Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/eggdrop-1.8.4/src/bg.c
Examining data/eggdrop-1.8.4/src/bg.h
Examining data/eggdrop-1.8.4/src/botcmd.c
Examining data/eggdrop-1.8.4/src/botmsg.c
Examining data/eggdrop-1.8.4/src/botnet.c
Examining data/eggdrop-1.8.4/src/chan.h
Examining data/eggdrop-1.8.4/src/chanprog.c
Examining data/eggdrop-1.8.4/src/cmds.c
Examining data/eggdrop-1.8.4/src/cmdt.h
Examining data/eggdrop-1.8.4/src/compat/compat.h
Examining data/eggdrop-1.8.4/src/compat/gethostbyname2.c
Examining data/eggdrop-1.8.4/src/compat/gethostbyname2.h
Examining data/eggdrop-1.8.4/src/compat/gnu_strftime.c
Examining data/eggdrop-1.8.4/src/compat/in6.c
Examining data/eggdrop-1.8.4/src/compat/in6.h
Examining data/eggdrop-1.8.4/src/compat/inet_aton.c
Examining data/eggdrop-1.8.4/src/compat/inet_aton.h
Examining data/eggdrop-1.8.4/src/compat/inet_ntop.c
Examining data/eggdrop-1.8.4/src/compat/inet_ntop.h
Examining data/eggdrop-1.8.4/src/compat/inet_pton.c
Examining data/eggdrop-1.8.4/src/compat/inet_pton.h
Examining data/eggdrop-1.8.4/src/compat/snprintf.c
Examining data/eggdrop-1.8.4/src/compat/snprintf.h
Examining data/eggdrop-1.8.4/src/compat/strcasecmp.c
Examining data/eggdrop-1.8.4/src/compat/strcasecmp.h
Examining data/eggdrop-1.8.4/src/compat/strftime.c
Examining data/eggdrop-1.8.4/src/compat/strftime.h
Examining data/eggdrop-1.8.4/src/compat/strlcpy.c
Examining data/eggdrop-1.8.4/src/compat/strlcpy.h
Examining data/eggdrop-1.8.4/src/dcc.c
Examining data/eggdrop-1.8.4/src/dccutil.c
Examining data/eggdrop-1.8.4/src/dns.c
Examining data/eggdrop-1.8.4/src/dns.h
Examining data/eggdrop-1.8.4/src/flags.c
Examining data/eggdrop-1.8.4/src/flags.h
Examining data/eggdrop-1.8.4/src/lang.h
Examining data/eggdrop-1.8.4/src/language.c
Examining data/eggdrop-1.8.4/src/main.c
Examining data/eggdrop-1.8.4/src/main.h
Examining data/eggdrop-1.8.4/src/match.c
Examining data/eggdrop-1.8.4/src/md5/md5.h
Examining data/eggdrop-1.8.4/src/md5/md5c.c
Examining data/eggdrop-1.8.4/src/mem.c
Examining data/eggdrop-1.8.4/src/misc.c
Examining data/eggdrop-1.8.4/src/misc_file.c
Examining data/eggdrop-1.8.4/src/misc_file.h
Examining data/eggdrop-1.8.4/src/mod/assoc.mod/assoc.c
Examining data/eggdrop-1.8.4/src/mod/assoc.mod/assoc.h
Examining data/eggdrop-1.8.4/src/mod/blowfish.mod/bf_tab.h
Examining data/eggdrop-1.8.4/src/mod/blowfish.mod/blowfish.c
Examining data/eggdrop-1.8.4/src/mod/blowfish.mod/blowfish.h
Examining data/eggdrop-1.8.4/src/mod/channels.mod/channels.c
Examining data/eggdrop-1.8.4/src/mod/channels.mod/channels.h
Examining data/eggdrop-1.8.4/src/mod/channels.mod/cmdschan.c
Examining data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c
Examining data/eggdrop-1.8.4/src/mod/channels.mod/udefchan.c
Examining data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c
Examining data/eggdrop-1.8.4/src/mod/compress.mod/compress.c
Examining data/eggdrop-1.8.4/src/mod/compress.mod/compress.h
Examining data/eggdrop-1.8.4/src/mod/compress.mod/tclcompress.c
Examining data/eggdrop-1.8.4/src/mod/console.mod/console.c
Examining data/eggdrop-1.8.4/src/mod/console.mod/console.h
Examining data/eggdrop-1.8.4/src/mod/ctcp.mod/ctcp.c
Examining data/eggdrop-1.8.4/src/mod/ctcp.mod/ctcp.h
Examining data/eggdrop-1.8.4/src/mod/dns.mod/coredns.c
Examining data/eggdrop-1.8.4/src/mod/dns.mod/dns.c
Examining data/eggdrop-1.8.4/src/mod/dns.mod/dns.h
Examining data/eggdrop-1.8.4/src/mod/filesys.mod/dbcompat.c
Examining data/eggdrop-1.8.4/src/mod/filesys.mod/dbcompat.h
Examining data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c
Examining data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.h
Examining data/eggdrop-1.8.4/src/mod/filesys.mod/filelist.c
Examining data/eggdrop-1.8.4/src/mod/filesys.mod/filelist.h
Examining data/eggdrop-1.8.4/src/mod/filesys.mod/files.c
Examining data/eggdrop-1.8.4/src/mod/filesys.mod/files.h
Examining data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c
Examining data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.h
Examining data/eggdrop-1.8.4/src/mod/filesys.mod/tclfiles.c
Examining data/eggdrop-1.8.4/src/mod/irc.mod/chan.c
Examining data/eggdrop-1.8.4/src/mod/irc.mod/cmdsirc.c
Examining data/eggdrop-1.8.4/src/mod/irc.mod/irc.c
Examining data/eggdrop-1.8.4/src/mod/irc.mod/irc.h
Examining data/eggdrop-1.8.4/src/mod/irc.mod/mode.c
Examining data/eggdrop-1.8.4/src/mod/irc.mod/msgcmds.c
Examining data/eggdrop-1.8.4/src/mod/irc.mod/tclirc.c
Examining data/eggdrop-1.8.4/src/mod/module.h
Examining data/eggdrop-1.8.4/src/mod/modvals.h
Examining data/eggdrop-1.8.4/src/mod/notes.mod/cmdsnote.c
Examining data/eggdrop-1.8.4/src/mod/notes.mod/notes.c
Examining data/eggdrop-1.8.4/src/mod/notes.mod/notes.h
Examining data/eggdrop-1.8.4/src/mod/seen.mod/seen.c
Examining data/eggdrop-1.8.4/src/mod/server.mod/cmdsserv.c
Examining data/eggdrop-1.8.4/src/mod/server.mod/server.c
Examining data/eggdrop-1.8.4/src/mod/server.mod/server.h
Examining data/eggdrop-1.8.4/src/mod/server.mod/servmsg.c
Examining data/eggdrop-1.8.4/src/mod/server.mod/tclserv.c
Examining data/eggdrop-1.8.4/src/mod/share.mod/share.c
Examining data/eggdrop-1.8.4/src/mod/share.mod/share.h
Examining data/eggdrop-1.8.4/src/mod/share.mod/uf_features.c
Examining data/eggdrop-1.8.4/src/mod/transfer.mod/tcltransfer.c
Examining data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.c
Examining data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.h
Examining data/eggdrop-1.8.4/src/mod/transfer.mod/transferfstat.c
Examining data/eggdrop-1.8.4/src/mod/transfer.mod/transferqueue.c
Examining data/eggdrop-1.8.4/src/mod/uptime.mod/uptime.c
Examining data/eggdrop-1.8.4/src/mod/uptime.mod/uptime.h
Examining data/eggdrop-1.8.4/src/mod/woobie.mod/woobie.c
Examining data/eggdrop-1.8.4/src/modules.c
Examining data/eggdrop-1.8.4/src/modules.h
Examining data/eggdrop-1.8.4/src/net.c
Examining data/eggdrop-1.8.4/src/proto.h
Examining data/eggdrop-1.8.4/src/rfc1459.c
Examining data/eggdrop-1.8.4/src/stat.h
Examining data/eggdrop-1.8.4/src/tandem.h
Examining data/eggdrop-1.8.4/src/tcl.c
Examining data/eggdrop-1.8.4/src/tcldcc.c
Examining data/eggdrop-1.8.4/src/tclegg.h
Examining data/eggdrop-1.8.4/src/tclhash.c
Examining data/eggdrop-1.8.4/src/tclhash.h
Examining data/eggdrop-1.8.4/src/tclmisc.c
Examining data/eggdrop-1.8.4/src/tcluser.c
Examining data/eggdrop-1.8.4/src/tls.c
Examining data/eggdrop-1.8.4/src/userent.c
Examining data/eggdrop-1.8.4/src/userrec.c
Examining data/eggdrop-1.8.4/src/users.c
Examining data/eggdrop-1.8.4/src/users.h
Examining data/eggdrop-1.8.4/src/version.h
Examining data/eggdrop-1.8.4/src/eggdrop.h
FINAL RESULTS:
data/eggdrop-1.8.4/src/mod/channels.mod/channels.c:397:3: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(s, userfile_perm);
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:130:3: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(s, userfile_perm); /* Use userfile permissions. */
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:179:3: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(s, userfile_perm); /* Use userfile permissions. */
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:311:9: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(notefile, userfile_perm); /* Use userfile permissions. */
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:407:3: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(s, userfile_perm); /* Use userfile permissions. */
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:608:3: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(s, userfile_perm); /* Use userfile permissions. */
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:816:5: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(notefile, userfile_perm); /* Use userfile permissions. */
data/eggdrop-1.8.4/src/mod/share.mod/share.c:1674:5: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(fn, 0600); /* make it -rw------- */
data/eggdrop-1.8.4/src/userrec.c:548:3: [5] (race) chmod:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchmod( ) instead.
chmod(new_userfile, userfile_perm);
data/eggdrop-1.8.4/src/bg.c:111:7: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(EGG_NOWRITE, pid_file);
data/eggdrop-1.8.4/src/bg.c:119:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(EGG_NOWRITE, pid_file);
data/eggdrop-1.8.4/src/botcmd.c:136:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TBUF, "*** (%s) %s", from, msg);
data/eggdrop-1.8.4/src/botcmd.c:385:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
k = sprintf(s, " %c%-15s %s", (geticon(i) == '-' ? ' ' : geticon(i)),
data/eggdrop-1.8.4/src/botcmd.c:394:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s + k, " (%s %lud%luh)", MISC_IDLE, days, hrs);
data/eggdrop-1.8.4/src/botcmd.c:396:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s + k, " (%s %luh%lum)", MISC_IDLE, hrs, mins);
data/eggdrop-1.8.4/src/botcmd.c:398:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s + k, " (%s %lum)", MISC_IDLE, mins);
data/eggdrop-1.8.4/src/botcmd.c:411:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, " %s%c%-15s %s",
data/eggdrop-1.8.4/src/botcmd.c:425:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
l = sprintf(s, " %c%-15s %s", (geticon(i) == '-' ? ' ' : geticon(i)),
data/eggdrop-1.8.4/src/botcmd.c:430:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s + l, " (%s %dm)", MISC_IDLE, k);
data/eggdrop-1.8.4/src/botcmd.c:432:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s + l, " (%s %dh%dm)", MISC_IDLE, k / 60, k % 60);
data/eggdrop-1.8.4/src/botcmd.c:451:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TBUF, "%s@%s", from, dcc[idx].nick);
data/eggdrop-1.8.4/src/botcmd.c:518:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(s, chan->dname);
data/eggdrop-1.8.4/src/botcmd.c:1278:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TBUF, "@%s", bot);
data/eggdrop-1.8.4/src/botcmd.c:1327:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(TBUF, "@%s", bot);
data/eggdrop-1.8.4/src/botmsg.c:791:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(botf, from);
data/eggdrop-1.8.4/src/botmsg.c:793:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(botf, "%s@%s", from, botnetnick);
data/eggdrop-1.8.4/src/botmsg.c:796:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(botf, botnetnick);
data/eggdrop-1.8.4/src/botmsg.c:810:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ssf, "%lu:%s", dcc[idx].sock, botf);
data/eggdrop-1.8.4/src/botnet.c:165:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(party[i].from, from);
data/eggdrop-1.8.4/src/botnet.c:190:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(party[parties].from, from);
data/eggdrop-1.8.4/src/botnet.c:267:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(work, party[i].nick);
data/eggdrop-1.8.4/src/botnet.c:270:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(nick, work);
data/eggdrop-1.8.4/src/botnet.c:289:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(party[i].away, msg);
data/eggdrop-1.8.4/src/botnet.c:346:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(party[i].bot, party[parties].bot);
data/eggdrop-1.8.4/src/botnet.c:347:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(party[i].nick, party[parties].nick);
data/eggdrop-1.8.4/src/botnet.c:561:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s, botnetnick);
data/eggdrop-1.8.4/src/botnet.c:574:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s + i, bot->bot);
data/eggdrop-1.8.4/src/botnet.c:605:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s + i, bot->bot);
data/eggdrop-1.8.4/src/botnet.c:647:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
i = sprintf(s, "%c%s", bot->share, bot->bot);
data/eggdrop-1.8.4/src/botnet.c:654:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "-%s", bot->bot);
data/eggdrop-1.8.4/src/botnet.c:685:23: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
i = sprintf(s, "%c%s", bot->share, bot->bot);
data/eggdrop-1.8.4/src/botnet.c:692:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "-%s", bot->bot);
data/eggdrop-1.8.4/src/botnet.c:1048:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dcc[i].nick, nick);
data/eggdrop-1.8.4/src/botnet.c:1049:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dcc[i].host, bi->address);
data/eggdrop-1.8.4/src/botnet.c:1052:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dcc[i].u.dns->cptr, linker);
data/eggdrop-1.8.4/src/botnet.c:1054:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dcc[i].u.dns->host, dcc[i].host);
data/eggdrop-1.8.4/src/botnet.c:1071:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s, dcc[i].nick);
data/eggdrop-1.8.4/src/botnet.c:1196:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dcc[i].nick, nick);
data/eggdrop-1.8.4/src/botnet.c:1198:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dcc[i].host, bi->address);
data/eggdrop-1.8.4/src/botnet.c:1217:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dcc[i].u.dns->host, bi->address);
data/eggdrop-1.8.4/src/chanprog.c:273:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s1, MISC_BACKGROUND);
data/eggdrop-1.8.4/src/chanprog.c:276:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s1, MISC_TERMMODE);
data/eggdrop-1.8.4/src/chanprog.c:278:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s1, MISC_STATMODE);
data/eggdrop-1.8.4/src/chanprog.c:280:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s1, MISC_LOGMODE);
data/eggdrop-1.8.4/src/chanprog.c:439:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s, q);
data/eggdrop-1.8.4/src/chanprog.c:507:7: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(MISC_USERFCREATE1, origbotname);
data/eggdrop-1.8.4/src/chanprog.c:570:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((*stack)->cmd, cmd);
data/eggdrop-1.8.4/src/chanprog.c:678:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s, owner);
data/eggdrop-1.8.4/src/chanprog.c:707:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(owner, " " EGG_BG_HANDLE);
data/eggdrop-1.8.4/src/cmds.c:129:11: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(s, format, dcc[i].sock,
data/eggdrop-1.8.4/src/cmds.c:134:11: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(s, format,
data/eggdrop-1.8.4/src/cmds.c:140:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&s[strlen(s)], " (con:%s)",
data/eggdrop-1.8.4/src/cmds.c:191:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(s, format, dcc[i].sock,
data/eggdrop-1.8.4/src/cmds.c:195:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(s, format, (geticon(i) == '-' ? ' ' : geticon(i)), dcc[i].nick);
data/eggdrop-1.8.4/src/cmds.c:205:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(s, dcc[i].host);
data/eggdrop-1.8.4/src/cmds.c:208:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&s[strlen(s)], " (con:%s)",
data/eggdrop-1.8.4/src/cmds.c:231:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(s, format,
data/eggdrop-1.8.4/src/cmds.c:236:9: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(s, format,
data/eggdrop-1.8.4/src/cmds.c:280:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(s, chan->dname);
data/eggdrop-1.8.4/src/cmds.c:891:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(bi->address, addr);
data/eggdrop-1.8.4/src/cmds.c:1244:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(bi->address, addr);
data/eggdrop-1.8.4/src/cmds.c:1682:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dcc[i].u.chat->con_chan, chan->dname);
data/eggdrop-1.8.4/src/cmds.c:1761:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(tmpchg, chg);
data/eggdrop-1.8.4/src/cmds.c:1950:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(tmpchg, chg);
data/eggdrop-1.8.4/src/cmds.c:2387:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dcc[idx].u.chat->away, dcc[idx].nick);
data/eggdrop-1.8.4/src/cmds.c:2389:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dcc[idx].u.chat->su_nick, dcc[idx].nick);
data/eggdrop-1.8.4/src/cmds.c:2391:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dcc[idx].nick, par);
data/eggdrop-1.8.4/src/cmds.c:2406:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dcc[idx].u.chat->su_nick, dcc[idx].nick);
data/eggdrop-1.8.4/src/cmds.c:2656:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s, who);
data/eggdrop-1.8.4/src/cmds.c:3031:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(traffictxt, "%.2f %s", xbytes, unit);
data/eggdrop-1.8.4/src/compat/inet_ntop.c:50:28: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
# define SPRINTF(x) strlen(sprintf/**/x)
data/eggdrop-1.8.4/src/compat/inet_ntop.c:52:30: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
# define SPRINTF(x) ((size_t)sprintf x)
data/eggdrop-1.8.4/src/compat/inet_ntop.c:120:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
return strcpy(dst, tmp);
data/eggdrop-1.8.4/src/compat/inet_ntop.c:218:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
return strcpy(dst, tmp);
data/eggdrop-1.8.4/src/compat/snprintf.h:45:25: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
# define egg_vsnprintf vsnprintf
data/eggdrop-1.8.4/src/compat/snprintf.h:58:24: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
# define egg_snprintf snprintf
data/eggdrop-1.8.4/src/dcc.c:267:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s1, dcc[idx].u.bot->linker);
data/eggdrop-1.8.4/src/dcc.c:273:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s, dcc[idx].nick);
data/eggdrop-1.8.4/src/dcc.c:983:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p->msg, line);
data/eggdrop-1.8.4/src/dcc.c:1370:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "-telnet!telnet@%s", dcc[i].host);
data/eggdrop-1.8.4/src/dcc.c:1445:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dcc[j].host, dcc[i].host);
data/eggdrop-1.8.4/src/dcc.c:1462:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "lstn %s%d%s", dcc[idx].ssl ? "+" : "", dcc[idx].port,
data/eggdrop-1.8.4/src/dcc.c:1465:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "lstn %d%s", dcc[idx].port,
data/eggdrop-1.8.4/src/dcc.c:1923:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dcc[idx].nick, buf);
data/eggdrop-1.8.4/src/dcc.c:1991:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "Introduced to %s, %s", dcc[idx].nick, dcc[idx].host);
data/eggdrop-1.8.4/src/dcc.c:1992:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s1, notify_new);
data/eggdrop-1.8.4/src/dcc.c:2172:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "scri %s", dcc[idx].u.script->command);
data/eggdrop-1.8.4/src/dcc.c:2444:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dcc[i].u.chat->con_chan, chanset ? chanset->dname : "*");
data/eggdrop-1.8.4/src/dccutil.c:477:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dcc[idx].u.chat->away, s);
data/eggdrop-1.8.4/src/dns.c:134:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dcc[idx].u.dns->host, hostn);
data/eggdrop-1.8.4/src/dns.c:207:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(de->res_data.hostname, hostn);
data/eggdrop-1.8.4/src/dns.c:325:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(de->res_data.hostname, hostn);
data/eggdrop-1.8.4/src/dns.c:330:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tclinfo->proc, proc);
data/eggdrop-1.8.4/src/dns.c:333:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tclinfo->paras, paras);
data/eggdrop-1.8.4/src/dns.c:361:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tclinfo->proc, proc);
data/eggdrop-1.8.4/src/dns.c:366:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tclinfo->paras, paras);
data/eggdrop-1.8.4/src/flags.c:754:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(e->u.list->extra, x);
data/eggdrop-1.8.4/src/language.c:128:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lp->lang, lang);
data/eggdrop-1.8.4/src/language.c:171:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(l->text, ltext);
data/eggdrop-1.8.4/src/language.c:185:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(l->text, ltext);
data/eggdrop-1.8.4/src/language.c:233:32: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if ((lbuf[0] == '#') || (sscanf(lbuf, "%s", ltext) == EOF))
data/eggdrop-1.8.4/src/language.c:252:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ltext, strchr(lbuf, ',') + 1);
data/eggdrop-1.8.4/src/language.c:254:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(strchr(ltext, 0), lbuf);
data/eggdrop-1.8.4/src/language.c:321:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ls->section, section);
data/eggdrop-1.8.4/src/language.c:380:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(langfile, "%s/%s.%s.lang", ldir, sec->section, language);
data/eggdrop-1.8.4/src/language.c:385:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sec->lang, language);
data/eggdrop-1.8.4/src/language.c:456:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, par);
data/eggdrop-1.8.4/src/language.c:649:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, argv[1]);
data/eggdrop-1.8.4/src/main.c:469:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cx_file[cx_ptr], x);
data/eggdrop-1.8.4/src/main.c:487:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cx_file[cx_ptr], x);
data/eggdrop-1.8.4/src/main.c:1192:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(EGG_RUNNING1, botnetnick);
data/eggdrop-1.8.4/src/main.c:1193:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(EGG_RUNNING2, pid_file);
data/eggdrop-1.8.4/src/main.c:1218:11: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(EGG_NOWRITE, pid_file);
data/eggdrop-1.8.4/src/main.c:1224:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(EGG_NOWRITE, pid_file);
data/eggdrop-1.8.4/src/main.c:1264:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dcc[term_z].nick, EGG_BG_HANDLE);
data/eggdrop-1.8.4/src/match.c:444:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, mask);
data/eggdrop-1.8.4/src/mem.c:155:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fn, memtbl[i].file);
data/eggdrop-1.8.4/src/mem.c:258:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&sofar[strlen(sofar)], "%-10s/%-4d:(%04d) ",
data/eggdrop-1.8.4/src/mem.c:294:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fn, memtbl[j].file);
data/eggdrop-1.8.4/src/mem.c:298:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&sofar[strlen(sofar)], "%-10s/%-4d:(%04X) ", p + 1,
data/eggdrop-1.8.4/src/mem.c:419:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(memtbl[i].file, memtbl[lastused].file);
data/eggdrop-1.8.4/src/misc.c:209:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(first, rest);
data/eggdrop-1.8.4/src/misc.c:242:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(rest, p + 1);
data/eggdrop-1.8.4/src/misc.c:405:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(nw, h);
data/eggdrop-1.8.4/src/misc.c:411:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(nw, "*%s", u);
data/eggdrop-1.8.4/src/misc.c:416:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(nw, h);
data/eggdrop-1.8.4/src/misc.c:469:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(out, "%d day%s ago", days, (days == 1) ? "" : "s");
data/eggdrop-1.8.4/src/misc.c:483:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(out, "in %d day%s", days, (days == 1) ? "" : "s");
data/eggdrop-1.8.4/src/misc.c:500:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(out, "for %d day%s", days, (days == 1) ? "" : "s");
data/eggdrop-1.8.4/src/misc.c:508:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(out, s);
data/eggdrop-1.8.4/src/misc.c:605:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(logs[i].f, MISC_LOGREPEAT, logs[i].repeats);
data/eggdrop-1.8.4/src/misc.c:720:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(logs[i].f, MISC_LOGREPEAT, logs[i].repeats);
data/eggdrop-1.8.4/src/misc.c:755:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(colstr, newcol);
data/eggdrop-1.8.4/src/misc.c:765:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(s, q);
data/eggdrop-1.8.4/src/misc.c:771:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(s, q);
data/eggdrop-1.8.4/src/misc.c:1043:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(writeidx, readidx);
data/eggdrop-1.8.4/src/misc.c:1047:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xx, s);
data/eggdrop-1.8.4/src/misc.c:1053:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s + i, xx);
data/eggdrop-1.8.4/src/misc.c:1080:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(list->name, q);
