsg/unisens2edf.cpp:447:11: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(signallabel[total_edf_signals], QString::fromUtf8(str).toLatin1().data(), 16); // default for XML is UTF-8 data/edfbrowser-1.79+dfsg/unisens2edf.cpp:575:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(str) != 1) data/edfbrowser-1.79+dfsg/unisens2edf.cpp:591:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(str) != 1) data/edfbrowser-1.79+dfsg/unisens2edf.cpp:631:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(signallabel[total_edf_signals], str, 16); data/edfbrowser-1.79+dfsg/unisens2edf.cpp:635:11: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(signallabel[total_edf_signals], QString::fromUtf8(str).toLatin1().data(), 16); data/edfbrowser-1.79+dfsg/unisens2edf.cpp:640:11: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(signallabel[total_edf_signals], QString::fromUtf8(str).toLatin1().data(), 16); // default for XML is UTF-8 data/edfbrowser-1.79+dfsg/unisens2edf.cpp:814:17: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). tmp = fgetc(binfile[k]); data/edfbrowser-1.79+dfsg/unisens2edf.cpp:885:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(str) != 1) data/edfbrowser-1.79+dfsg/unisens2edf.cpp:901:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(str) != 1) data/edfbrowser-1.79+dfsg/unisens2edf.cpp:1799:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(linebuf); data/edfbrowser-1.79+dfsg/unisens2edf.cpp:1818:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(annotation, ++ptr, 46); data/edfbrowser-1.79+dfsg/unisens2edf.cpp:1822:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len2 = strlen(annotation); data/edfbrowser-1.79+dfsg/unisens2edf.cpp:1949:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(str) < 1) data/edfbrowser-1.79+dfsg/unisens2edf.cpp:1955:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(binfilename[file_nr], str, MAX_PATH_LENGTH - 1); data/edfbrowser-1.79+dfsg/unisens2edf.cpp:1961:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else if(strlen(str) < 1) data/edfbrowser-1.79+dfsg/unisens2edf.cpp:1971:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else if(strlen(str) < 1) data/edfbrowser-1.79+dfsg/unisens2edf.cpp:1977:9: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(physdim[file_nr], str, 8); data/edfbrowser-1.79+dfsg/unisens2edf.cpp:1981:11: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(physdim[file_nr], QString::fromUtf8(str).toLatin1().data(), 8); data/edfbrowser-1.79+dfsg/unisens2edf.cpp:1986:11: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(physdim[file_nr], QString::fromUtf8(str).toLatin1().data(), 8); // default for XML is UTF-8 data/edfbrowser-1.79+dfsg/unisens2edf.cpp:1999:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(str) < 1) data/edfbrowser-1.79+dfsg/unisens2edf.cpp:2040:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(str) < 1) data/edfbrowser-1.79+dfsg/unisens2edf.cpp:2055:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(str) < 1) data/edfbrowser-1.79+dfsg/unisens2edf.cpp:2068:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else if(strlen(str) < 1) data/edfbrowser-1.79+dfsg/unisens2edf.cpp:2357:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(str) < 1) data/edfbrowser-1.79+dfsg/unisens2edf.cpp:2363:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(evtfilename[file_nr], str, MAX_PATH_LENGTH - 1); data/edfbrowser-1.79+dfsg/unisens2edf.cpp:2371:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(str) < 1) data/edfbrowser-1.79+dfsg/utils.c:43:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(str); data/edfbrowser-1.79+dfsg/utils.c:84:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(src); data/edfbrowser-1.79+dfsg/utils.c:110:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(dest, src + i, sz); data/edfbrowser-1.79+dfsg/utils.c:114:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return strlen(dest); data/edfbrowser-1.79+dfsg/utils.c:136:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(src); data/edfbrowser-1.79+dfsg/utils.c:153:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(dest, src, sz); data/edfbrowser-1.79+dfsg/utils.c:164:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). return strlen(dest); data/edfbrowser-1.79+dfsg/utils.c:173:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(str); data/edfbrowser-1.79+dfsg/utils.c:205:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(str); data/edfbrowser-1.79+dfsg/utils.c:221:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(str); data/edfbrowser-1.79+dfsg/utils.c:250:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(str); data/edfbrowser-1.79+dfsg/utils.c:270:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(str); data/edfbrowser-1.79+dfsg/utils.c:298:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(str); data/edfbrowser-1.79+dfsg/utils.c:386:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(utf8_str); data/edfbrowser-1.79+dfsg/utils.c:723:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(str, input_str, len); data/edfbrowser-1.79+dfsg/utils.c:1296:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). l = strlen(str); data/edfbrowser-1.79+dfsg/utils.c:1345:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(str); data/edfbrowser-1.79+dfsg/utils.c:1498:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(str) / 2; data/edfbrowser-1.79+dfsg/utils.c:1519:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(str) / 8; data/edfbrowser-1.79+dfsg/utils.c:1523:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, str + (i * 8), 8); data/edfbrowser-1.79+dfsg/utils.c:1539:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(str); data/edfbrowser-1.79+dfsg/utils.c:1545:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(scratchpad, str + (i * 8), 8); data/edfbrowser-1.79+dfsg/utils.c:1559:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(str); data/edfbrowser-1.79+dfsg/utils.c:1592:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(str); data/edfbrowser-1.79+dfsg/utils.c:1621:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(str) / 2; data/edfbrowser-1.79+dfsg/utils.c:1960:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(src) < 7) data/edfbrowser-1.79+dfsg/utils.c:1965:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(str, src, 64); data/edfbrowser-1.79+dfsg/utils.c:2118:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). delim_len = strlen(delim); data/edfbrowser-1.79+dfsg/utils.c:2189:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). srclen = strlen(src); data/edfbrowser-1.79+dfsg/utils.c:2206:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dstlen = strlen(dst); data/edfbrowser-1.79+dfsg/utils.c:2212:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). srclen = strlen(src); data/edfbrowser-1.79+dfsg/utils.c:2231:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). slen = strlen(str); data/edfbrowser-1.79+dfsg/utils.c:2235:23: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(sublen > (signed)strlen(substr)) sublen = strlen(substr); data/edfbrowser-1.79+dfsg/utils.c:2235:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(sublen > (signed)strlen(substr)) sublen = strlen(substr); data/edfbrowser-1.79+dfsg/utils.c:2264:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). slen = strlen(str); data/edfbrowser-1.79+dfsg/utils.c:2266:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). destlen = strlen(dest_substr); data/edfbrowser-1.79+dfsg/utils.c:2268:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). srclen = strlen(src_substr); data/edfbrowser-1.79+dfsg/view_montage_dialog.cpp:394:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(composition_txt + strlen(composition_txt), 2048 - strlen(composition_txt), "%sx %s", str3, label); data/edfbrowser-1.79+dfsg/view_montage_dialog.cpp:394:66: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(composition_txt + strlen(composition_txt), 2048 - strlen(composition_txt), "%sx %s", str3, label); data/edfbrowser-1.79+dfsg/view_montage_dialog.cpp:417:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(composition_txt + strlen(composition_txt), 2048 - strlen(composition_txt), "/cm offset: %f", (double)screen_offset * mainwindow->y_pixelsizefactor * voltpercm); data/edfbrowser-1.79+dfsg/view_montage_dialog.cpp:417:64: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(composition_txt + strlen(composition_txt), 2048 - strlen(composition_txt), "/cm offset: %f", (double)screen_offset * mainwindow->y_pixelsizefactor * voltpercm); data/edfbrowser-1.79+dfsg/view_montage_dialog.cpp:537:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(composition_txt + strlen(composition_txt), 2048 - strlen(composition_txt), " Hold-off: %i milli-Sec.", holdoff); data/edfbrowser-1.79+dfsg/view_montage_dialog.cpp:537:66: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(composition_txt + strlen(composition_txt), 2048 - strlen(composition_txt), " Hold-off: %i milli-Sec.", holdoff); data/edfbrowser-1.79+dfsg/viewbuf.cpp:791:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(viewtime_string + strlen(viewtime_string), 128 - strlen(viewtime_string), "%2i:%02i:%02i.%04i (", data/edfbrowser-1.79+dfsg/viewbuf.cpp:791:67: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(viewtime_string + strlen(viewtime_string), 128 - strlen(viewtime_string), "%2i:%02i:%02i.%04i (", data/edfbrowser-1.79+dfsg/viewbuf.cpp:798:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(viewtime_string + strlen(viewtime_string), 128 - strlen(viewtime_string), "%i:%02i:%02i.