data/eggdrop-1.8.4/src/misc.c:1108:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(current->name, file);
data/eggdrop-1.8.4/src/mod/assoc.mod/assoc.c:306:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, p);
data/eggdrop-1.8.4/src/mod/blowfish.mod/blowfish.c:331:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s, str);
data/eggdrop-1.8.4/src/mod/blowfish.mod/blowfish.c:383:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s + 8, str);
data/eggdrop-1.8.4/src/mod/blowfish.mod/blowfish.c:491:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s, str);
data/eggdrop-1.8.4/src/mod/blowfish.mod/blowfish.c:532:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s, str);
data/eggdrop-1.8.4/src/mod/blowfish.mod/blowfish.c:601:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s, dest + 8);
data/eggdrop-1.8.4/src/mod/channels.mod/channels.c:190:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&s1[strlen(s1)], "%s ", chan->key_prot);
data/eggdrop-1.8.4/src/mod/channels.mod/channels.c:240:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(s, s1);
data/eggdrop-1.8.4/src/mod/channels.mod/channels.c:356:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dcc[idx].u.chat->con_chan, chan->dname);
data/eggdrop-1.8.4/src/mod/channels.mod/channels.c:575:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, " %-20s: ", chan->dname);
data/eggdrop-1.8.4/src/mod/channels.mod/channels.c:586:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s1, "%3d member%s", chan->channel.members,
data/eggdrop-1.8.4/src/mod/channels.mod/channels.c:588:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(s, s1);
data/eggdrop-1.8.4/src/mod/channels.mod/cmdschan.c:1523:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, bak);
data/eggdrop-1.8.4/src/mod/channels.mod/cmdschan.c:1537:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(answers, list[0]);
data/eggdrop-1.8.4/src/mod/channels.mod/cmdschan.c:1562:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(parcpy, par);
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:2165:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ul->name, argv[3]);
data/eggdrop-1.8.4/src/mod/channels.mod/udefchan.c:87:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ul->chan, name);
data/eggdrop-1.8.4/src/mod/channels.mod/udefchan.c:115:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ul->name, name);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:83:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s, ch->info);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:106:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ch->info, info);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:185:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(uhost, u->mask);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:272:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lastdeletedmask, (*u)->mask);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:327:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lastdeletedmask, (*u)->mask);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:383:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lastdeletedmask, (*u)->mask);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:469:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p->mask, host);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:471:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p->user, from);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:473:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p->desc, note);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:533:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p->mask, host);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:535:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p->user, from);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:537:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p->desc, note);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:597:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p->mask, host);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:599:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p->user, from);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:601:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p->desc, note);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:629:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dates, "%s %s", MODES_CREATED, s);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:643:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "(expires %s)", s1);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:673:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dates, "%s %s", MODES_CREATED, s);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:687:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "(expires %s)", s1);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:717:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dates, "%s %s", MODES_CREATED, s);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:731:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "(expires %s)", s1);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:815:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s, b->who);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:819:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fill, "%s (%s!%s)", b->mask, s1, s2);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:821:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fill, "%s (server %s)", b->mask, s2);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:826:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fill, s);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:904:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s, e->who);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:908:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fill, "%s (%s!%s)", e->mask, s1, s2);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:910:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fill, "%s (server %s)", e->mask, s2);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:915:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fill, s);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:993:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s, i->who);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:997:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fill, "%s (%s!%s)", i->mask, s1, s2);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:999:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fill, "%s (server %s)", i->mask, s2);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:1004:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fill, s);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:1029:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
if (fprintf(f, BAN_NAME " - -\n") == EOF) /* Daemus */
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:1089:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
if (fprintf(f, EXEMPT_NAME " - -\n") == EOF) /* Daemus */
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:1149:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
if (fprintf(f, INVITE_NAME " - -\n") == EOF) /* Daemus */
data/eggdrop-1.8.4/src/mod/compress.mod/compress.c:305:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp_fn, filename);
data/eggdrop-1.8.4/src/mod/compress.mod/compress.c:306:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(temp_fn, rands);
data/eggdrop-1.8.4/src/mod/compress.mod/compress.c:331:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(temp_fn, filename);
data/eggdrop-1.8.4/src/mod/compress.mod/compress.c:332:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(temp_fn, rands);
data/eggdrop-1.8.4/src/mod/console.mod/console.c:56:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ci->channel, arg);
data/eggdrop-1.8.4/src/mod/console.mod/console.c:88:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(e->u.list->extra, work);
data/eggdrop-1.8.4/src/mod/console.mod/console.c:236:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(j->channel, i->channel);
data/eggdrop-1.8.4/src/mod/console.mod/console.c:318:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(i->channel, dcc[idx].u.chat->con_chan);
data/eggdrop-1.8.4/src/mod/dns.mod/coredns.c:1042:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(rp->hostn, namestring);
data/eggdrop-1.8.4/src/mod/dns.mod/coredns.c:1228:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(rp->hostn, hostn);
data/eggdrop-1.8.4/src/mod/dns.mod/dns.c:72:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s, iptostr(&rp->sockname.addr.sa));
data/eggdrop-1.8.4/src/mod/filesys.mod/dbcompat.c:45:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s1, "%s/.files", path);
data/eggdrop-1.8.4/src/mod/filesys.mod/dbcompat.c:81:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fdbe->desc, s);
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:663:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%s/%s", path, name);
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:701:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%s/%s", path, fdbe->filename);
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:917:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s2, "%s/\n", fdbe->filename);
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:922:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s2, "%s/", fdbe->filename);
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:932:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s3, "%-30s <DIR%s> (%s %s%s%s)\n", s2,
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:938:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s3, "%-30s <DIR>\n", s2 ? s2 : "");
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:964:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s3, "%s\n", fdbe->filename);
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:972:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s4, "%-30s %s %-9s (%s) %6d%s\n", s3 ? s3 : "", s1,
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:980:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s4, " --> %s\n", fdbe->sharelink);
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:993:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sd, " %s\n", fdbe->desc);
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:997:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fdbe->desc, p + 1);
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:1004:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sd, " %s\n", fdbe->desc);
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:1039:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(what, p + 1);
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:1058:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s1, "%s%s%s%s", dccdir, dir, dir[0] ? "/" : "", what);
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:1108:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(*desc, fdbe->desc);
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:1122:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(*owner, fdbe->uploader);
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.h:95:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((target), (entry)); \
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.h:103:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((target), (entry)); \
data/eggdrop-1.8.4/src/mod/filesys.mod/filelist.c:60:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(FILELIST_LE(flist).fn, filename);
data/eggdrop-1.8.4/src/mod/filesys.mod/filelist.c:72:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(FILELIST_LE(flist).output, desc);
data/eggdrop-1.8.4/src/mod/filesys.mod/filelist.c:75:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(FILELIST_LE(flist).output, desc);
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:161:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(new, change);
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:165:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(new, &new[1]);
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:174:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(new, p);
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:246:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(work, "%s%s", s, elem);
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:249:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%s%s", dccdir, *real);
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:260:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%s%s", dccdir, *real);
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:450:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(what, p + 1);
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:498:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%s:%s", bot, fdbe->sharelink);
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:541:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "filesys/%s", par);
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:804:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(desc, par);
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:810:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(q, &q[1]); /* Zapf leading spaces */
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:831:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(q, &q[1]);
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:919:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%s%s/%s", dccdir, dcc[idx].u.file->dir, fdbe->filename);
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:990:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%s%s/%s", dccdir, dcc[idx].u.file->dir, name);
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:1072:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%s%s/%s/.filedb", dccdir, dcc[idx].u.file->dir, name);
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:1074:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%s%s/%s/.files", dccdir, dcc[idx].u.file->dir, name);
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:1076:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%s%s/%s", dccdir, dcc[idx].u.file->dir, name);
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:1115:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fn, p + 1);
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:1215:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%s%s%s%s", dccdir, oldpath,
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:1217:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s1, "%s%s%s%s", dccdir, newpath,
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:1468:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%s:%s", bot, fdbe->sharelink);
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:221:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(msg, check_tcl_filt(idx, msg));
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:236:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, check_tcl_filt(idx, buf));
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:451:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%s%s/%s", dccdir, dir, fn);
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:454:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%s%s", dccdir, fn);
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:471:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(xxx, "%d*%s%s", (int) strlen(dccdir), dccdir, dir);
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:636:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, text);
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:689:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dcc[i].host, from);
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:691:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dcc[i].u.dns->cbuf, param);
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:727:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tempname, "%li-%s-%s", (long) getpid(), rands, fn);
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:745:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(param, dcc[i].u.dns->cbuf);
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:752:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dcc[i].u.xfer->origname, param);
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:755:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dcc[i].u.xfer->filename, tempf);
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:764:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dcc[i].u.xfer->dir, "%s%s/", dccdir, p);
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:766:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dcc[i].u.xfer->dir, "%s", dccdir);
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:768:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dcc[i].u.xfer->dir, dccin);
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:772:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s1, "%s%s", dcc[i].u.xfer->dir, dcc[i].u.xfer->origname);
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:882:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dcc[i].nick, u->handle);
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:883:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dcc[i].host, from);
data/eggdrop-1.8.4/src/mod/filesys.mod/tclfiles.c:327:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(t, "%s%s/%s", dccdir, d, p);
data/eggdrop-1.8.4/src/mod/filesys.mod/tclfiles.c:415:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(t, "%s%s/%s/.filedb", dccdir, d, p);
data/eggdrop-1.8.4/src/mod/filesys.mod/tclfiles.c:417:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(t, "%s%s/%s/.files", dccdir, d, p);
data/eggdrop-1.8.4/src/mod/filesys.mod/tclfiles.c:419:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(t, "%s%s/%s", dccdir, d, p);
data/eggdrop-1.8.4/src/mod/filesys.mod/tclfiles.c:452:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fn, p + 1);
data/eggdrop-1.8.4/src/mod/filesys.mod/tclfiles.c:540:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%s%s%s%s", dccdir, oldpath,
data/eggdrop-1.8.4/src/mod/filesys.mod/tclfiles.c:542:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s1, "%s%s%s%s", dccdir, newpath,
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:139:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
i += sprintf(s + i, " %s", chan->channel.key);
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:397:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%s!%s", m->nick, m->userhost);
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:414:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(kicknick, m->nick);
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:448:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%s!%s", m->nick, m->userhost);
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:645:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(user, "%s!%s", m->nick, m->userhost);
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:829:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%s!%s", m->nick, m->userhost);
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:860:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%s!%s", m->nick, m->userhost);
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:887:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%s!%s", m->nick, m->userhost);
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:1000:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, q + 1);
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:1023:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, q + 1);
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:1057:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(botuserhost, m->userhost); /* Yes, save my own userhost */
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:1550:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(chan->channel.topic, k);
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:2157:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s1, "%s!%s", msg, uhost);
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:2321:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p1 - 1, p + 1);
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:2439:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ctcp, p1);
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:2440:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p1 - 1, p + 1);
data/eggdrop-1.8.4/src/mod/irc.mod/irc.c:171:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s1, whobad);
data/eggdrop-1.8.4/src/mod/irc.mod/irc.c:264:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(chan->channel.key, k);
data/eggdrop-1.8.4/src/mod/irc.mod/irc.c:273:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%s!%s", m->nick, m->userhost);
data/eggdrop-1.8.4/src/mod/irc.mod/irc.c:304:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(m->mask, s);
data/eggdrop-1.8.4/src/mod/irc.mod/irc.c:306:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(m->who, who);
data/eggdrop-1.8.4/src/mod/irc.mod/irc.c:573:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%s!%s", m->nick, m->userhost);
data/eggdrop-1.8.4/src/mod/irc.mod/irc.c:667:15: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%s!%s", m->nick, m->userhost);
data/eggdrop-1.8.4/src/mod/irc.mod/irc.c:682:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%s!%s", m->nick, m->userhost);
data/eggdrop-1.8.4/src/mod/irc.mod/mode.c:321:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(chan->cmode[i].op, op);
data/eggdrop-1.8.4/src/mod/irc.mod/mode.c:332:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(chan->key, op);
data/eggdrop-1.8.4/src/mod/irc.mod/mode.c:340:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(chan->rmkey, op);
data/eggdrop-1.8.4/src/mod/irc.mod/mode.c:348:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s, chan->pls);
data/eggdrop-1.8.4/src/mod/irc.mod/mode.c:350:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s, chan->mns);
data/eggdrop-1.8.4/src/mod/irc.mod/mode.c:423:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ch, chan->name);
data/eggdrop-1.8.4/src/mod/irc.mod/mode.c:521:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ch, chan->name);
data/eggdrop-1.8.4/src/mod/irc.mod/mode.c:612:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ch, chan->name);
data/eggdrop-1.8.4/src/mod/irc.mod/mode.c:705:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ch, chan->name);
data/eggdrop-1.8.4/src/mod/irc.mod/msgcmds.c:58:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s, host);
data/eggdrop-1.8.4/src/mod/irc.mod/msgcmds.c:101:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s1, notify_new);
data/eggdrop-1.8.4/src/mod/irc.mod/msgcmds.c:1112:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newserver, s);
data/eggdrop-1.8.4/src/mod/irc.mod/msgcmds.c:1114:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(newserverpass, par);
data/eggdrop-1.8.4/src/mod/notes.mod/cmdsnote.c:36:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, par);
data/eggdrop-1.8.4/src/mod/notes.mod/cmdsnote.c:79:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, par);
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:124:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%s~new", notefile);
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:154:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%s~new", notefile);
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:173:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%s~new", notefile);
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:205:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%s~new", notefile);
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:237:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fwd2, fwd);
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:244:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fwd2, f2);
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:287:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(work, argv[3]);
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:400:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%s~new", notefile);
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:434:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%s~new", notefile);
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:518:13: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(&dt[strlen(dt)], NOTES_EXPIRE_XDAYS, note_life - lapse,
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:598:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%s~new", notefile);
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:635:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%s~new", notefile);
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:842:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s1, "%s!%s", m->nick, m->userhost);
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:955:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, xk->data);
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:1002:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mxk->data, mask);
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:1004:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mxk->key, NOTES_IGNKEY);
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:1009:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(xk->data, mask);
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:1035:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf, ignores[i]);
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:1055:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xk->key, NOTES_IGNKEY);
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:1059:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xk->key, NOTES_IGNKEY);
data/eggdrop-1.8.4/src/mod/seen.mod/seen.c:206:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(whoredirect, object);
data/eggdrop-1.8.4/src/mod/seen.mod/seen.c:208:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(whoredirect, urec->handle);
data/eggdrop-1.8.4/src/mod/seen.mod/seen.c:301:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(whoredirect, whotarget);
data/eggdrop-1.8.4/src/mod/seen.mod/seen.c:309:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(whoredirect, nick);
data/eggdrop-1.8.4/src/mod/seen.mod/seen.c:353:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(whoredirect, whotarget);
data/eggdrop-1.8.4/src/mod/seen.mod/seen.c:355:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(whoredirect, urec->handle);
data/eggdrop-1.8.4/src/mod/seen.mod/seen.c:371:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(whoredirect, whotarget);
data/eggdrop-1.8.4/src/mod/seen.mod/seen.c:373:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(whoredirect, m->nick);
data/eggdrop-1.8.4/src/mod/seen.mod/seen.c:433:11: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(whoredirect, whotarget);
data/eggdrop-1.8.4/src/mod/seen.mod/seen.c:480:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(word2 + strlen(word2), "%lu hour%s, ", tv, (tv == 1) ? "" : "s");
data/eggdrop-1.8.4/src/mod/seen.mod/seen.c:485:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(word2 + strlen(word2), "%lu minute%s, ", tv,
data/eggdrop-1.8.4/src/mod/seen.mod/seen.c:573:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(first, p);
data/eggdrop-1.8.4/src/mod/server.mod/server.c:581:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(m->msg, newmsg);
data/eggdrop-1.8.4/src/mod/server.mod/server.c:648:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(m->msg, newmsg);
data/eggdrop-1.8.4/src/mod/server.mod/server.c:748:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(m->msg, newmsg);
data/eggdrop-1.8.4/src/mod/server.mod/server.c:996:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(x->name, name);
data/eggdrop-1.8.4/src/mod/server.mod/server.c:999:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(x->pass, pass);
data/eggdrop-1.8.4/src/mod/server.mod/server.c:1065:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(x->name, serv);
data/eggdrop-1.8.4/src/mod/server.mod/server.c:1069:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(x->pass, pass);
data/eggdrop-1.8.4/src/mod/server.mod/server.c:1099:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(serv, x->name);
data/eggdrop-1.8.4/src/mod/server.mod/server.c:1102:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pass, x->pass);
data/eggdrop-1.8.4/src/mod/server.mod/server.c:1581:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dcc[i].nick, u->handle);
data/eggdrop-1.8.4/src/mod/server.mod/server.c:1582:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dcc[i].host, from);
data/eggdrop-1.8.4/src/mod/server.mod/server.c:1641:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dcc[i].u.chat->con_chan, (chanset) ? chanset->dname : "*");
data/eggdrop-1.8.4/src/mod/server.mod/server.c:1709:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(botname, oldnick);
data/eggdrop-1.8.4/src/mod/server.mod/server.c:1714:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(botname, oldnick);
data/eggdrop-1.8.4/src/mod/server.mod/server.c:1793:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(s, s1);
data/eggdrop-1.8.4/src/mod/server.mod/servmsg.c:55:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(botname, alt);
data/eggdrop-1.8.4/src/mod/server.mod/servmsg.c:303:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(x->realname, from);
data/eggdrop-1.8.4/src/mod/server.mod/servmsg.c:308:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(realservername, from);
data/eggdrop-1.8.4/src/mod/server.mod/servmsg.c:639:14: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
ctcp = strcpy(ctcpbuf, p1);
data/eggdrop-1.8.4/src/mod/server.mod/servmsg.c:640:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p1 - 1, p + 1);
data/eggdrop-1.8.4/src/mod/server.mod/servmsg.c:1005:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s (lag: %d)", trying_server ? "conn" : "serv", server_lag);
data/eggdrop-1.8.4/src/mod/server.mod/servmsg.c:1194:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(botserver, newserver);
data/eggdrop-1.8.4/src/mod/server.mod/servmsg.c:1196:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pass, newserverpass);
data/eggdrop-1.8.4/src/mod/server.mod/servmsg.c:1247:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dcc[servidx].u.dns->host, dcc[servidx].host);
data/eggdrop-1.8.4/src/mod/server.mod/servmsg.c:1249:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dcc[servidx].u.dns->cbuf, pass);
data/eggdrop-1.8.4/src/mod/server.mod/servmsg.c:1319:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(botname, origbotname);
data/eggdrop-1.8.4/src/mod/share.mod/share.c:115:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(d->mask, mask);
data/eggdrop-1.8.4/src/mod/share.mod/share.c:1215:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dcc[i].u.xfer->filename, s);
data/eggdrop-1.8.4/src/mod/share.mod/share.c:1224:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dcc[i].host, dcc[idx].nick);
data/eggdrop-1.8.4/src/mod/share.mod/share.c:1558:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(q->msg, s);
data/eggdrop-1.8.4/src/mod/share.mod/share.c:1572:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(q->msg, s);
data/eggdrop-1.8.4/src/mod/share.mod/share.c:1760:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(nue->name, ue->name);
data/eggdrop-1.8.4/src/mod/share.mod/share.c:1768:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(list->extra, lt->extra);
data/eggdrop-1.8.4/src/mod/share.mod/share.c:2003:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dcc[i].host, dcc[idx].nick); /* Store bot's nick */
data/eggdrop-1.8.4/src/mod/share.mod/uf_features.c:242:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, par);
data/eggdrop-1.8.4/src/mod/share.mod/uf_features.c:291:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, par);
data/eggdrop-1.8.4/src/mod/transfer.mod/tcltransfer.c:46:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sys, "*%s", argv[1]);
data/eggdrop-1.8.4/src/mod/transfer.mod/tcltransfer.c:70:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%s %s/%s", q->to, &q->dir[1], q->file);
data/eggdrop-1.8.4/src/mod/transfer.mod/tcltransfer.c:72:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%s /%s%s%s", q->to, q->dir, q->dir[0] ? "/" : "", q->file);
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.c:137:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ret, fn);
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.c:291:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(nfn, "%s%s", dcc[idx].u.xfer->dir, dcc[idx].u.xfer->origname);
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.c:543:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((char *) xnick, dcc[idx].nick);
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.c:601:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xnick, dcc[idx].nick);
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.c:678:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xx, dcc[i].nick);
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.c:721:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, TRANSFER_SEND, dcc[idx].u.xfer->acked,
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.c:724:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, TRANSFER_SEND, dcc[idx].status,
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.c:730:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, TRANSFER_SEND_WAITED, now - dcc[idx].timeval,
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.c:736:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, TRANSFER_SEND, dcc[idx].status,
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.c:742:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%s", TRANSFER_CONN_SEND);
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.c:1006:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dcc[i].nick, nick);
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.c:1009:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dcc[i].u.xfer->filename, filename);
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.c:1013:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dcc[i].u.xfer->origname, nfn);
data/eggdrop-1.8.4/src/mod/transfer.mod/transferqueue.c:107:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%s/%s", &this->dir[1], this->file);
data/eggdrop-1.8.4/src/mod/transfer.mod/transferqueue.c:118:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%s%s%s", p, p[0] ? "/" : "", this->file);
data/eggdrop-1.8.4/src/mod/transfer.mod/transferqueue.c:119:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(this->dir, &(p[atoi(this->dir)]));
data/eggdrop-1.8.4/src/mod/transfer.mod/transferqueue.c:123:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%s/%s", &this->dir[1], this->file);
data/eggdrop-1.8.4/src/mod/transfer.mod/transferqueue.c:126:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%s%s%s", this->dir, this->dir[0] ? "/" : "", this->file);
data/eggdrop-1.8.4/src/mod/transfer.mod/transferqueue.c:136:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s, this->to);
data/eggdrop-1.8.4/src/mod/transfer.mod/transferqueue.c:141:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s, this->to);
data/eggdrop-1.8.4/src/mod/transfer.mod/transferqueue.c:146:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s, this->to);
data/eggdrop-1.8.4/src/mod/transfer.mod/transferqueue.c:230:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%s/%s", &q->dir[1], q->file);
data/eggdrop-1.8.4/src/mod/transfer.mod/transferqueue.c:232:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "/%s%s%s", q->dir, q->dir[0] ? "/" : "", q->file);
data/eggdrop-1.8.4/src/mod/uptime.mod/uptime.c:222:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mem->string, "%s %s %s", botnetnick, servhost, uptime_version);
data/eggdrop-1.8.4/src/modules.c:131:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p->name, name);
data/eggdrop-1.8.4/src/modules.c:715:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(&(workbuf[strlen(workbuf)]), "/%s%s." EGG_MOD_EXT, moddir, name);
data/eggdrop-1.8.4/src/modules.c:717:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(workbuf, "%s%s." EGG_MOD_EXT, moddir, name);
data/eggdrop-1.8.4/src/modules.c:724:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(workbuf, "%s_start", name);
data/eggdrop-1.8.4/src/modules.c:729:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(workbuf, "_%s_start", name);
data/eggdrop-1.8.4/src/modules.c:744:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(workbuf, "_%s_start", name);
data/eggdrop-1.8.4/src/modules.c:760:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(workbuf, "_%s_start", name);
data/eggdrop-1.8.4/src/modules.c:771:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(workbuf, "%s_start", name);
data/eggdrop-1.8.4/src/modules.c:774:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(workbuf, "_%s_start", name);
data/eggdrop-1.8.4/src/modules.c:787:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(workbuf, "%s_start", name);
data/eggdrop-1.8.4/src/modules.c:790:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(workbuf, "_%s_start", name);
data/eggdrop-1.8.4/src/modules.c:811:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p->name, name);
data/eggdrop-1.8.4/src/modules.c:914:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p->name, newname);
data/eggdrop-1.8.4/src/net.c:474:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(host, firewall);
data/eggdrop-1.8.4/src/net.c:1134:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(socklist[ret].handler.sock.inbuf, p);
data/eggdrop-1.8.4/src/net.c:1135:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(socklist[ret].handler.sock.inbuf, xx);
data/eggdrop-1.8.4/src/net.c:1138:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xx, socklist[ret].handler.sock.inbuf);
data/eggdrop-1.8.4/src/net.c:1146:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(socklist[ret].handler.sock.inbuf, p + 510);
data/eggdrop-1.8.4/src/net.c:1148:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(xx, p);
data/eggdrop-1.8.4/src/net.c:1170:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s, xx);
data/eggdrop-1.8.4/src/net.c:1188:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(socklist[ret].handler.sock.inbuf, xx);
data/eggdrop-1.8.4/src/net.c:1189:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(socklist[ret].handler.sock.inbuf, p);
data/eggdrop-1.8.4/src/net.c:1508:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(badaddress, iptostr(&ip->addr.sa));
data/eggdrop-1.8.4/src/tcl.c:289:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(firewall, s);
data/eggdrop-1.8.4/src/tcl.c:293:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(st->str, s);
data/eggdrop-1.8.4/src/tclhash.c:289:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tl->name, nme);
data/eggdrop-1.8.4/src/tclhash.c:404:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tm->mask, cmd);
data/eggdrop-1.8.4/src/tclhash.c:438:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tc->func_name, proc);
data/eggdrop-1.8.4/src/tclhash.c:731:7: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
x = snprintf(NULL, 0, FORMAT, proc ? proc : "<null>", param ? param : "<null>");
data/eggdrop-1.8.4/src/tclhash.c:733:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, FORMAT, proc ? proc : "<null>", param ? param : "<null>");
data/eggdrop-1.8.4/src/tclhash.c:957:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, param);
data/eggdrop-1.8.4/src/tclmisc.c:127:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(logs[i].chname, argv[2]);
data/eggdrop-1.8.4/src/tclmisc.c:143:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(logs[i].filename, argv[3]);
data/eggdrop-1.8.4/src/tclmisc.c:145:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(logs[i].chname, argv[2]);
data/eggdrop-1.8.4/src/tclmisc.c:360:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "%lu year%s ", tmp, (tmp == 1) ? "" : "s");
data/eggdrop-1.8.4/src/tclmisc.c:365:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&s[strlen(s)], "%lu week%s ", tmp, (tmp == 1) ? "" : "s");
data/eggdrop-1.8.4/src/tclmisc.c:370:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&s[strlen(s)], "%lu day%s ", tmp, (tmp == 1) ? "" : "s");
data/eggdrop-1.8.4/src/tclmisc.c:375:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&s[strlen(s)], "%lu hour%s ", tmp, (tmp == 1) ? "" : "s");
data/eggdrop-1.8.4/src/tclmisc.c:380:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&s[strlen(s)], "%lu minute%s ", tmp, (tmp == 1) ? "" : "s");
data/eggdrop-1.8.4/src/tclmisc.c:385:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&s[strlen(s)], "%lu second%s", tmp, (tmp == 1) ? "" : "s");
data/eggdrop-1.8.4/src/tclmisc.c:703:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, argv[2]);
data/eggdrop-1.8.4/src/tcluser.c:414:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(bi->address, addr);
data/eggdrop-1.8.4/src/tcluser.c:419:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(bi->address, addr);
data/eggdrop-1.8.4/src/tls.c:208:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(out, fp);
data/eggdrop-1.8.4/src/userent.c:260:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(new, pass);
data/eggdrop-1.8.4/src/userent.c:264:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(e->u.extra, new);
data/eggdrop-1.8.4/src/userent.c:310:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(li->lastonplace, par);
data/eggdrop-1.8.4/src/userent.c:325:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
l = sprintf(work, "%lu %s", tv, li->lastonplace);
data/eggdrop-1.8.4/src/userent.c:329:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(e->u.list->extra, work);
data/eggdrop-1.8.4/src/userent.c:437:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(li->lastonplace, argv[4]);
data/eggdrop-1.8.4/src/userent.c:463:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(li2->lastonplace, li->lastonplace);
data/eggdrop-1.8.4/src/userent.c:496:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(bi->address, p);
data/eggdrop-1.8.4/src/userent.c:554:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(e->u.list->extra, work);
data/eggdrop-1.8.4/src/userent.c:682:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(bi->address, argv[3]);
data/eggdrop-1.8.4/src/userent.c:751:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(bi->address, arg);
data/eggdrop-1.8.4/src/userent.c:785:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(bi2->address, bi->address);
data/eggdrop-1.8.4/src/userent.c:901:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(t->key, key);
data/eggdrop-1.8.4/src/userent.c:903:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(t->data, data);
data/eggdrop-1.8.4/src/userent.c:922:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(t->extra, "%s %s", curr->key, curr->data);
data/eggdrop-1.8.4/src/userent.c:993:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(x2->key, x1->key);
data/eggdrop-1.8.4/src/userent.c:995:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(x2->data, x1->data);
data/eggdrop-1.8.4/src/userent.c:1156:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, " %s", q->extra);
data/eggdrop-1.8.4/src/userent.c:1160:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, " %s", q->extra);
data/eggdrop-1.8.4/src/userent.c:1163:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(s, q->extra);
data/eggdrop-1.8.4/src/userent.c:1206:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy((*t)->extra, host);
data/eggdrop-1.8.4/src/userent.c:1391:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(e->name, e->type->name);
data/eggdrop-1.8.4/src/userrec.c:177:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, s + 2);
data/eggdrop-1.8.4/src/userrec.c:242:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(handle, u->handle);
data/eggdrop-1.8.4/src/userrec.c:434:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
if (fprintf(f, IGNORE_NAME " - -\n") == EOF) /* Daemus */
data/eggdrop-1.8.4/src/userrec.c:545:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(new_userfile, "%s~new", userfile);
data/eggdrop-1.8.4/src/userrec.c:843:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(li->lastonplace, where);
data/eggdrop-1.8.4/src/users.c:131:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p->igmask, ign);
data/eggdrop-1.8.4/src/users.c:133:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p->user, from);
data/eggdrop-1.8.4/src/users.c:135:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p->msg, mnote);
data/eggdrop-1.8.4/src/users.c:154:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dates, "Started %s", s);
data/eggdrop-1.8.4/src/users.c:163:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s, "(expires %s)", s1);
data/eggdrop-1.8.4/src/users.c:233:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p->mask, mask);
data/eggdrop-1.8.4/src/users.c:235:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p->user, from);
data/eggdrop-1.8.4/src/users.c:237:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p->desc, note);
data/eggdrop-1.8.4/src/users.c:441:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p->igmask, host);
data/eggdrop-1.8.4/src/users.c:443:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p->user, user);
data/eggdrop-1.8.4/src/users.c:446:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p->msg, desc);
data/eggdrop-1.8.4/src/users.c:765:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cr->info, s);
data/eggdrop-1.8.4/src/users.c:773:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lasthand, &code[2]);
data/eggdrop-1.8.4/src/users.c:776:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s1, lasthand);
data/eggdrop-1.8.4/src/users.c:801:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lasthand, &code[2]);
data/eggdrop-1.8.4/src/users.c:804:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s1, lasthand);
data/eggdrop-1.8.4/src/users.c:831:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lasthand, &code[2]);
data/eggdrop-1.8.4/src/users.c:834:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s1, lasthand);
data/eggdrop-1.8.4/src/users.c:871:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(list->extra, s);
data/eggdrop-1.8.4/src/users.c:880:15: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ue->name, code + 2);
data/eggdrop-1.8.4/src/users.c:885:15: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ue->u.list->extra, s);
data/eggdrop-1.8.4/src/users.c:890:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lasthand, code);
data/eggdrop-1.8.4/src/users.c:893:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lasthand, code);
data/eggdrop-1.8.4/src/users.c:896:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lasthand, code);
data/eggdrop-1.8.4/src/users.c:899:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lasthand, code);
data/eggdrop-1.8.4/src/eggdrop.h:225:13: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
# define random() rand()
data/eggdrop-1.8.4/src/eggdrop.h:226:13: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
# define srandom(x) srand(x)
data/eggdrop-1.8.4/src/eggdrop.h:226:24: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
# define srandom(x) srand(x)
data/eggdrop-1.8.4/src/eggdrop.h:236:15: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
# define random() lrand48()
data/eggdrop-1.8.4/src/eggdrop.h:236:24: [3] (random) lrand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
# define random() lrand48()
data/eggdrop-1.8.4/src/eggdrop.h:237:15: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
# define srandom(x) srand48(x)
data/eggdrop-1.8.4/src/eggdrop.h:256:37: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define randint(n) (unsigned long) (random() / (RANDOM_MAX + 1.0) * n)
data/eggdrop-1.8.4/src/language.c:373:16: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char *ldir = getenv("EGG_LANGDIR");
data/eggdrop-1.8.4/src/language.c:747:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
deflang = getenv("EGG_LANG");
data/eggdrop-1.8.4/src/main.c:562:20: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((option = getopt(argc, argv, "hnctmv")) != -1) {
data/eggdrop-1.8.4/src/main.c:1039:3: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srandom(seed);
data/eggdrop-1.8.4/src/mod/blowfish.mod/blowfish.c:381:20: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