%04i", data/edfbrowser-1.79+dfsg/viewbuf.cpp:798:65: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(viewtime_string + strlen(viewtime_string), 128 - strlen(viewtime_string), "%i:%02i:%02i.%04i", data/edfbrowser-1.79+dfsg/viewbuf.cpp:806:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(viewtime_string + strlen(viewtime_string), 128 - strlen(viewtime_string), ")"); data/edfbrowser-1.79+dfsg/viewbuf.cpp:806:67: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(viewtime_string + strlen(viewtime_string), 128 - strlen(viewtime_string), ")"); data/edfbrowser-1.79+dfsg/viewbuf.cpp:819:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(viewtime_string + strlen(viewtime_string), 128 - strlen(viewtime_string), "%2i:%02i:%02i.%04i (", data/edfbrowser-1.79+dfsg/viewbuf.cpp:819:67: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(viewtime_string + strlen(viewtime_string), 128 - strlen(viewtime_string), "%2i:%02i:%02i.%04i (", data/edfbrowser-1.79+dfsg/viewbuf.cpp:828:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(viewtime_string + strlen(viewtime_string), 128 - strlen(viewtime_string), "-%i:%02i:%02i.%04i", data/edfbrowser-1.79+dfsg/viewbuf.cpp:828:65: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(viewtime_string + strlen(viewtime_string), 128 - strlen(viewtime_string), "-%i:%02i:%02i.%04i", data/edfbrowser-1.79+dfsg/viewbuf.cpp:836:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(viewtime_string + strlen(viewtime_string), 128 - strlen(viewtime_string), ")"); data/edfbrowser-1.79+dfsg/viewbuf.cpp:836:67: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(viewtime_string + strlen(viewtime_string), 128 - strlen(viewtime_string), ")"); data/edfbrowser-1.79+dfsg/viewcurve.cpp:1114:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(mainwindow->edfheaderlist[mainwindow->sel_viewtime]->filename); data/edfbrowser-1.79+dfsg/viewcurve.cpp:1132:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(path + strlen(path), MAX_PATH_LENGTH - strlen(path), " %i %s %i ", data/edfbrowser-1.79+dfsg/viewcurve.cpp:1132:53: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(path + strlen(path), MAX_PATH_LENGTH - strlen(path), " %i %s %i ", data/edfbrowser-1.79+dfsg/viewcurve.cpp:1147:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(path); data/edfbrowser-1.79+dfsg/viewcurve.cpp:1194:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(path); data/edfbrowser-1.79+dfsg/viewcurve.cpp:1231:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(mainwindow->edfheaderlist[mainwindow->sel_viewtime]->filename); data/edfbrowser-1.79+dfsg/viewcurve.cpp:1252:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(path + strlen(path), MAX_PATH_LENGTH - strlen(path), " %i %s %i ", data/edfbrowser-1.79+dfsg/viewcurve.cpp:1252:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(path + strlen(path), MAX_PATH_LENGTH - strlen(path), " %i %s %i ", data/edfbrowser-1.79+dfsg/viewcurve.cpp:1268:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(path); data/edfbrowser-1.79+dfsg/viewcurve.cpp:1314:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(path); data/edfbrowser-1.79+dfsg/viewcurve.cpp:1354:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(mainwindow->edfheaderlist[mainwindow->sel_viewtime]->filename); data/edfbrowser-1.79+dfsg/viewcurve.cpp:1375:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(path + strlen(path), MAX_PATH_LENGTH - strlen(path), " %i %s %i ", data/edfbrowser-1.79+dfsg/viewcurve.cpp:1375:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(path + strlen(path), MAX_PATH_LENGTH - strlen(path), " %i %s %i ", data/edfbrowser-1.79+dfsg/viewcurve.cpp:1391:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(path); data/edfbrowser-1.79+dfsg/viewcurve.cpp:1434:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(path); data/edfbrowser-1.79+dfsg/viewcurve.cpp:1463:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(mainwindow->edfheaderlist[mainwindow->sel_viewtime]->filename); data/edfbrowser-1.79+dfsg/viewcurve.cpp:1484:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(str + strlen(str), 1024 - strlen(str), " %i %s %i ", data/edfbrowser-1.79+dfsg/viewcurve.cpp:1484:38: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(str + strlen(str), 1024 - strlen(str), " %i %s %i ", data/edfbrowser-1.79+dfsg/viewcurve.cpp:1498:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(str); data/edfbrowser-1.79+dfsg/viewcurve.cpp:2151:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(string + strlen(string), MAX_ANNOTATION_LEN + 32, "%i:%02i:%02i.%04i", data/edfbrowser-1.79+dfsg/viewcurve.cpp:2180:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(string, annot->description, 20); data/edfbrowser-1.79+dfsg/viewcurve.cpp:2358:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(string + strlen(string), 32, " (%i:%02i:%02i.