s[i] = (char) (random() % 256);
data/eggdrop-1.8.4/src/tcl.c:642:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
langEnv = getenv("LC_ALL");
data/eggdrop-1.8.4/src/tcl.c:644:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
langEnv = getenv("LC_CTYPE");
data/eggdrop-1.8.4/src/tcl.c:647:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
langEnv = getenv("LANG");
data/eggdrop-1.8.4/src/bg.c:106:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(pid_file, "w");
data/eggdrop-1.8.4/src/botcmd.c:46:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char TBUF[1024]; /* Static buffer for goofy bot stuff */
data/eggdrop-1.8.4/src/botcmd.c:48:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char base64to[256] = {
data/eggdrop-1.8.4/src/botcmd.c:114:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
chan = atoi(p);
data/eggdrop-1.8.4/src/botcmd.c:211:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
chan = atoi(p);
data/eggdrop-1.8.4/src/botcmd.c:293:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[1024];
data/eggdrop-1.8.4/src/botcmd.c:313:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[450] = "Channels: ", *realnick;
data/eggdrop-1.8.4/src/botcmd.c:331:11: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(s, ", ");
data/eggdrop-1.8.4/src/botcmd.c:337:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s, " ");
data/eggdrop-1.8.4/src/botcmd.c:352:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s + ssize - trunc, " ...");
data/eggdrop-1.8.4/src/botcmd.c:459:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
chan = atoi(par);
data/eggdrop-1.8.4/src/botcmd.c:480:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[200], s2[32], *realnick;
data/eggdrop-1.8.4/src/botcmd.c:499:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s2, "%d day", days);
data/eggdrop-1.8.4/src/botcmd.c:502:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(s2, ", ");
data/eggdrop-1.8.4/src/botcmd.c:508:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&s2[strlen(s2)], "%02d:%02d", (int) hr, (int) min);
data/eggdrop-1.8.4/src/botcmd.c:515:11: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(s, "++ ");
data/eggdrop-1.8.4/src/botcmd.c:519:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(s, ", ");
data/eggdrop-1.8.4/src/botcmd.c:643:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
vnum = atoi(par);
data/eggdrop-1.8.4/src/botcmd.c:655:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *newbot, *next, *p, s[1024], x;
data/eggdrop-1.8.4/src/botcmd.c:713:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(par);
data/eggdrop-1.8.4/src/botcmd.c:735:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[1024];
data/eggdrop-1.8.4/src/botcmd.c:807:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sock = atoi(ss);
data/eggdrop-1.8.4/src/botcmd.c:811:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
t = atoi(par + 1);
data/eggdrop-1.8.4/src/botcmd.c:875:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[1024];
data/eggdrop-1.8.4/src/botcmd.c:936:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[1024];
data/eggdrop-1.8.4/src/botcmd.c:1045:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
vv = fopen(motdfile, "r");
data/eggdrop-1.8.4/src/botcmd.c:1095:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (dcc[i].sock == atoi(to))
data/eggdrop-1.8.4/src/botcmd.c:1243:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
chan = atoi(x);
data/eggdrop-1.8.4/src/botcmd.c:1257:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sock = atoi(y + 1);
data/eggdrop-1.8.4/src/botcmd.c:1318:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sock = atoi(etc);
data/eggdrop-1.8.4/src/botcmd.c:1372:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sock = atoi(etc);
data/eggdrop-1.8.4/src/botcmd.c:1411:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sock = atoi(work);
data/eggdrop-1.8.4/src/botcmd.c:1420:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
idle = atoi(work);
data/eggdrop-1.8.4/src/botmsg.c:37:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char OBUF[1024];
data/eggdrop-1.8.4/src/botmsg.c:47:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[511];
data/eggdrop-1.8.4/src/botmsg.c:67:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char tobase64array[64] = {
data/eggdrop-1.8.4/src/botmsg.c:78:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf_base64[12];
data/eggdrop-1.8.4/src/botmsg.c:96:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf_base10[17];
data/eggdrop-1.8.4/src/botmsg.c:123:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf_base10[16];
data/eggdrop-1.8.4/src/botmsg.c:296:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuf[1024];
data/eggdrop-1.8.4/src/botmsg.c:450:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char to[NOTENAMELEN + 1], from[NOTENAMELEN + 1];
data/eggdrop-1.8.4/src/botmsg.c:762:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *p, botf[FROMLEN + 1 + HANDLEN + 1], ss[81], ssf[81];
data/eggdrop-1.8.4/src/botmsg.c:776:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char x[21];
data/eggdrop-1.8.4/src/botmsg.c:826:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sock = atoi(ss);
data/eggdrop-1.8.4/src/botnet.c:43:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char botnetnick[HANDLEN + 1] = ""; /* Botnet nickname */
data/eggdrop-1.8.4/src/botnet.c:194:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(party[parties].from, "(unknown)");
data/eggdrop-1.8.4/src/botnet.c:262:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char work[HANDLEN + 1];
data/eggdrop-1.8.4/src/botnet.c:436:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[81];
data/eggdrop-1.8.4/src/botnet.c:437:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c, idle[64];
data/eggdrop-1.8.4/src/botnet.c:500:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(idle, " [idle %lud%luh]", days, hrs);
data/eggdrop-1.8.4/src/botnet.c:502:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(idle, " [idle %luh%lum]", hrs, mins);
data/eggdrop-1.8.4/src/botnet.c:504:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(idle, " [idle %lum]", mins);
data/eggdrop-1.8.4/src/botnet.c:522:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(idle, " [idle?]");
data/eggdrop-1.8.4/src/botnet.c:530:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(idle, " [idle %lud%luh]", days, hrs);
data/eggdrop-1.8.4/src/botnet.c:532:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(idle, " [idle %luh%lum]", hrs, mins);
data/eggdrop-1.8.4/src/botnet.c:534:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(idle, " [idle %lum]", mins);
data/eggdrop-1.8.4/src/botnet.c:553:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[512];
data/eggdrop-1.8.4/src/botnet.c:586:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[161];
data/eggdrop-1.8.4/src/botnet.c:589:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char work[1024];
data/eggdrop-1.8.4/src/botnet.c:633:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(work + imark, " | ");
data/eggdrop-1.8.4/src/botnet.c:635:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(work + imark, " ");
data/eggdrop-1.8.4/src/botnet.c:639:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(work + imark, " |-");
data/eggdrop-1.8.4/src/botnet.c:641:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(work + imark, " `-");
data/eggdrop-1.8.4/src/botnet.c:649:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s + i, " (%d.%d.%d.%d)",
data/eggdrop-1.8.4/src/botnet.c:687:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s + i, " (%d.%d.%d.%d)",
data/eggdrop-1.8.4/src/botnet.c:701:15: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(work + imark, " | ");
data/eggdrop-1.8.4/src/botnet.c:703:15: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(work + imark, " ");
data/eggdrop-1.8.4/src/botnet.c:741:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char x[1024];
data/eggdrop-1.8.4/src/botnet.c:878:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[20];
data/eggdrop-1.8.4/src/botnet.c:907:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[1024];
data/eggdrop-1.8.4/src/botnet.c:973:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s, "killassoc &");
data/eggdrop-1.8.4/src/botnet.c:1068:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[81];
data/eggdrop-1.8.4/src/botnet.c:1085:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(dcc[i].u.bot->version, "(primitive bot)");
data/eggdrop-1.8.4/src/botnet.c:1561:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(other, "rela -> sock %d", dcc[i].u.relay->sock);
data/eggdrop-1.8.4/src/botnet.c:1566:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(other, ">rly -> sock %d", dcc[i].u.relay->sock);
data/eggdrop-1.8.4/src/botnet.c:1571:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(other, "other rela");
data/eggdrop-1.8.4/src/botnet.c:1576:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(other, "other >rly");
data/eggdrop-1.8.4/src/botnet.c:1671:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[1024];
data/eggdrop-1.8.4/src/botnet.c:1697:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[1024];
data/eggdrop-1.8.4/src/botnet.c:1723:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[1024];
data/eggdrop-1.8.4/src/chan.h:45:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nick[NICKLEN];
data/eggdrop-1.8.4/src/chan.h:46:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char userhost[UHOSTLEN];
data/eggdrop-1.8.4/src/chan.h:157:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dname[CHANNELLEN + 1]; /* display name (!foo) - THIS IS ALWAYS SET */
data/eggdrop-1.8.4/src/chan.h:158:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[CHANNELLEN + 1]; /* actual name (!BARfoo) - THIS IS SET WHEN THE BOT
data/eggdrop-1.8.4/src/chan.h:160:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char need_op[121];
data/eggdrop-1.8.4/src/chan.h:161:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char need_key[121];
data/eggdrop-1.8.4/src/chan.h:162:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char need_limit[121];
data/eggdrop-1.8.4/src/chan.h:163:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char need_unban[121];
data/eggdrop-1.8.4/src/chan.h:164:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char need_invite[121];
data/eggdrop-1.8.4/src/chan.h:194:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key_prot[121]; /* desired password */
data/eggdrop-1.8.4/src/chan.h:195:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pls[21]; /* positive mode changes */
data/eggdrop-1.8.4/src/chan.h:196:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mns[21]; /* negative mode changes */
data/eggdrop-1.8.4/src/chan.h:206:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char floodwho[FLOOD_CHAN_MAX][81];
data/eggdrop-1.8.4/src/chan.h:209:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char deopd[NICKLEN]; /* last user deopped */
data/eggdrop-1.8.4/src/chanprog.c:63:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char admin[121] = ""; /* Admin info */
data/eggdrop-1.8.4/src/chanprog.c:64:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char origbotname[NICKLEN + 1];
data/eggdrop-1.8.4/src/chanprog.c:65:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char botname[NICKLEN + 1]; /* Primary botname */
data/eggdrop-1.8.4/src/chanprog.c:66:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char owner[121] = ""; /* Permanent botowner(s) */
data/eggdrop-1.8.4/src/chanprog.c:136:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *nick, *uhost, buf[UHOSTLEN];
data/eggdrop-1.8.4/src/chanprog.c:204:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *nick, *uhost, buf[UHOSTLEN];
data/eggdrop-1.8.4/src/chanprog.c:254:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[256], s1[121];
data/eggdrop-1.8.4/src/chanprog.c:261:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, "%d day", (int) (now2 / 86400));
data/eggdrop-1.8.4/src/chanprog.c:264:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(s, ", ");
data/eggdrop-1.8.4/src/chanprog.c:270:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&s[strlen(s)], "%02d:%02d", (int) hr, (int) min);
data/eggdrop-1.8.4/src/chanprog.c:289:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[256], s1[121], s2[81];
data/eggdrop-1.8.4/src/chanprog.c:316:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, "%d day", (int) (now2 / 86400));
data/eggdrop-1.8.4/src/chanprog.c:319:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(s, ", ");
data/eggdrop-1.8.4/src/chanprog.c:325:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&s[strlen(s)], "%02d:%02d", (int) hr, (int) min);
data/eggdrop-1.8.4/src/chanprog.c:339:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s2, "CPU: unknown");
data/eggdrop-1.8.4/src/chanprog.c:343:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s2, "CPU: %02d:%05.2f", (int) hr, cputime); /* Actually min/sec */
data/eggdrop-1.8.4/src/chanprog.c:388:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[1024];
data/eggdrop-1.8.4/src/chanprog.c:423:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *p, *q, s[121];
data/eggdrop-1.8.4/src/chanprog.c:500:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[178];
data/eggdrop-1.8.4/src/chanprog.c:606:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char x[16];
data/eggdrop-1.8.4/src/chanprog.c:655:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mins[10], count[10], id[16], *x;
data/eggdrop-1.8.4/src/chanprog.c:656:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
EGG_CONST char *argv[4];
data/eggdrop-1.8.4/src/chanprog.c:674:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[sizeof owner];
data/eggdrop-1.8.4/src/cmds.c:69:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[UHOSTLEN+NICKLEN+5];
data/eggdrop-1.8.4/src/cmds.c:96:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[81];
data/eggdrop-1.8.4/src/cmds.c:97:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[1024]; /* temp fix - 1.4 has a better one */
data/eggdrop-1.8.4/src/cmds.c:150:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&s[strlen(s)], " (idle %lud%luh)", days, hrs);
data/eggdrop-1.8.4/src/cmds.c:152:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&s[strlen(s)], " (idle %luh%lum)", hrs, mins);
data/eggdrop-1.8.4/src/cmds.c:154:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&s[strlen(s)], " (idle %lum)", mins);
data/eggdrop-1.8.4/src/cmds.c:199:11: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(s, "(-OFF-) ");
data/eggdrop-1.8.4/src/cmds.c:201:11: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(s, "(party) ");
data/eggdrop-1.8.4/src/cmds.c:203:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&s[strlen(s)], "(%5d) ", dcc[i].u.chat->channel);
data/eggdrop-1.8.4/src/cmds.c:214:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&s[strlen(s)], " (idle %dm)", k);
data/eggdrop-1.8.4/src/cmds.c:216:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&s[strlen(s)], " (idle %dh%dm)", k / 60, k % 60);
data/eggdrop-1.8.4/src/cmds.c:247:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[512], s2[32];
data/eggdrop-1.8.4/src/cmds.c:258:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s2, "%d day", days);
data/eggdrop-1.8.4/src/cmds.c:261:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(s2, ", ");
data/eggdrop-1.8.4/src/cmds.c:267:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&s2[strlen(s2)], "%02d:%02d", (int) hr, (int) min);
data/eggdrop-1.8.4/src/cmds.c:277:11: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(s, "++ ");
data/eggdrop-1.8.4/src/cmds.c:281:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(s, ", ");
data/eggdrop-1.8.4/src/cmds.c:323:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
chan = atoi(par);
data/eggdrop-1.8.4/src/cmds.c:370:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char x[40];
data/eggdrop-1.8.4/src/cmds.c:503:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[40];
data/eggdrop-1.8.4/src/cmds.c:544:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(par) > 0) {
data/eggdrop-1.8.4/src/cmds.c:546:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(par) > 0) {
data/eggdrop-1.8.4/src/cmds.c:547:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
start = atoi(s1);
data/eggdrop-1.8.4/src/cmds.c:548:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
limit = atoi(par);
data/eggdrop-1.8.4/src/cmds.c:550:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
limit = atoi(s1);
data/eggdrop-1.8.4/src/cmds.c:602:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char whonick[HANDLEN + 1];
data/eggdrop-1.8.4/src/cmds.c:652:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *nick, s[2], s1[512];
data/eggdrop-1.8.4/src/cmds.c:901:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bi->telnet_port = atoi(port);
data/eggdrop-1.8.4/src/cmds.c:912:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bi->relay_port = atoi(relay);
data/eggdrop-1.8.4/src/cmds.c:949:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hand[HANDLEN + 1], newhand[HANDLEN + 1];
data/eggdrop-1.8.4/src/cmds.c:997:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oldhandle[HANDLEN + 1], newhandle[HANDLEN + 1];
data/eggdrop-1.8.4/src/cmds.c:1255:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bi->telnet_port = atoi(port);
data/eggdrop-1.8.4/src/cmds.c:1265:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bi->telnet_port = atoi(port);
data/eggdrop-1.8.4/src/cmds.c:1270:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bi->relay_port = atoi(relay);
data/eggdrop-1.8.4/src/cmds.c:1350:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s1[1024], s2[1024];
data/eggdrop-1.8.4/src/cmds.c:1420:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char x[40];
data/eggdrop-1.8.4/src/cmds.c:1454:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char x[40];
data/eggdrop-1.8.4/src/cmds.c:1488:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char x[NOTENAMELEN + 11], y[12];
data/eggdrop-1.8.4/src/cmds.c:1517:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[1024];
data/eggdrop-1.8.4/src/cmds.c:2063:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newchan = GLOBAL_CHANS + atoi(arg + 1);
data/eggdrop-1.8.4/src/cmds.c:2090:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newchan = atoi(arg);
data/eggdrop-1.8.4/src/cmds.c:2210:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char s[20];
data/eggdrop-1.8.4/src/cmds.c:2237:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char s[161];
data/eggdrop-1.8.4/src/cmds.c:2258:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s, "none");
data/eggdrop-1.8.4/src/cmds.c:2266:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *nick, *changes, *c, s[2];
data/eggdrop-1.8.4/src/cmds.c:2443:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
a = atoi(par);
data/eggdrop-1.8.4/src/cmds.c:2504:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[512], *result;
data/eggdrop-1.8.4/src/cmds.c:2512:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s, "set ");
data/eggdrop-1.8.4/src/cmds.c:2514:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s, "info globals");
data/eggdrop-1.8.4/src/cmds.c:2589:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *who, s[UHOSTLEN], *p, *p_expire;
data/eggdrop-1.8.4/src/cmds.c:2669:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[UHOSTLEN];
data/eggdrop-1.8.4/src/cmds.c:3006:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char traffictxt[20];
data/eggdrop-1.8.4/src/cmds.c:3009:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unit[10];
data/eggdrop-1.8.4/src/cmds.c:3012:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(unit, "Bytes");
data/eggdrop-1.8.4/src/cmds.c:3015:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(unit, "KBytes");
data/eggdrop-1.8.4/src/cmds.c:3019:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(unit, "MBytes");
data/eggdrop-1.8.4/src/cmds.c:3023:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(unit, "GBytes");
data/eggdrop-1.8.4/src/cmds.c:3027:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(unit, "TBytes");
data/eggdrop-1.8.4/src/cmds.c:3033:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(traffictxt, "%lu Bytes", bytes);
data/eggdrop-1.8.4/src/compat/gnu_strftime.c:88:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
# define memcpy(d, s, n) bcopy ((s), (d), (n))
data/eggdrop-1.8.4/src/compat/gnu_strftime.c:88:27: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
# define memcpy(d, s, n) bcopy ((s), (d), (n))
data/eggdrop-1.8.4/src/compat/gnu_strftime.c:96:48: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
# define MEMPCPY(d, s, n) ((void *) ((char *) memcpy (d, s, n) + (n)))
data/eggdrop-1.8.4/src/compat/gnu_strftime.c:218:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy ((PTR) p, (PTR) (s), _n))
data/eggdrop-1.8.4/src/compat/gnu_strftime.c:459:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1 + (sizeof (int) < sizeof (time_t)
data/eggdrop-1.8.4/src/compat/gnu_strftime.c:708:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ufmt[4];
data/eggdrop-1.8.4/src/compat/gnu_strftime.c:710:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ubuf[1024]; /* enough for any single format in practice */
data/eggdrop-1.8.4/src/compat/inet_ntop.c:114:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[sizeof "255.255.255.255"];
data/eggdrop-1.8.4/src/compat/inet_ntop.c:143:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[sizeof "ffff:ffff:ffff:ffff:ffff:ffff:255.255.255.255"], *tp;
data/eggdrop-1.8.4/src/compat/inet_pton.c:129:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, tmp, NS_INADDRSZ);
data/eggdrop-1.8.4/src/compat/inet_pton.c:230:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, tmp, NS_IN6ADDRSZ);
data/eggdrop-1.8.4/src/compat/snprintf.c:455:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char convert[20];
data/eggdrop-1.8.4/src/compat/snprintf.c:576:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char iconvert[20];
data/eggdrop-1.8.4/src/compat/snprintf.c:577:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fconvert[20];
data/eggdrop-1.8.4/src/dcc.c:68:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char network[41] = "unknown-net"; /* Name of the IRC network you're on */
data/eggdrop-1.8.4/src/dcc.c:69:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bannerfile[121] = "text/banner"; /* File displayed on telnet login */
data/eggdrop-1.8.4/src/dcc.c:70:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stealth_prompt[81] = "\n\nNickname.\n"; /* stealth_telnet prompt string */
data/eggdrop-1.8.4/src/dcc.c:97:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[1024];
data/eggdrop-1.8.4/src/dcc.c:191:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char x[1024];
data/eggdrop-1.8.4/src/dcc.c:206:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dcc[idx].u.bot->numver = atoi(work);
data/eggdrop-1.8.4/src/dcc.c:227:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
l = atoi(newsplit(&par));
data/eggdrop-1.8.4/src/dcc.c:257:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[NICKLEN + 18], s1[512];
data/eggdrop-1.8.4/src/dcc.c:310:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char x[1024];
data/eggdrop-1.8.4/src/dcc.c:359:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char digest_string[33]; /* 32 for digest in hex + null */
data/eggdrop-1.8.4/src/dcc.c:360:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[16];
data/eggdrop-1.8.4/src/dcc.c:369:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(digest_string + (i * 2), "%.2x", digest[i]);
data/eggdrop-1.8.4/src/dcc.c:463:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "bot* waited %lis", tv);
data/eggdrop-1.8.4/src/dcc.c:557:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char x[1024];
data/eggdrop-1.8.4/src/dcc.c:591:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "conn bot");
data/eggdrop-1.8.4/src/dcc.c:630:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char digest_string[33]; /* 32 for digest in hex + null */
data/eggdrop-1.8.4/src/dcc.c:631:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[16];
data/eggdrop-1.8.4/src/dcc.c:651:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(digest_string + (i * 2), "%.2x", digest[i]);
data/eggdrop-1.8.4/src/dcc.c:691:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ps[20];
data/eggdrop-1.8.4/src/dcc.c:820:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "pass waited %lis", tv);
data/eggdrop-1.8.4/src/dcc.c:1058:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *v, *d, filtbuf[2048];
data/eggdrop-1.8.4/src/dcc.c:1108:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(d, "\033[0m");
data/eggdrop-1.8.4/src/dcc.c:1240:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char lasttelnethost[81];
data/eggdrop-1.8.4/src/dcc.c:1345:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[UHOSTLEN + 20], *userhost;
data/eggdrop-1.8.4/src/dcc.c:1420:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dcc[j].sockname, &dcc[i].sockname, sizeof(sockname_t));
data/eggdrop-1.8.4/src/dcc.c:1501:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char x[NICKLEN + UHOSTLEN];
data/eggdrop-1.8.4/src/dcc.c:1518:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "wait duplicate?");
data/eggdrop-1.8.4/src/dcc.c:1744:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fakepass[2] = "+";
data/eggdrop-1.8.4/src/dcc.c:1852:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1030];
data/eggdrop-1.8.4/src/dcc.c:1881:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "t-in waited %lis", tv);
data/eggdrop-1.8.4/src/dcc.c:1900:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char work[1024], *p, *q, *r;
data/eggdrop-1.8.4/src/dcc.c:1989:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[NICKLEN+UHOSTMAX+32], s1[NICKLEN+UHOSTMAX+32], s2[NICKLEN+UHOSTMAX+32];
data/eggdrop-1.8.4/src/dcc.c:2049:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "new waited %lis", tv);
data/eggdrop-1.8.4/src/dcc.c:2057:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "newp waited %lis", tv);
data/eggdrop-1.8.4/src/dcc.c:2088:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[12];
data/eggdrop-1.8.4/src/dcc.c:2229:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf, "sock (stranded)");
data/eggdrop-1.8.4/src/dcc.c:2247:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf, "lost");
data/eggdrop-1.8.4/src/dcc.c:2291:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "idtw waited %lis", tv);
data/eggdrop-1.8.4/src/dcc.c:2309:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char response[512], uid[512], buf1[UHOSTLEN];
data/eggdrop-1.8.4/src/dcc.c:2334:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[UHOSTLEN];
data/eggdrop-1.8.4/src/dcc.c:2351:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "idnt (sock %d)", dcc[idx].u.ident_sock);
data/eggdrop-1.8.4/src/dcc.c:2370:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char x[1024];
data/eggdrop-1.8.4/src/dccutil.c:41:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char motdfile[121] = "text/motd"; /* File where the motd is stored */
data/eggdrop-1.8.4/src/dccutil.c:138:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char WBUF[1024];
data/eggdrop-1.8.4/src/dccutil.c:154:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/eggdrop-1.8.4/src/dccutil.c:225:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[601];
data/eggdrop-1.8.4/src/dccutil.c:250:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[601];
data/eggdrop-1.8.4/src/dccutil.c:281:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(dcc[idx].u.chat->con_chan, "***");
data/eggdrop-1.8.4/src/dccutil.c:373:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dcc[n], &dcc[dcc_total], sizeof(struct dcc_t));
data/eggdrop-1.8.4/src/dccutil.c:400:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char other[160];
data/eggdrop-1.8.4/src/dccutil.c:401:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[81];
data/eggdrop-1.8.4/src/dccutil.c:431:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(other, "?:%lX !! ERROR !!", (long) dcc[i].type);
data/eggdrop-1.8.4/src/dccutil.c:495:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char x[1024];
data/eggdrop-1.8.4/src/dccutil.c:594:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char x[1024];
data/eggdrop-1.8.4/src/dccutil.c:628:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char x[1024];
data/eggdrop-1.8.4/src/dns.c:65:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "dns waited %lis", (long) (now - dcc[idx].timeval));
data/eggdrop-1.8.4/src/dns.c:156:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dcc[idx].u.dns->ip, ip, sizeof(sockname_t));
data/eggdrop-1.8.4/src/dns.c:158:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dcc[idx].sockname, ip, sizeof(sockname_t));
data/eggdrop-1.8.4/src/dns.c:258:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
EGG_CONST char *argv[2];
data/eggdrop-1.8.4/src/dns.c:362:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tclinfo->sockname, ip, sizeof(sockname_t));
data/eggdrop-1.8.4/src/dns.c:468:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char s[UHOSTLEN];
data/eggdrop-1.8.4/src/eggdrop.h:327:35: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define egg_memcpy(dst, src, len) memcpy(dst, src, len)
data/eggdrop-1.8.4/src/eggdrop.h:329:34: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define my_memcpy(dst, src, len) memcpy(dst, src, len)
data/eggdrop-1.8.4/src/eggdrop.h:389:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nick[NICKLEN];
data/eggdrop-1.8.4/src/eggdrop.h:390:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[UHOSTLEN];
data/eggdrop-1.8.4/src/eggdrop.h:414:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char con_chan[CHANNELLEN + 1]; /* with console: what channel to view */
data/eggdrop-1.8.4/src/eggdrop.h:426:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir[161];
data/eggdrop-1.8.4/src/eggdrop.h:432:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dir[DIRLEN]; /* used when uploads go to the current dir */
data/eggdrop-1.8.4/src/eggdrop.h:435:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4]; /* you only need 5 bytes! */
data/eggdrop-1.8.4/src/eggdrop.h:437:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char from[NICKLEN]; /* [GET] user who offered the file */
data/eggdrop-1.8.4/src/eggdrop.h:465:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[121]; /* channel/version info */
data/eggdrop-1.8.4/src/eggdrop.h:466:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char linker[NOTENAMELEN + 1]; /* who requested this link */
data/eggdrop-1.8.4/src/eggdrop.h:489:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[121];
data/eggdrop-1.8.4/src/eggdrop.h:597:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szlast[LOGLINELEN]; /* for 'Last message repeated n times'
data/eggdrop-1.8.4/src/eggdrop.h:721:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[256]; /* host or IP for certificate validation */
data/eggdrop-1.8.4/src/flags.c:143:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char s[27]; /* Change this if you change the levels */
data/eggdrop-1.8.4/src/flags.c:206:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char s[275]; /* Change this if you change the levels */
data/eggdrop-1.8.4/src/flags.c:265:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s, "none");
data/eggdrop-1.8.4/src/flags.c:641:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/eggdrop-1.8.4/src/flags.c:747:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char x[100];
data/eggdrop-1.8.4/src/flags.c:767:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char x[100];
data/eggdrop-1.8.4/src/flags.c:804:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char x[100];
data/eggdrop-1.8.4/src/flags.c:836:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char x[100];
data/eggdrop-1.8.4/src/language.c:213:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lbuf[512];
data/eggdrop-1.8.4/src/language.c:223:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FLANG = fopen(langfile, "r");
data/eggdrop-1.8.4/src/language.c:528:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ltext2[512];
data/eggdrop-1.8.4/src/language.c:549:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char text[512];
data/eggdrop-1.8.4/src/main.c:91:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char userfile[121]; /* 121 = sizeof userfile from users.c */
data/eggdrop-1.8.4/src/main.c:112:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char egg_version[1024] = EGG_STRINGVER;
data/eggdrop-1.8.4/src/main.c:118:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char notify_new[121] = ""; /* Person to send a note to for new users */
data/eggdrop-1.8.4/src/main.c:127:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char configfile[121] = "eggdrop.conf"; /* Default config file name */
data/eggdrop-1.8.4/src/main.c:128:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pid_file[121]; /* Name of the pid file */
data/eggdrop-1.8.4/src/main.c:129:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char helpdir[121] = "help/"; /* Directory of help files */
data/eggdrop-1.8.4/src/main.c:130:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char textdir[121] = "text/"; /* Directory for text files */
data/eggdrop-1.8.4/src/main.c:142:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[81]; /* Version info (long form) */
data/eggdrop-1.8.4/src/main.c:143:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ver[41]; /* Version info (short form) */
data/eggdrop-1.8.4/src/main.c:147:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char quit_msg[1024]; /* Quit message */
data/eggdrop-1.8.4/src/main.c:175:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cx_file[16][30];
data/eggdrop-1.8.4/src/main.c:176:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cx_note[16][256];
data/eggdrop-1.8.4/src/main.c:263:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[25];
data/eggdrop-1.8.4/src/main.c:461:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char x[31], *p;
data/eggdrop-1.8.4/src/main.c:479:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char x[31], *p;
data/eggdrop-1.8.4/src/main.c:508:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char x[512], *z = x;
data/eggdrop-1.8.4/src/main.c:618:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[sizeof userfile + 4];
data/eggdrop-1.8.4/src/main.c:657:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&nowtm, localtime(&now), sizeof(struct tm));
data/eggdrop-1.8.4/src/main.c:684:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[25];
data/eggdrop-1.8.4/src/main.c:711:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[1024];
data/eggdrop-1.8.4/src/main.c:820:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[520];
data/eggdrop-1.8.4/src/main.c:943:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[256];
data/eggdrop-1.8.4/src/main.c:1045:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[25];
data/eggdrop-1.8.4/src/main.c:1088:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&egg_version[strlen(egg_version)], " %u", egg_numver);
data/eggdrop-1.8.4/src/main.c:1185:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(pid_file, "r");
data/eggdrop-1.8.4/src/main.c:1188:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
xx = atoi(s);
data/eggdrop-1.8.4/src/main.c:1213:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(pid_file, "w");
data/eggdrop-1.8.4/src/main.c:1265:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(dcc[term_z].host, "llama@console");
data/eggdrop-1.8.4/src/match.c:235:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mu[UHOSTLEN], nu[UHOSTLEN];
data/eggdrop-1.8.4/src/match.c:274:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(p + 1) > atoi(q + 1))
data/eggdrop-1.8.4/src/match.c:274:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(p + 1) > atoi(q + 1))
data/eggdrop-1.8.4/src/match.c:280:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!(tmpscore = cidr_match(r, s, atoi(p + 1))))
data/eggdrop-1.8.4/src/match.c:293:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mu[UHOSTLEN], nu[UHOSTLEN];
data/eggdrop-1.8.4/src/match.c:322:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
prefix = atoi(p + 1);
data/eggdrop-1.8.4/src/match.c:327:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(q + 1) < prefix)
data/eggdrop-1.8.4/src/match.c:328:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
prefix = atoi(q + 1);
data/eggdrop-1.8.4/src/match.c:397:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
skip = atoi(q);
data/eggdrop-1.8.4/src/md5/md5.h:41:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[64];
data/eggdrop-1.8.4/src/md5/md5c.c:233:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ctx->buffer[used], data, size);
data/eggdrop-1.8.4/src/md5/md5c.c:237:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ctx->buffer[used], data, available);
data/eggdrop-1.8.4/src/md5/md5c.c:248:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ctx->buffer, data, size);
data/eggdrop-1.8.4/src/mem.c:47:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[20];
data/eggdrop-1.8.4/src/mem.c:127:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fn[20], sofar[81];
data/eggdrop-1.8.4/src/mem.c:201:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fn, "language.c");
data/eggdrop-1.8.4/src/mem.c:204:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fn, "chanprog.c");
data/eggdrop-1.8.4/src/mem.c:207:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fn, "misc.c");
data/eggdrop-1.8.4/src/mem.c:210:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fn, "userrec.c");
data/eggdrop-1.8.4/src/mem.c:213:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fn, "net.c");
data/eggdrop-1.8.4/src/mem.c:216:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fn, "dccutil.c");
data/eggdrop-1.8.4/src/mem.c:219:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fn, "botnet.c");
data/eggdrop-1.8.4/src/mem.c:222:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fn, "tcl.c");
data/eggdrop-1.8.4/src/mem.c:225:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fn, "tclhash.c");
data/eggdrop-1.8.4/src/mem.c:228:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fn, "tclmisc.c");
data/eggdrop-1.8.4/src/mem.c:231:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fn, "modules.c");
data/eggdrop-1.8.4/src/mem.c:234:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fn, "tcldcc.c");
data/eggdrop-1.8.4/src/mem.c:237:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fn, "dns.c");
data/eggdrop-1.8.4/src/mem.c:241:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fn, "tls.c");
data/eggdrop-1.8.4/src/mem.c:252:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(sofar, " ");
data/eggdrop-1.8.4/src/mem.c:261:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&sofar[strlen(sofar)], "%-4d:(%04d) ",
data/eggdrop-1.8.4/src/mem.c:267:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(sofar, " ");
data/eggdrop-1.8.4/src/mem.c:292:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(sofar, " ");
data/eggdrop-1.8.4/src/mem.c:303:15: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(sofar, " ");
data/eggdrop-1.8.4/src/misc.c:55:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char logfile_suffix[21] = ".%d%b%Y"; /* Format of logfile suffix */
data/eggdrop-1.8.4/src/misc.c:56:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char log_ts[33] = "[%H:%M:%S]"; /* Timestamp format for logfile entries */
data/eggdrop-1.8.4/src/misc.c:400:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(nw, ".*");
data/eggdrop-1.8.4/src/misc.c:494:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[81];
data/eggdrop-1.8.4/src/misc.c:503:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(out, "for ");
data/eggdrop-1.8.4/src/misc.c:507:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, "%02d:%02d", hrs, mins);
data/eggdrop-1.8.4/src/misc.c:523:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *format, *chname, s[LOGLINELEN], s1[256], *out, ct[81], *s2, stamp[34];
data/eggdrop-1.8.4/src/misc.c:571:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s, stamp, tsl);
data/eggdrop-1.8.4/src/misc.c:584:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
logs[i].f = fopen(s1, "a");
data/eggdrop-1.8.4/src/misc.c:586:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
logs[i].f = fopen(logs[i].filename, "a");
data/eggdrop-1.8.4/src/misc.c:670:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024]; /* Should be plenty */
data/eggdrop-1.8.4/src/misc.c:716:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stamp[33];
data/eggdrop-1.8.4/src/misc.c:754:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(colstr, "\377");
data/eggdrop-1.8.4/src/misc.c:759:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s, " ");
data/eggdrop-1.8.4/src/misc.c:805:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xx[HELP_BUF_LEN + 1], sub[161], *current, *q, chr, *writeidx,
data/eggdrop-1.8.4/src/misc.c:999:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cols = atoi(q + 5);
data/eggdrop-1.8.4/src/misc.c:1005:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
subwidth = atoi(r + 1);
data/eggdrop-1.8.4/src/misc.c:1066:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[HELP_BUF_LEN + 1], *p, *q;
data/eggdrop-1.8.4/src/misc.c:1069:33: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (is_file(filename) && (f = fopen(filename, "r"))) {
data/eggdrop-1.8.4/src/misc.c:1099:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[1024];
data/eggdrop-1.8.4/src/misc.c:1179:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[1024];
data/eggdrop-1.8.4/src/misc.c:1191:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((f = fopen(s, "r")))
data/eggdrop-1.8.4/src/misc.c:1198:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((f = fopen(s, "r")))
data/eggdrop-1.8.4/src/misc.c:1208:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return fopen(s, "r");
data/eggdrop-1.8.4/src/misc.c:1216:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[HELP_BUF_LEN + 1];
data/eggdrop-1.8.4/src/misc.c:1246:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[HELP_BUF_LEN + 1];
data/eggdrop-1.8.4/src/misc.c:1291:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[1024];
data/eggdrop-1.8.4/src/misc.c:1301:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((f = fopen(s, "r")))
data/eggdrop-1.8.4/src/misc.c:1315:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[1024];
data/eggdrop-1.8.4/src/misc.c:1326:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((f = fopen(s, "r")))
data/eggdrop-1.8.4/src/misc.c:1337:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[1024];
data/eggdrop-1.8.4/src/misc.c:1369:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[1024];
data/eggdrop-1.8.4/src/misc.c:1375:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
vv = fopen(motdfile, "r");
data/eggdrop-1.8.4/src/misc.c:1407:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[1024];
data/eggdrop-1.8.4/src/misc.c:1413:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
vv = fopen(bannerfile, "r");
data/eggdrop-1.8.4/src/misc.c:1494:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(b, "%c%02x", mask, *s);
data/eggdrop-1.8.4/src/misc.c:1525:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[3];
data/eggdrop-1.8.4/src/misc_file.c:42:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/eggdrop-1.8.4/src/misc_file.c:46:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fi = open(oldpath, O_RDONLY, 0);
data/eggdrop-1.8.4/src/misc_file.c:48:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fi = open(oldpath, O_RDONLY | O_BINARY, 0);
data/eggdrop-1.8.4/src/misc_file.c:93:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/eggdrop-1.8.4/src/misc_file.c:98:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fi = open(oldpath, O_RDONLY, 0);
data/eggdrop-1.8.4/src/misc_file.c:100:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fi = open(oldpath, O_RDONLY | O_BINARY, 0);
data/eggdrop-1.8.4/src/misc_file.c:147:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/eggdrop-1.8.4/src/misc_file.c:207:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen(file, "r")))
data/eggdrop-1.8.4/src/mod/assoc.mod/assoc.c:37:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[21];
data/eggdrop-1.8.4/src/mod/assoc.mod/assoc.c:47:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char x[1024];
data/eggdrop-1.8.4/src/mod/assoc.mod/assoc.c:70:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char x[1024];
data/eggdrop-1.8.4/src/mod/assoc.mod/assoc.c:204:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
chan = GLOBAL_CHANS + atoi(num + 1);
data/eggdrop-1.8.4/src/mod/assoc.mod/assoc.c:210:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
chan = atoi(num);
data/eggdrop-1.8.4/src/mod/assoc.mod/assoc.c:263:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
chan = atoi(argv[1]);
data/eggdrop-1.8.4/src/mod/assoc.mod/assoc.c:278:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[21], *p;
data/eggdrop-1.8.4/src/mod/assoc.mod/assoc.c:292:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
chan = atoi(argv[1]);
data/eggdrop-1.8.4/src/mod/blowfish.mod/blowfish.c:37:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char bf_mode[4];
data/eggdrop-1.8.4/src/mod/blowfish.mod/blowfish.c:54:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[81];
data/eggdrop-1.8.4/src/mod/blowfish.mod/blowfish.c:184:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(!strncmp((char *) (box[i].key), (char *) key, keybytes))) {
data/eggdrop-1.8.4/src/mod/blowfish.mod/blowfish.c:665:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char p[16];
data/eggdrop-1.8.4/src/mod/channels.mod/channels.c:32:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char chanfile[121], glob_chanmode[65];
data/eggdrop-1.8.4/src/mod/channels.mod/channels.c:43:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char glob_chanset[512];
data/eggdrop-1.8.4/src/mod/channels.mod/channels.c:145:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
chan->limit_prot = atoi(s1);
data/eggdrop-1.8.4/src/mod/channels.mod/channels.c:186:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&s1[strlen(s1)], "%d ", chan->limit_prot);
data/eggdrop-1.8.4/src/mod/channels.mod/channels.c:388:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[sizeof chanfile + 4], w[1024], w2[1024], name[163];
data/eggdrop-1.8.4/src/mod/channels.mod/channels.c:389:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char need1[242], need2[242], need3[242], need4[242], need5[242];
data/eggdrop-1.8.4/src/mod/channels.mod/channels.c:396:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(s, "w");
data/eggdrop-1.8.4/src/mod/channels.mod/channels.c:510:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(chanfile, "w");
data/eggdrop-1.8.4/src/mod/channels.mod/channels.c:531:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[sizeof chanfile + 4];
data/eggdrop-1.8.4/src/mod/channels.mod/channels.c:559:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[1024], s1[100], s2[100];
data/eggdrop-1.8.4/src/mod/channels.mod/channels.c:578:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(s, "(inactive)");
data/eggdrop-1.8.4/src/mod/channels.mod/channels.c:580:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(s, "(pending)");
data/eggdrop-1.8.4/src/mod/channels.mod/channels.c:582:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(s, "(not on channel)");
data/eggdrop-1.8.4/src/mod/channels.mod/channels.c:601:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(s2, "greet, ");
data/eggdrop-1.8.4/src/mod/channels.mod/channels.c:603:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(s2, "auto-op, ");
data/eggdrop-1.8.4/src/mod/channels.mod/channels.c:605:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(s2, "bitch, ");
data/eggdrop-1.8.4/src/mod/channels.mod/channels.c:981:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(chanfile, "chanfile");
data/eggdrop-1.8.4/src/mod/channels.mod/channels.c:984:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(glob_chanmode, "nt");
data/eggdrop-1.8.4/src/mod/channels.mod/channels.c:992:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(glob_chanset,
data/eggdrop-1.8.4/src/mod/channels.mod/channels.h:124:67: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define u_setsticky_mask ((int (*)(struct chanset_t *, maskrec *, char *, int, char *))channels_funcs[4])
data/eggdrop-1.8.4/src/mod/channels.mod/channels.h:124:80: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define u_setsticky_mask ((int (*)(struct chanset_t *, maskrec *, char *, int, char *))channels_funcs[4])