%04i)", data/edfbrowser-1.79+dfsg/viewcurve.cpp:2368:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(string + strlen(string), 32, " (%.26sS)", str3); data/edfbrowser-1.79+dfsg/viewcurve.cpp:2444:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(string + strlen(string), 32, " (%i:%02i:%02i.%04i)", data/edfbrowser-1.79+dfsg/viewcurve.cpp:2454:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). snprintf(string + strlen(string), 32, " (%.26sS)", str3); data/edfbrowser-1.79+dfsg/viewcurve.cpp:2565:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). painter->drawText(w - strlen(mainwindow->pagetime_string) * font_pixel_width, h - 4, mainwindow->pagetime_string); data/edfbrowser-1.79+dfsg/viewcurve.cpp:3812:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(mainwindow->signalcomp[signal_nr]->alias, AliasLineEdit->text().toLatin1().data(), 16); data/edfbrowser-1.79+dfsg/viewcurve.cpp:3925:35: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). newsignalcomp->signallabellen = strlen(newsignalcomp->signallabel); data/edfbrowser-1.79+dfsg/viewcurve.cpp:5080:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(label); data/edfbrowser-1.79+dfsg/wav2edf.cpp:150:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(!(strlen(PatientnameLineEdit->text().toLatin1().data()))) data/edfbrowser-1.79+dfsg/wav2edf.cpp:158:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(!(strlen(RecordingLineEdit->text().toLatin1().data()))) data/edfbrowser-1.79+dfsg/xml.c:217:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(src); data/edfbrowser-1.79+dfsg/xml.c:288:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(src); data/edfbrowser-1.79+dfsg/xml.c:362:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(buf, handle_p->elementname[handle_p->level], sz); data/edfbrowser-1.79+dfsg/xml.c:374:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(attr_name) < 1) data/edfbrowser-1.79+dfsg/xml.c:409:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). data_len = strlen(data); data/edfbrowser-1.79+dfsg/xml.c:410:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). item_len = strlen(item); data/edfbrowser-1.79+dfsg/xml.c:503:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(strlen(handle_p->tag_search_result) < 3) data/edfbrowser-1.79+dfsg/xml.c:509:79: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if((handle_p->tag_search_result[0] == '?') && (handle_p->tag_search_result[strlen(handle_p->tag_search_result) - 1] == '?')) data/edfbrowser-1.79+dfsg/xml.c:561:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(handle_p->elementname[handle_p->level]); data/edfbrowser-1.79+dfsg/xml.c:723:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(buf, handle_p->content[handle_p->level], sz); data/edfbrowser-1.79+dfsg/xml.c:751:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(name); data/edfbrowser-1.79+dfsg/xml.c:783:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ts_len = strlen(handle_p->tag_search_result); data/edfbrowser-1.79+dfsg/xml.c:802:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if((int)strlen(handle_p->tag_search_result) >= len) data/edfbrowser-1.79+dfsg/xml.c:843:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(handle_p->elementname[handle_p->level]); data/edfbrowser-1.79+dfsg/xml.c:871:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ts_len = strlen(handle_p->tag_search_result); data/edfbrowser-1.79+dfsg/xml.c:906:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ts_len = strlen(handle_p->tag_search_result); data/edfbrowser-1.79+dfsg/xml.c:925:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if((int)strlen(handle_p->tag_search_result) >= len) data/edfbrowser-1.79+dfsg/xml.c:979:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ts_len = strlen(handle_p->tag_search_result); data/edfbrowser-1.79+dfsg/xml.c:1023:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(str); data/edfbrowser-1.79+dfsg/xml.c:1064:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(handle_p->elementname[handle_p->level], str, i); data/edfbrowser-1.79+dfsg/xml.c:1116:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(handle_p->attributes[handle_p->level], str + p, len); data/edfbrowser-1.79+dfsg/xml.c:1177:12: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). temp = fgetc(handle_p->file); data/edfbrowser-1.79+dfsg/z_score_dialog.cpp:302:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). signalcomp->signallabellen = strlen(signalcomp->signallabel); ANALYSIS SUMMARY: Hits = 1430 Lines analyzed = 106257 in approximately 2.40 seconds (44242 lines/second) Physical Source Lines of Code (SLOC) = 76500 Hits@level = [0] 1816 [1] 599 [2] 794 [3] 4 [4] 33 [5] 0 Hits@level+ = [0+] 3246 [1+] 1430 [2+] 831 [3+] 37 [4+] 33 [5+] 0 Hits/KSLOC@level+ = [0+] 42.4314 [1+] 18.6928 [2+] 10.8627 [3+] 0.48366 [4+] 0.431373 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.