data/eggdrop-1.8.4/src/mod/channels.mod/channels.h:125:48: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define u_delban ((int (*)(struct chanset_t *, char *, int))channels_funcs[5])
data/eggdrop-1.8.4/src/mod/channels.mod/channels.h:126:48: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define u_addban ((int (*)(struct chanset_t *, char *, char *, char *, time_t, int))channels_funcs[6])
data/eggdrop-1.8.4/src/mod/channels.mod/channels.h:126:56: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define u_addban ((int (*)(struct chanset_t *, char *, char *, char *, time_t, int))channels_funcs[6])
data/eggdrop-1.8.4/src/mod/channels.mod/channels.h:126:64: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define u_addban ((int (*)(struct chanset_t *, char *, char *, char *, time_t, int))channels_funcs[6])
data/eggdrop-1.8.4/src/mod/channels.mod/channels.h:129:65: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define get_chanrec ((struct chanuserrec *(*)(struct userrec *, char *))channels_funcs[8])
data/eggdrop-1.8.4/src/mod/channels.mod/channels.h:130:65: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define add_chanrec ((struct chanuserrec *(*)(struct userrec *, char *))channels_funcs[9])
data/eggdrop-1.8.4/src/mod/channels.mod/channels.h:131:50: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define del_chanrec ((void (*)(struct userrec *, char *))channels_funcs[10])
data/eggdrop-1.8.4/src/mod/channels.mod/channels.h:132:58: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define set_handle_chaninfo ((void (*)(struct userrec *, char *, char *, char *))channels_funcs[11])
data/eggdrop-1.8.4/src/mod/channels.mod/channels.h:132:66: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define set_handle_chaninfo ((void (*)(struct userrec *, char *, char *, char *))channels_funcs[11])
data/eggdrop-1.8.4/src/mod/channels.mod/channels.h:132:74: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define set_handle_chaninfo ((void (*)(struct userrec *, char *, char *, char *))channels_funcs[11])
data/eggdrop-1.8.4/src/mod/channels.mod/channels.h:134:44: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define channel_malloc(x) ((void *(*)(int, char *, int))channels_funcs[12])(x,__FILE__,__LINE__)
data/eggdrop-1.8.4/src/mod/channels.mod/channels.h:135:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define u_match_mask ((int (*)(maskrec *, char *))channels_funcs[13])
data/eggdrop-1.8.4/src/mod/channels.mod/channels.h:136:44: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define u_equals_mask ((int (*)(maskrec *, char *))channels_funcs[14])
data/eggdrop-1.8.4/src/mod/channels.mod/channels.h:139:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define set_handle_laston ((void (*)(char *,struct userrec *,time_t))channels_funcs[16])
data/eggdrop-1.8.4/src/mod/channels.mod/channels.h:142:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define get_handle_chaninfo ((void (*)(char *, char *, char *))channels_funcs[19])
data/eggdrop-1.8.4/src/mod/channels.mod/channels.h:142:48: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define get_handle_chaninfo ((void (*)(char *, char *, char *))channels_funcs[19])
data/eggdrop-1.8.4/src/mod/channels.mod/channels.h:142:56: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define get_handle_chaninfo ((void (*)(char *, char *, char *))channels_funcs[19])
data/eggdrop-1.8.4/src/mod/channels.mod/channels.h:144:44: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define u_sticky_mask ((int (*)(maskrec *, char *))channels_funcs[20])
data/eggdrop-1.8.4/src/mod/channels.mod/channels.h:145:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define ismasked ((int (*)(masklist *, char *))channels_funcs[21])
data/eggdrop-1.8.4/src/mod/channels.mod/channels.h:146:60: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define add_chanrec_by_handle ((void (*)(struct userrec *, char *, char *))channels_funcs[22])
data/eggdrop-1.8.4/src/mod/channels.mod/channels.h:146:68: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define add_chanrec_by_handle ((void (*)(struct userrec *, char *, char *))channels_funcs[22])
data/eggdrop-1.8.4/src/mod/channels.mod/channels.h:155:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define u_delexempt ((int (*)(struct chanset_t *, char *, int))channels_funcs[29])
data/eggdrop-1.8.4/src/mod/channels.mod/channels.h:156:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define u_addexempt ((int (*)(struct chanset_t *, char *, char *, char *, time_t, int))channels_funcs[30])
data/eggdrop-1.8.4/src/mod/channels.mod/channels.h:156:59: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define u_addexempt ((int (*)(struct chanset_t *, char *, char *, char *, time_t, int))channels_funcs[30])
data/eggdrop-1.8.4/src/mod/channels.mod/channels.h:156:67: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define u_addexempt ((int (*)(struct chanset_t *, char *, char *, char *, time_t, int))channels_funcs[30])
data/eggdrop-1.8.4/src/mod/channels.mod/channels.h:162:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define u_delinvite ((int (*)(struct chanset_t *, char *, int))channels_funcs[35])
data/eggdrop-1.8.4/src/mod/channels.mod/channels.h:164:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define u_addinvite ((int (*)(struct chanset_t *, char *, char *, char *, time_t, int))channels_funcs[36])
data/eggdrop-1.8.4/src/mod/channels.mod/channels.h:164:59: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define u_addinvite ((int (*)(struct chanset_t *, char *, char *, char *, time_t, int))channels_funcs[36])
data/eggdrop-1.8.4/src/mod/channels.mod/channels.h:164:67: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define u_addinvite ((int (*)(struct chanset_t *, char *, char *, char *, time_t, int))channels_funcs[36])
data/eggdrop-1.8.4/src/mod/channels.mod/channels.h:165:49: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define tcl_channel_add ((int (*)(Tcl_Interp *, char *, char *))channels_funcs[37])
data/eggdrop-1.8.4/src/mod/channels.mod/channels.h:165:57: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define tcl_channel_add ((int (*)(Tcl_Interp *, char *, char *))channels_funcs[37])
data/eggdrop-1.8.4/src/mod/channels.mod/channels.h:166:77: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define tcl_channel_modify ((int (*)(Tcl_Interp *, struct chanset_t *, int, char **))channels_funcs[38])
data/eggdrop-1.8.4/src/mod/channels.mod/channels.h:170:41: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define ismodeline ((int(*)(masklist *, char *))channels_funcs[41])
data/eggdrop-1.8.4/src/mod/channels.mod/channels.h:171:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define initudef ((void(*)(int, char *,int))channels_funcs[42])
data/eggdrop-1.8.4/src/mod/channels.mod/channels.h:172:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define ngetudef ((int(*)(char *, char *))channels_funcs[43])
data/eggdrop-1.8.4/src/mod/channels.mod/channels.h:172:35: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define ngetudef ((int(*)(char *, char *))channels_funcs[43])
data/eggdrop-1.8.4/src/mod/channels.mod/channels.h:174:52: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define expired_mask ((int (*)(struct chanset_t *, char *))channels_funcs[44])
data/eggdrop-1.8.4/src/mod/channels.mod/cmdschan.c:32:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *chname, *who, s[UHOSTLEN], s1[UHOSTLEN], *p, *p_expire;
data/eggdrop-1.8.4/src/mod/channels.mod/cmdschan.c:179:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *chname, *who, s[UHOSTLEN], *p, *p_expire;
data/eggdrop-1.8.4/src/mod/channels.mod/cmdschan.c:306:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *chname, *who, s[UHOSTLEN], *p, *p_expire;
data/eggdrop-1.8.4/src/mod/channels.mod/cmdschan.c:436:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[UHOSTLEN], *ban, *chname, *mask;
data/eggdrop-1.8.4/src/mod/channels.mod/cmdschan.c:491:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(ban);
data/eggdrop-1.8.4/src/mod/channels.mod/cmdschan.c:551:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[UHOSTLEN], *exempt, *chname, *mask;
data/eggdrop-1.8.4/src/mod/channels.mod/cmdschan.c:602:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(exempt);
data/eggdrop-1.8.4/src/mod/channels.mod/cmdschan.c:663:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[UHOSTLEN], *invite, *chname, *mask;
data/eggdrop-1.8.4/src/mod/channels.mod/cmdschan.c:714:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(invite);
data/eggdrop-1.8.4/src/mod/channels.mod/cmdschan.c:816:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[512], *chname, *s1;
data/eggdrop-1.8.4/src/mod/channels.mod/cmdschan.c:956:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *stick_type, s[UHOSTLEN], chname[CHANNELLEN + 1];
data/eggdrop-1.8.4/src/mod/channels.mod/cmdschan.c:1284:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *chname, work[512];
data/eggdrop-1.8.4/src/mod/channels.mod/cmdschan.c:1475:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *list[2], *bak, *buf;
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:508:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ban[161], cmt[MASKREASON_LEN], from[HANDLEN + 1];
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:538:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(argv[5]) == 0)
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:541:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
expire_time = now + (atoi(argv[5]) * 60);
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:553:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ban[UHOSTLEN], cmt[MASKREASON_LEN], from[HANDLEN + 1];
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:578:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(argv[4]) == 0)
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:581:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
expire_time = now + (atoi(argv[4]) * 60);
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:594:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char exempt[161], cmt[MASKREASON_LEN], from[HANDLEN + 1];
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:623:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(argv[5]) == 0)
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:626:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
expire_time = now + (atoi(argv[5]) * 60);
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:637:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char exempt[UHOSTLEN], cmt[MASKREASON_LEN], from[HANDLEN + 1];
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:661:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(argv[4]) == 0)
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:664:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
expire_time = now + (atoi(argv[4]) * 60);
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:676:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char invite[161], cmt[MASKREASON_LEN], from[HANDLEN + 1];
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:705:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(argv[5]) == 0)
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:708:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
expire_time = now + (atoi(argv[5]) * 60);
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:719:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char invite[UHOSTLEN], cmt[MASKREASON_LEN], from[HANDLEN + 1];
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:743:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(argv[4]) == 0)
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:746:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
expire_time = now + (atoi(argv[4]) * 60);
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:756:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char a[121], b[121], s[121];
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:757:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
EGG_CONST char *args[2];
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:942:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[121], *str;
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:1062:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[121], *str = NULL;
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:1244:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[121];
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:1305:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
chan->idle_kick = atoi(item[i]);
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:1316:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
chan->stopnethack_mode = atoi(item[i]);
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:1324:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
chan->revenge_mode = atoi(item[i]);
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:1332:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
chan->ban_type = atoi(item[i]);
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:1340:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
chan->ban_time = atoi(item[i]);
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:1348:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
chan->exempt_time = atoi(item[i]);
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:1356:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
chan->invite_time = atoi(item[i]);
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:1514:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*pthr = atoi(item[i]);
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:1515:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*ptime = atoi(p);
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:1540:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
chan->aop_min = atoi(item[i]);
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:1541:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
chan->aop_max = atoi(p);
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:1543:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
chan->aop_min = atoi(item[i]);
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:1574:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
setudef(ul, chan->dname, atoi(item[i]));
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:1650:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ts[21], ts1[21], ts2[21], *p;
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:1652:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
EGG_CONST char *list[6];
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:1659:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ts, "%lu", tv);
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:1663:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ts1, "%lu", tv);
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:1667:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ts2, "%lu", tv);
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:1798:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[161];
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:1843:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
t = (time_t) atoi(argv[3]);
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:1845:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
t = (time_t) atoi(argv[2]);
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:2031:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2048], buf2[256];
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:169:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
j = atoi(uhost);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:234:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[256];
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:237:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
j = atoi(who);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:289:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[256];
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:292:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
j = atoi(who);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:345:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[256];
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:348:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
j = atoi(who);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:421:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[1024], s[1024];
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:497:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[1024];
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:561:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[1024];
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:625:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dates[81], s[41];
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:638:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s, "(perm)");
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:640:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s1[29];
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:646:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(s, " (sticky)");
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:669:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dates[81], s[41];
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:682:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s, "(perm)");
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:684:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s1[29];
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:690:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(s, " (sticky)");
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:713:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dates[81], s[41];
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:726:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s, "(perm)");
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:728:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s1[29];
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:734:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(s, " (sticky)");
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:809:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[UHOSTLEN], *s1, *s2, fill[256];
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:825:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, " (active %02d:%02d)", min, sec);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:898:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[UHOSTLEN], *s1, *s2, fill[256];
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:914:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, " (active %02d:%02d)", min, sec);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:987:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[UHOSTLEN], *s1, *s2, fill[256];
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:1003:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, " (active %02d:%02d)", min, sec);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:1201:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[1024];
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:1206:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(s, "a");
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:1231:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[UHOSTLEN], *snick, *sfrom;
data/eggdrop-1.8.4/src/mod/compress.mod/compress.c:75:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf1[50], buf2[50];
data/eggdrop-1.8.4/src/mod/compress.mod/compress.c:98:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fin = fopen(filename, "rb");
data/eggdrop-1.8.4/src/mod/compress.mod/compress.c:127:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFLEN];
data/eggdrop-1.8.4/src/mod/compress.mod/compress.c:143:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen(f_target, "wb");
data/eggdrop-1.8.4/src/mod/compress.mod/compress.c:226:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[BUFLEN], mode[5];
data/eggdrop-1.8.4/src/mod/compress.mod/compress.c:238:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fin = fopen(f_src, "rb");
data/eggdrop-1.8.4/src/mod/compress.mod/compress.c:299:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *temp_fn, rands[8];
data/eggdrop-1.8.4/src/mod/compress.mod/compress.c:325:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *temp_fn, rands[8];
data/eggdrop-1.8.4/src/mod/compress.mod/compress.h:42:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
# define compress_to_file ((int (*)(char *, char *, int))(compress_funcs[4]))
data/eggdrop-1.8.4/src/mod/compress.mod/compress.h:42:47: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
# define compress_to_file ((int (*)(char *, char *, int))(compress_funcs[4]))
data/eggdrop-1.8.4/src/mod/compress.mod/compress.h:43:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
# define compress_file ((int (*)(char *, int))(compress_funcs[5]))
data/eggdrop-1.8.4/src/mod/compress.mod/compress.h:44:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
# define uncompress_to_file ((int (*)(char *, char *))(uncompress_funcs[6]))
data/eggdrop-1.8.4/src/mod/compress.mod/compress.h:44:47: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
# define uncompress_to_file ((int (*)(char *, char *))(uncompress_funcs[6]))
data/eggdrop-1.8.4/src/mod/compress.mod/compress.h:45:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
# define uncompress_file ((int (*)(char *))(uncompress_funcs[7]))
data/eggdrop-1.8.4/src/mod/compress.mod/compress.h:47:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
# define is_compressedfile ((int (*)(char *))(uncompress_funcs[8]))
data/eggdrop-1.8.4/src/mod/compress.mod/tclcompress.c:43:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
mode_num = atoi(argv[curr_arg]);
data/eggdrop-1.8.4/src/mod/console.mod/console.c:64:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ci->page = atoi(arg);
data/eggdrop-1.8.4/src/mod/console.mod/console.c:66:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ci->conchan = atoi(arg);
data/eggdrop-1.8.4/src/mod/console.mod/console.c:74:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char work[1024];
data/eggdrop-1.8.4/src/mod/console.mod/console.c:149:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char work[1024];
data/eggdrop-1.8.4/src/mod/console.mod/console.c:159:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char work[1024];
data/eggdrop-1.8.4/src/mod/console.mod/console.c:192:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i->page = atoi(argv[7]);
data/eggdrop-1.8.4/src/mod/console.mod/console.c:194:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i->conchan = atoi(argv[8]);
data/eggdrop-1.8.4/src/mod/console.mod/console.c:233:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(j, i, sizeof(struct console_info));
data/eggdrop-1.8.4/src/mod/console.mod/console.c:294:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char x[1024];
data/eggdrop-1.8.4/src/mod/ctcp.mod/ctcp.c:35:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ctcp_version[121];
data/eggdrop-1.8.4/src/mod/ctcp.mod/ctcp.c:36:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ctcp_finger[121];
data/eggdrop-1.8.4/src/mod/ctcp.mod/ctcp.c:37:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ctcp_userinfo[121];
data/eggdrop-1.8.4/src/mod/ctcp.mod/ctcp.c:131:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tms[25];
data/eggdrop-1.8.4/src/mod/ctcp.mod/ctcp.c:146:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[INET6_ADDRSTRLEN];
data/eggdrop-1.8.4/src/mod/dns.mod/coredns.c:66:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *responsecodes[RESPONSECODES_COUNT + 1] = {
data/eggdrop-1.8.4/src/mod/dns.mod/coredns.c:81:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *resourcetypes[RESOURCETYPES_COUNT + 1] = {
data/eggdrop-1.8.4/src/mod/dns.mod/coredns.c:117:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char *classtypes[CLASSTYPES_COUNT + 1] = {
data/eggdrop-1.8.4/src/mod/dns.mod/coredns.c:197:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char tempstring[512];
data/eggdrop-1.8.4/src/mod/dns.mod/coredns.c:198:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char namestring[1024 + 1];
data/eggdrop-1.8.4/src/mod/dns.mod/coredns.c:199:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char stackstring[1024 + 1];
data/eggdrop-1.8.4/src/mod/dns.mod/coredns.c:202:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char sendstring[1024 + 1];
data/eggdrop-1.8.4/src/mod/dns.mod/coredns.c:229:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(d, "%lid", day);
data/eggdrop-1.8.4/src/mod/dns.mod/coredns.c:233:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(d + strlen(d), "%uh", hours);
data/eggdrop-1.8.4/src/mod/dns.mod/coredns.c:235:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(d + strlen(d), "%um", minutes);
data/eggdrop-1.8.4/src/mod/dns.mod/coredns.c:237:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(d + strlen(d), "%us", seconds);
data/eggdrop-1.8.4/src/mod/dns.mod/coredns.c:239:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(d, "0s");
data/eggdrop-1.8.4/src/mod/dns.mod/coredns.c:276:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&x, ip6->s6_addr , sizeof x);
data/eggdrop-1.8.4/src/mod/dns.mod/coredns.c:277:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&y, ip6->s6_addr + 12, sizeof y);
data/eggdrop-1.8.4/src/mod/dns.mod/coredns.c:691:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(p, "ip6.arpa"); /* ip6.int is deprecated */
data/eggdrop-1.8.4/src/mod/dns.mod/coredns.c:1001:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&rp->sockname.addr.s4.sin_addr, rr->data, 4);
data/eggdrop-1.8.4/src/mod/dns.mod/coredns.c:1020:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&rp->sockname.addr.s6.sin6_addr, rr->data, 16);
data/eggdrop-1.8.4/src/mod/dns.mod/coredns.c:1187:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&rp->sockname, addr, sizeof(sockname_t));
data/eggdrop-1.8.4/src/mod/dns.mod/dns.c:40:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char dns_servers[121] = "";
data/eggdrop-1.8.4/src/mod/dns.mod/dns.c:70:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char s[UHOSTLEN];
data/eggdrop-1.8.4/src/mod/dns.mod/dns.c:109:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buf, "dns (ready)");
data/eggdrop-1.8.4/src/mod/dns.mod/dns.c:142:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[121], *p;
data/eggdrop-1.8.4/src/mod/dns.mod/dns.c:170:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = atoi(p);
data/eggdrop-1.8.4/src/mod/dns.mod/dns.c:309:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(dcc[idx].nick, "(dns)");
data/eggdrop-1.8.4/src/mod/dns.mod/dns.c:310:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dcc[idx].sockname.addr.sa, &_res.nsaddr_list[0],
data/eggdrop-1.8.4/src/mod/filesys.mod/dbcompat.c:39:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[121], *fn, *nick, *tm, *s1;
data/eggdrop-1.8.4/src/mod/filesys.mod/dbcompat.c:46:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(s1, "r");
data/eggdrop-1.8.4/src/mod/filesys.mod/dbcompat.c:51:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fdb = fopen(newfiledb, "w+b");
data/eggdrop-1.8.4/src/mod/filesys.mod/dbcompat.c:101:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fdbe->gots = atoi(s1);
data/eggdrop-1.8.4/src/mod/filesys.mod/dbcompat.c:102:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fdbe->uploaded = atoi(tm);
data/eggdrop-1.8.4/src/mod/filesys.mod/dbcompat.c:109:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char x[100];
data/eggdrop-1.8.4/src/mod/filesys.mod/dbcompat.c:234:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fdb_t = fopen(tempdb, "w+b"); /* Open temp DB */
data/eggdrop-1.8.4/src/mod/filesys.mod/dbcompat.c:255:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
*fdb_s = fopen(filedb, "r+b"); /* Reopen new db */
data/eggdrop-1.8.4/src/mod/filesys.mod/dbcompat.h:35:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xxx[1 + 61 + 301 + 10 + 11 + 61];
data/eggdrop-1.8.4/src/mod/filesys.mod/dbcompat.h:45:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[61];
data/eggdrop-1.8.4/src/mod/filesys.mod/dbcompat.h:46:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char desc[301]; /* Should be plenty */
data/eggdrop-1.8.4/src/mod/filesys.mod/dbcompat.h:47:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uploader[10]; /* Where this file came from */
data/eggdrop-1.8.4/src/mod/filesys.mod/dbcompat.h:48:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char flags_req[11]; /* Access flags required */
data/eggdrop-1.8.4/src/mod/filesys.mod/dbcompat.h:52:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sharelink[61]; /* Points to where? */
data/eggdrop-1.8.4/src/mod/filesys.mod/dbcompat.h:53:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unused[512 - sizeof(struct filler1)];
data/eggdrop-1.8.4/src/mod/filesys.mod/dbcompat.h:57:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xxx[1 + 61 + 186 + 81 + 33 + 22 + 61];
data/eggdrop-1.8.4/src/mod/filesys.mod/dbcompat.h:67:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[61];
data/eggdrop-1.8.4/src/mod/filesys.mod/dbcompat.h:68:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char desc[186]; /* Should be plenty - shrink it, we
data/eggdrop-1.8.4/src/mod/filesys.mod/dbcompat.h:70:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char chname[81]; /* Channel for chan spec stuff */
data/eggdrop-1.8.4/src/mod/filesys.mod/dbcompat.h:71:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uploader[33]; /* Where this file came from */
data/eggdrop-1.8.4/src/mod/filesys.mod/dbcompat.h:72:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char flags_req[22]; /* Access flags required */
data/eggdrop-1.8.4/src/mod/filesys.mod/dbcompat.h:76:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sharelink[61]; /* Points to where? */
data/eggdrop-1.8.4/src/mod/filesys.mod/dbcompat.h:77:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unused[512 - sizeof(struct filler2)];
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:764:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fdb = fopen(s, "r+b");
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:767:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fdb = fopen(s, "r+b");
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:784:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fdb = fopen(s, "w+b");
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:875:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s1[81], *p = NULL;
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:945:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s2[41], t[50], *s3 = NULL, *s4;
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:950:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(s2, " (shr)");
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:952:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(s2, " (hid)");
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:956:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s1, "%5d", fdbe->size);
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:958:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s1, "%4dk", (int) (fdbe->size / 1024));
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:960:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s1, " ");
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:1011:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:76:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char dccdir[121] = "";
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:79:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char dccin[121] = "";
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:93:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char filedb_path[121] = "";
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:148:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[5];
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:152:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, "%ld", dcc[idx].sock);
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:469:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xxx[1024];
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:490:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
idx = findanyidx(atoi(argv[2]));
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:520:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "file flags: %c%c%c%c%c",
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:533:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "fpas waited %lis", tv);
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:652:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(prt) < 1024 || atoi(prt) > 65535) {
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:652:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(prt) < 1024 || atoi(prt) > 65535) {
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:658:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
} else if (atoi(msg) == 0) {
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:663:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
} else if (dcc_maxsize && (atoi(msg) > (dcc_maxsize * 1024))) {
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:680:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dcc[i].port = atoi(prt);
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:692:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dcc[i].u.dns->ibuf = atoi(msg);
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:714:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rands[8], *tempname, *fn = filename;
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:735:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *s1, *param, prt[100], *tempf;
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:738:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(prt, "%d", dcc[i].port);
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:795:24: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
dcc[i].u.xfer->f = tmpfile();
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:821:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *param, *ip, *prt, buf[512], *msg = buf;
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:864:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(prt) < 1024 || atoi(prt) > 65535) {
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:864:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(prt) < 1024 || atoi(prt) > 65535) {
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:873:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dcc[i].sock = open_telnet(i, ip, atoi(prt));
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:1018:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&USERENTRY_DCCDIR, &USERENTRY_INFO,
data/eggdrop-1.8.4/src/mod/filesys.mod/tclfiles.c:77:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[10];
data/eggdrop-1.8.4/src/mod/filesys.mod/tclfiles.c:82:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, "%d", i);
data/eggdrop-1.8.4/src/mod/filesys.mod/tclfiles.c:117:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(argv[1]);
data/eggdrop-1.8.4/src/mod/filesys.mod/tclfiles.c:134:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(argv[1]);
data/eggdrop-1.8.4/src/mod/filesys.mod/tclfiles.c:234:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char f[100];
data/eggdrop-1.8.4/src/mod/filesys.mod/tclfiles.c:347:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char f[100];
data/eggdrop-1.8.4/src/mod/filesys.mod/tclfiles.c:605:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char x[30];
data/eggdrop-1.8.4/src/mod/filesys.mod/tclfiles.c:607:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(x, "%d", ok);
data/eggdrop-1.8.4/src/mod/filesys.mod/tclfiles.c:631:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[21];
data/eggdrop-1.8.4/src/mod/filesys.mod/tclfiles.c:635:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(argv[1]);
data/eggdrop-1.8.4/src/mod/filesys.mod/tclfiles.c:645:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, "%d", i);
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:31:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char last_invchan[CHANNELLEN + 1] = "";
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:93:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char s[121];
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:141:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s + i, " %d", chan->channel.maxmembers);
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:182:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char h[NICKMAX+UHOSTLEN+1], ftype[12], *p;
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:223:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ftype, "pub");
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:228:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ftype, "pub");
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:233:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ftype, "nick");
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:238:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ftype, "join");
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:243:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ftype, "deop");
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:248:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ftype, "kick");
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:324:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ftype + 4, " flood");
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:327:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[NICKLEN + UHOSTLEN];
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:372:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char s1[512];
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:386:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kicknick[512], s[NICKMAX+UHOSTLEN+1];
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:445:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[512]; /* The ban comment. */
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:446:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[NICKMAX+UHOSTLEN+1];
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:518:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char me[UHOSTLEN];
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:639:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char user[NICKMAX+UHOSTLEN+1];
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:731:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[50];
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:733:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, "%d", chan->limit_prot);
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:752:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[NICKMAX+UHOSTLEN+1], *p;
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:852:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[NICKMAX+UHOSTLEN+1];
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:876:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[NICKMAX+UHOSTLEN+1];
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:1022:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
chan->channel.maxmembers = atoi(p);
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:1025:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
chan->channel.maxmembers = atoi(p);
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:1040:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char userhost[UHOSTLEN];
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:1170:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ban, *who, *chname, buf[511], *msg;
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:1216:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *exempt, *who, *chname, buf[511], *msg;
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:1263:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *invite, *who, *chname, buf[511], *msg;
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:1676:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *nick, *p, buf[UHOSTLEN], *uhost = buf;
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:1858:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s1[512], *s;
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:2034:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *nick, *whodid, *chname, s1[UHOSTLEN], buf[UHOSTLEN], *uhost;
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:2035:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf2[511], *msg, *key;
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:2121:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *nick, *chname, s1[UHOSTLEN], buf[UHOSTLEN], *uhost = buf;
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:2204:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char from2[NICKMAX + UHOSTMAX + 1];
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:2287:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *to, *realto, buf[UHOSTLEN], *nick, buf2[512], *uhost = buf, *p, *p1,
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:2410:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *to, *realto, *nick, buf2[512], *p, *p1, buf[512], *uhost = buf;
data/eggdrop-1.8.4/src/mod/irc.mod/cmdsirc.c:71:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[UHOSTLEN];
data/eggdrop-1.8.4/src/mod/irc.mod/cmdsirc.c:166:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[UHOSTLEN];
data/eggdrop-1.8.4/src/mod/irc.mod/cmdsirc.c:268:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[UHOSTLEN];
data/eggdrop-1.8.4/src/mod/irc.mod/cmdsirc.c:318:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[UHOSTLEN];
data/eggdrop-1.8.4/src/mod/irc.mod/cmdsirc.c:374:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[UHOSTLEN];
data/eggdrop-1.8.4/src/mod/irc.mod/cmdsirc.c:440:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[UHOSTLEN];
data/eggdrop-1.8.4/src/mod/irc.mod/cmdsirc.c:515:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[UHOSTLEN];
data/eggdrop-1.8.4/src/mod/irc.mod/cmdsirc.c:573:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[UHOSTLEN];
data/eggdrop-1.8.4/src/mod/irc.mod/cmdsirc.c:626:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[UHOSTLEN];
data/eggdrop-1.8.4/src/mod/irc.mod/cmdsirc.c:725:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char handle[HANDLEN + 1], s[UHOSTLEN], s1[UHOSTLEN], atrflag, chanflag;
data/eggdrop-1.8.4/src/mod/irc.mod/cmdsirc.c:729:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[81];
data/eggdrop-1.8.4/src/mod/irc.mod/cmdsirc.c:978:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[UHOSTLEN], s1[UHOSTLEN];
data/eggdrop-1.8.4/src/mod/irc.mod/cmdsirc.c:1068:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *nick, s[UHOSTLEN];
data/eggdrop-1.8.4/src/mod/irc.mod/cmdsirc.c:1115:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[HANDLEN + 1];
data/eggdrop-1.8.4/src/mod/irc.mod/irc.c:68:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char opchars[8]; /* the chars in a /who reply meaning op */
data/eggdrop-1.8.4/src/mod/irc.mod/irc.c:116:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reason[1024], ct[81], *kick_msg;
data/eggdrop-1.8.4/src/mod/irc.mod/irc.c:146:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[UHOSTLEN], s1[UHOSTLEN];
data/eggdrop-1.8.4/src/mod/irc.mod/irc.c:181:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(s1 + 3);
data/eggdrop-1.8.4/src/mod/irc.mod/irc.c:184:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s1, "bad1"); /* Start with '1' */
data/eggdrop-1.8.4/src/mod/irc.mod/irc.c:205:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[UHOSTLEN], s1[UHOSTLEN];
data/eggdrop-1.8.4/src/mod/irc.mod/irc.c:269:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[NICKMAX+UHOSTLEN+1];
data/eggdrop-1.8.4/src/mod/irc.mod/irc.c:479:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[20], s2[20];
data/eggdrop-1.8.4/src/mod/irc.mod/irc.c:508:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, "%d", exempts);
data/eggdrop-1.8.4/src/mod/irc.mod/irc.c:509:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s2, "%d", invites);
data/eggdrop-1.8.4/src/mod/irc.mod/irc.c:528:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[NICKMAX+UHOSTLEN+1];
data/eggdrop-1.8.4/src/mod/irc.mod/irc.c:598:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *key, s[NICKMAX+UHOSTLEN+1];
data/eggdrop-1.8.4/src/mod/irc.mod/irc.c:708:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char x[20];
data/eggdrop-1.8.4/src/mod/irc.mod/irc.c:713:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(x, "%d", (int) F(argv[1], argv[2], argv[3], argv[4], argv[5], argv[6]));
data/eggdrop-1.8.4/src/mod/irc.mod/irc.c:755:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char args[1024];
data/eggdrop-1.8.4/src/mod/irc.mod/irc.c:773:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char args[1024];
data/eggdrop-1.8.4/src/mod/irc.mod/irc.c:791:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char args[1024];
data/eggdrop-1.8.4/src/mod/irc.mod/irc.c:811:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char args[512];
data/eggdrop-1.8.4/src/mod/irc.mod/irc.c:830:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char args[512];
data/eggdrop-1.8.4/src/mod/irc.mod/irc.c:849:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512], *args = buf, *cmd, host[161], *hand;
data/eggdrop-1.8.4/src/mod/irc.mod/irc.c:876:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024], host[161];
data/eggdrop-1.8.4/src/mod/irc.mod/irc.c:906:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/eggdrop-1.8.4/src/mod/irc.mod/irc.c:984:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ch[1024], q[256], *p;
data/eggdrop-1.8.4/src/mod/irc.mod/irc.c:988:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(q, "Channels: ");
data/eggdrop-1.8.4/src/mod/irc.mod/irc.c:1009:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(q, " ");
data/eggdrop-1.8.4/src/mod/irc.mod/irc.h:116:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define getchanmode ((char *(*)(struct chanset_t *))irc_funcs[24])
data/eggdrop-1.8.4/src/mod/irc.mod/mode.c:67:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *p, out[512], post[512];
data/eggdrop-1.8.4/src/mod/irc.mod/mode.c:116:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&post[(sizeof(post) - 1) - postsize], "%d ", chan->limit);
data/eggdrop-1.8.4/src/mod/irc.mod/mode.c:205:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[21];
data/eggdrop-1.8.4/src/mod/irc.mod/mode.c:344:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
chan->limit = atoi(op);
data/eggdrop-1.8.4/src/mod/irc.mod/mode.c:404:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ch[sizeof chan->name];
data/eggdrop-1.8.4/src/mod/irc.mod/mode.c:405:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[UHOSTLEN];
data/eggdrop-1.8.4/src/mod/irc.mod/mode.c:501:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[UHOSTLEN];
data/eggdrop-1.8.4/src/mod/irc.mod/mode.c:502:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ch[sizeof chan->name];
data/eggdrop-1.8.4/src/mod/irc.mod/mode.c:597:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ch[sizeof chan->name];
data/eggdrop-1.8.4/src/mod/irc.mod/mode.c:598:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[UHOSTLEN], s1[UHOSTLEN];
data/eggdrop-1.8.4/src/mod/irc.mod/mode.c:690:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ch[sizeof chan->name];
data/eggdrop-1.8.4/src/mod/irc.mod/mode.c:691:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[UHOSTLEN], s1[UHOSTLEN];
data/eggdrop-1.8.4/src/mod/irc.mod/mode.c:759:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char me[UHOSTLEN], s[UHOSTLEN], s1[UHOSTLEN];
data/eggdrop-1.8.4/src/mod/irc.mod/mode.c:804:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char resn[512] = "";
data/eggdrop-1.8.4/src/mod/irc.mod/mode.c:860:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[UHOSTLEN];
data/eggdrop-1.8.4/src/mod/irc.mod/mode.c:937:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[UHOSTLEN];
data/eggdrop-1.8.4/src/mod/irc.mod/mode.c:1003:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[UHOSTLEN], buf[511];
data/eggdrop-1.8.4/src/mod/irc.mod/mode.c:1004:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ms2[3];
data/eggdrop-1.8.4/src/mod/irc.mod/mode.c:1175:40: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
chan->channel.maxmembers = atoi(op);
data/eggdrop-1.8.4/src/mod/irc.mod/msgcmds.c:26:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[UHOSTLEN], s[UHOSTLEN], s1[UHOSTLEN], handle[HANDLEN + 1];
data/eggdrop-1.8.4/src/mod/irc.mod/msgcmds.c:161:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[UHOSTLEN], s1[UHOSTLEN], *pass, who[NICKLEN];
data/eggdrop-1.8.4/src/mod/irc.mod/msgcmds.c:258:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[121], *pass, *chname, *p;
data/eggdrop-1.8.4/src/mod/irc.mod/msgcmds.c:357:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[UHOSTLEN], also[512], *info;
data/eggdrop-1.8.4/src/mod/irc.mod/msgcmds.c:437:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[UHOSTLEN], s1[81], *s2;
data/eggdrop-1.8.4/src/mod/irc.mod/msgcmds.c:786:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[256], *vers_t, *uni_t, *pass;
data/eggdrop-1.8.4/src/mod/irc.mod/msgcmds.c:831:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, "%d day", (int) (now2 / 86400));
data/eggdrop-1.8.4/src/mod/irc.mod/msgcmds.c:834:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(s, ", ");
data/eggdrop-1.8.4/src/mod/irc.mod/msgcmds.c:840:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&s[strlen(s)], "%02d:%02d", (int) hr, (int) min);
data/eggdrop-1.8.4/src/mod/irc.mod/msgcmds.c:900:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[1024];
data/eggdrop-1.8.4/src/mod/irc.mod/msgcmds.c:1098:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = atoi(sport);
data/eggdrop-1.8.4/src/mod/irc.mod/msgcmds.c:1106:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = atoi(newsplit(&par));
data/eggdrop-1.8.4/src/mod/irc.mod/tclirc.c:27:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nuh[1024];
data/eggdrop-1.8.4/src/mod/irc.mod/tclirc.c:350:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nuh[1024];
data/eggdrop-1.8.4/src/mod/irc.mod/tclirc.c:502:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
maskaddr(argv[1], new, atoi(argv[2]));
data/eggdrop-1.8.4/src/mod/irc.mod/tclirc.c:514:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[20];
data/eggdrop-1.8.4/src/mod/irc.mod/tclirc.c:537:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char work[20], *p;
data/eggdrop-1.8.4/src/mod/irc.mod/tclirc.c:538:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
EGG_CONST char *list[3];
data/eggdrop-1.8.4/src/mod/irc.mod/tclirc.c:612:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[21];
data/eggdrop-1.8.4/src/mod/irc.mod/tclirc.c:628:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, "%lu", (unsigned long) m->joined);
data/eggdrop-1.8.4/src/mod/irc.mod/tclirc.c:870:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nuh[1024];
data/eggdrop-1.8.4/src/mod/irc.mod/tclirc.c:905:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nuh[1024];
data/eggdrop-1.8.4/src/mod/irc.mod/tclirc.c:940:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char kicknick[512], *nick, *p, *comment = NULL;
data/eggdrop-1.8.4/src/mod/module.h:99:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define module_rename ((int (*)(char *, char *))global[3])
data/eggdrop-1.8.4/src/mod/module.h:99:41: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define module_rename ((int (*)(char *, char *))global[3])
data/eggdrop-1.8.4/src/mod/module.h:101:35: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define module_register ((int (*)(char *, Function *, int, int))global[4])
data/eggdrop-1.8.4/src/mod/module.h:102:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define module_find ((module_entry * (*)(char *,int,int))global[5])
data/eggdrop-1.8.4/src/mod/module.h:103:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define module_depend ((Function *(*)(char *,char *,int,int))global[6])
data/eggdrop-1.8.4/src/mod/module.h:103:46: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define module_depend ((Function *(*)(char *,char *,int,int))global[6])
data/eggdrop-1.8.4/src/mod/module.h:104:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define module_undepend ((int(*)(char *))global[7])
data/eggdrop-1.8.4/src/mod/module.h:106:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define add_bind_table ((p_tcl_bind_list(*)(const char *,int,IntFunc))global[8])
data/eggdrop-1.8.4/src/mod/module.h:108:52: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define find_bind_table ((p_tcl_bind_list(*)(const char *))global[10])
data/eggdrop-1.8.4/src/mod/module.h:109:57: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define check_tcl_bind ((int (*) (p_tcl_bind_list,const char *,struct flag_record *,const char *, int))global[11])
data/eggdrop-1.8.4/src/mod/module.h:109:91: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define check_tcl_bind ((int (*) (p_tcl_bind_list,const char *,struct flag_record *,const char *, int))global[11])
data/eggdrop-1.8.4/src/mod/module.h:121:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define base64_to_int ((int (*) (char *))global[20])
data/eggdrop-1.8.4/src/mod/module.h:122:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define int_to_base64 ((char * (*) (int))global[21])
data/eggdrop-1.8.4/src/mod/module.h:123:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define int_to_base10 ((char * (*) (int))global[22])
data/eggdrop-1.8.4/src/mod/module.h:126:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define botnet_send_zapf ((void (*)(int, char *, char *, char *))global[24])
data/eggdrop-1.8.4/src/mod/module.h:126:50: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define botnet_send_zapf ((void (*)(int, char *, char *, char *))global[24])
data/eggdrop-1.8.4/src/mod/module.h:126:58: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define botnet_send_zapf ((void (*)(int, char *, char *, char *))global[24])
data/eggdrop-1.8.4/src/mod/module.h:127:48: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define botnet_send_zapf_broad ((void (*)(int, char *, char *, char *))global[25])
data/eggdrop-1.8.4/src/mod/module.h:127:56: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define botnet_send_zapf_broad ((void (*)(int, char *, char *, char *))global[25])
data/eggdrop-1.8.4/src/mod/module.h:127:64: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define botnet_send_zapf_broad ((void (*)(int, char *, char *, char *))global[25])
data/eggdrop-1.8.4/src/mod/module.h:128:46: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define botnet_send_unlinked ((void (*)(int, char *, char *))global[26])
data/eggdrop-1.8.4/src/mod/module.h:128:54: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define botnet_send_unlinked ((void (*)(int, char *, char *))global[26])
data/eggdrop-1.8.4/src/mod/module.h:137:44: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define botnet_send_part_idx ((void(*)(int,char *))global[33])
data/eggdrop-1.8.4/src/mod/module.h:139:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define nextbot ((int (*)(char *))global[35])
data/eggdrop-1.8.4/src/mod/module.h:142:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define n_free ((void (*)(void *,char *, int))global[37])
data/eggdrop-1.8.4/src/mod/module.h:143:49: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define u_pass_match ((int (*)(struct userrec *,char *))global[38])
data/eggdrop-1.8.4/src/mod/module.h:144:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define user_malloc(x) ((void *(*)(int,char *,int))global[39])(x,__FILE__,__LINE__)
data/eggdrop-1.8.4/src/mod/module.h:151:83: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define get_user_flagrec ((void (*)(struct userrec *, struct flag_record *, const char *))global[44])
data/eggdrop-1.8.4/src/mod/module.h:152:83: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define set_user_flagrec ((void (*)(struct userrec *, struct flag_record *, const char *))global[45])
data/eggdrop-1.8.4/src/mod/module.h:153:49: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define get_user_by_host ((struct userrec * (*)(char *))global[46])
data/eggdrop-1.8.4/src/mod/module.h:154:67: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define get_user_by_handle ((struct userrec *(*)(struct userrec *,char *))global[47])
data/eggdrop-1.8.4/src/mod/module.h:156:58: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define find_entry_type ((struct user_entry_type * (*) ( char * ))global[48])
data/eggdrop-1.8.4/src/mod/module.h:159:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define deluser ((int (*)(char *))global[51])
data/eggdrop-1.8.4/src/mod/module.h:161:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define addhost_by_handle ((void (*) (char *, char *))global[52])
data/eggdrop-1.8.4/src/mod/module.h:161:47: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define addhost_by_handle ((void (*) (char *, char *))global[52])
data/eggdrop-1.8.4/src/mod/module.h:162:36: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define delhost_by_handle ((int(*)(char *,char *))global[53])
data/eggdrop-1.8.4/src/mod/module.h:162:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define delhost_by_handle ((int(*)(char *,char *))global[53])
data/eggdrop-1.8.4/src/mod/module.h:163:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define readuserfile ((int (*)(char *,struct userrec **))global[54])
data/eggdrop-1.8.4/src/mod/module.h:166:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define geticon ((char (*) (int))global[56])
data/eggdrop-1.8.4/src/mod/module.h:176:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define break_down_flags ((void (*)(const char *,struct flag_record *,struct flag_record *))global[64])
data/eggdrop-1.8.4/src/mod/module.h:177:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define build_flags ((void (*)(char *, struct flag_record *, struct flag_record *))global[65])
data/eggdrop-1.8.4/src/mod/module.h:186:35: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define check_validity ((int (*) (char *,IntFunc))global[72])
data/eggdrop-1.8.4/src/mod/module.h:195:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
# define ssl_handshake ((int (*)(int,int,int,int,char *,IntFunc))global[78])
data/eggdrop-1.8.4/src/mod/module.h:197:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define tputs ((void (*) (int, char *,unsigned int))global[79])
data/eggdrop-1.8.4/src/mod/module.h:205:45: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define getdccaddr ((int (*) (sockname_t *, char *, socklen_t))global[85])
data/eggdrop-1.8.4/src/mod/module.h:207:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define open_telnet ((int (*) (int, char *, int))global[87])
data/eggdrop-1.8.4/src/mod/module.h:209:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define check_tcl_event ((void (*) (const char *))global[88])
data/eggdrop-1.8.4/src/mod/module.h:211:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define my_atoul ((IP(*)(char *))global[90])
data/eggdrop-1.8.4/src/mod/module.h:212:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define my_strcpy ((int (*)(char *, const char *))global[91])
data/eggdrop-1.8.4/src/mod/module.h:212:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define my_strcpy ((int (*)(char *, const char *))global[91])
data/eggdrop-1.8.4/src/mod/module.h:253:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define origbotname ((char *)(global[115]))
data/eggdrop-1.8.4/src/mod/module.h:255:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define botuser ((char *)(global[116]))
data/eggdrop-1.8.4/src/mod/module.h:256:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define admin ((char *)(global[117]))
data/eggdrop-1.8.4/src/mod/module.h:257:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define userfile ((char *)global[118])
data/eggdrop-1.8.4/src/mod/module.h:258:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define ver ((char *)global[119])
data/eggdrop-1.8.4/src/mod/module.h:260:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define notify_new ((char *)global[120])
data/eggdrop-1.8.4/src/mod/module.h:261:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define helpdir ((char *)global[121])
data/eggdrop-1.8.4/src/mod/module.h:262:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define Version ((char *)global[122])
data/eggdrop-1.8.4/src/mod/module.h:263:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define botnetnick ((char *)global[123])
data/eggdrop-1.8.4/src/mod/module.h:273:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define findchan ((struct chanset_t *(*)(char *))global[131])
data/eggdrop-1.8.4/src/mod/module.h:276:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define days ((void (*)(time_t,time_t,char *))global[133])
data/eggdrop-1.8.4/src/mod/module.h:277:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define daysago ((void (*)(time_t,time_t,char *))global[134])
data/eggdrop-1.8.4/src/mod/module.h:278:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define daysdur ((void (*)(time_t,time_t,char *))global[135])
data/eggdrop-1.8.4/src/mod/module.h:280:58: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define ismember ((memberlist * (*) (struct chanset_t *, char *))global[136])
data/eggdrop-1.8.4/src/mod/module.h:281:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define newsplit ((char *(*)(char **))global[137])
data/eggdrop-1.8.4/src/mod/module.h:281:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define newsplit ((char *(*)(char **))global[137])
data/eggdrop-1.8.4/src/mod/module.h:282:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define splitnick ((char *(*)(char **))global[138])
data/eggdrop-1.8.4/src/mod/module.h:282:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define splitnick ((char *(*)(char **))global[138])
data/eggdrop-1.8.4/src/mod/module.h:283:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define splitc ((void (*)(char *,char *,char))global[139])
data/eggdrop-1.8.4/src/mod/module.h:283:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define splitc ((void (*)(char *,char *,char))global[139])
data/eggdrop-1.8.4/src/mod/module.h:285:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define addignore ((void (*) (char *, char *, char *,time_t))global[140])
data/eggdrop-1.8.4/src/mod/module.h:285:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define addignore ((void (*) (char *, char *, char *,time_t))global[140])
data/eggdrop-1.8.4/src/mod/module.h:285:47: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define addignore ((void (*) (char *, char *, char *,time_t))global[140])
data/eggdrop-1.8.4/src/mod/module.h:286:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define match_ignore ((int (*)(char *))global[141])
data/eggdrop-1.8.4/src/mod/module.h:287:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define delignore ((int (*)(char *))global[142])
data/eggdrop-1.8.4/src/mod/module.h:292:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define movefile ((int (*) (char *, char *))global[146])
data/eggdrop-1.8.4/src/mod/module.h:292:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define movefile ((int (*) (char *, char *))global[146])
data/eggdrop-1.8.4/src/mod/module.h:293:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define copyfile ((int (*) (char *, char *))global[147])
data/eggdrop-1.8.4/src/mod/module.h:293:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define copyfile ((int (*) (char *, char *))global[147])
data/eggdrop-1.8.4/src/mod/module.h:295:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define do_tcl ((void (*)(char *, char *))global[148])
data/eggdrop-1.8.4/src/mod/module.h:295:35: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define do_tcl ((void (*)(char *, char *))global[148])
data/eggdrop-1.8.4/src/mod/module.h:296:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define readtclprog ((int (*)(const char *))global[149])
data/eggdrop-1.8.4/src/mod/module.h:297:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define get_language ((char *(*)(int))global[150])
data/eggdrop-1.8.4/src/mod/module.h:300:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define makepass ((void (*) (char *))global[152])
data/eggdrop-1.8.4/src/mod/module.h:301:36: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define wild_match ((int (*)(const char *, const char *))global[153])
data/eggdrop-1.8.4/src/mod/module.h:301:50: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define wild_match ((int (*)(const char *, const char *))global[153])
data/eggdrop-1.8.4/src/mod/module.h:302:35: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define maskaddr ((void (*)(const char *, char *, int))global[154])
data/eggdrop-1.8.4/src/mod/module.h:302:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define maskaddr ((void (*)(const char *, char *, int))global[154])
data/eggdrop-1.8.4/src/mod/module.h:305:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define tellhelp ((void(*)(int, char *, struct flag_record *, int))global[156])
data/eggdrop-1.8.4/src/mod/module.h:306:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define showhelp ((void(*)(char *, char *, struct flag_record *, int))global[157])
data/eggdrop-1.8.4/src/mod/module.h:306:36: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define showhelp ((void(*)(char *, char *, struct flag_record *, int))global[157])
data/eggdrop-1.8.4/src/mod/module.h:307:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define add_help_reference ((void(*)(char *))global[158])
data/eggdrop-1.8.4/src/mod/module.h:308:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define rem_help_reference ((void(*)(char *))global[159])
data/eggdrop-1.8.4/src/mod/module.h:310:50: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define touch_laston ((void (*)(struct userrec *,char *,time_t))global[160])
data/eggdrop-1.8.4/src/mod/module.h:311:58: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define add_mode ((void (*)(struct chanset_t *,char,char,char *))(*(Function**)(global[161])))
data/eggdrop-1.8.4/src/mod/module.h:312:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define rmspace ((void (*)(char *))global[162])
data/eggdrop-1.8.4/src/mod/module.h:313:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define in_chain ((int (*)(char *))global[163])
data/eggdrop-1.8.4/src/mod/module.h:315:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define add_note ((int (*)(char *,char*,char*,int,int))global[164])
data/eggdrop-1.8.4/src/mod/module.h:316:35: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define del_lang_section ((int(*)(char *))global[165])
data/eggdrop-1.8.4/src/mod/module.h:321:35: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define tell_mem_status ((void(*)(char *))global[169])
data/eggdrop-1.8.4/src/mod/module.h:323:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define check_tcl_filt ((const char *(*)(int, const char *))global[171])
data/eggdrop-1.8.4/src/mod/module.h:323:53: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define check_tcl_filt ((const char *(*)(int, const char *))global[171])
data/eggdrop-1.8.4/src/mod/module.h:351:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define user_del_chan ((void(*)(char *))(global[193]))
data/eggdrop-1.8.4/src/mod/module.h:360:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define logmodes ((int(*)(char *))global[200])
data/eggdrop-1.8.4/src/mod/module.h:361:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define masktype ((const char *(*)(int))global[201])
data/eggdrop-1.8.4/src/mod/module.h:362:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define stripmodes ((int(*)(char *))global[202])
data/eggdrop-1.8.4/src/mod/module.h:363:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define stripmasktype ((const char *(*)(int))global[203])
data/eggdrop-1.8.4/src/mod/module.h:365:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define sub_lang ((void(*)(int,char *))global[204])
data/eggdrop-1.8.4/src/mod/module.h:367:57: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define cmd_loadlanguage ((int (*)(struct userrec *,int,char *))global[206])
data/eggdrop-1.8.4/src/mod/module.h:370:56: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define check_dcc_chanattrs ((int (*)(struct userrec *,char *,int,int))global[208])
data/eggdrop-1.8.4/src/mod/module.h:373:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define botname ((char *)(global[211]))
data/eggdrop-1.8.4/src/mod/module.h:376:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define check_tcl_chjn ((void (*) (const char *,const char *,int,char,int,const char *))global[213])
data/eggdrop-1.8.4/src/mod/module.h:376:55: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define check_tcl_chjn ((void (*) (const char *,const char *,int,char,int,const char *))global[213])
data/eggdrop-1.8.4/src/mod/module.h:376:81: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define check_tcl_chjn ((void (*) (const char *,const char *,int,char,int,const char *))global[213])
data/eggdrop-1.8.4/src/mod/module.h:377:35: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define sanitycheck_dcc ((int (*)(char *, char *, char *, char *))global[214])
data/eggdrop-1.8.4/src/mod/module.h:377:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define sanitycheck_dcc ((int (*)(char *, char *, char *, char *))global[214])
data/eggdrop-1.8.4/src/mod/module.h:377:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define sanitycheck_dcc ((int (*)(char *, char *, char *, char *))global[214])
data/eggdrop-1.8.4/src/mod/module.h:377:59: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define sanitycheck_dcc ((int (*)(char *, char *, char *, char *))global[214])
data/eggdrop-1.8.4/src/mod/module.h:378:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define isowner ((int (*)(char *))global[215])
data/eggdrop-1.8.4/src/mod/module.h:380:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define fcopyfile ((int (*) (FILE *, char *))global[216])
data/eggdrop-1.8.4/src/mod/module.h:381:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define copyfilef ((int (*) (char *, FILE *))global[217])
data/eggdrop-1.8.4/src/mod/module.h:382:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define rfc_casecmp ((int(*)(char *, char *))(*(Function**)(global[218])))
data/eggdrop-1.8.4/src/mod/module.h:382:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define rfc_casecmp ((int(*)(char *, char *))(*(Function**)(global[218])))
data/eggdrop-1.8.4/src/mod/module.h:383:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define rfc_ncasecmp ((int(*)(char *, char *, int *))(*(Function**)(global[219])))
data/eggdrop-1.8.4/src/mod/module.h:383:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define rfc_ncasecmp ((int(*)(char *, char *, int *))(*(Function**)(global[219])))
data/eggdrop-1.8.4/src/mod/module.h:395:36: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define add_lang_section ((void(*)(char *))global[228])
data/eggdrop-1.8.4/src/mod/module.h:396:50: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define user_realloc(x,y) ((void *(*)(void *,int,char *,int))global[229])((x),(y),__FILE__,__LINE__)
data/eggdrop-1.8.4/src/mod/module.h:414:47: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define call_hostbyip ((void(*)(sockname_t *, char *, int))global[235])
data/eggdrop-1.8.4/src/mod/module.h:416:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define call_ipbyhost ((void(*)(char *, sockname_t *, int))global[236])
data/eggdrop-1.8.4/src/mod/module.h:417:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define iptostr ((char *(*)(struct sockaddr *))global[237])
data/eggdrop-1.8.4/src/mod/module.h:419:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define hostsanitycheck_dcc ((int(*)(char *, char *, sockname_t *, char *, char *))global[239])
data/eggdrop-1.8.4/src/mod/module.h:419:46: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define hostsanitycheck_dcc ((int(*)(char *, char *, sockname_t *, char *, char *))global[239])
data/eggdrop-1.8.4/src/mod/module.h:419:68: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define hostsanitycheck_dcc ((int(*)(char *, char *, sockname_t *, char *, char *))global[239])
data/eggdrop-1.8.4/src/mod/module.h:419:76: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define hostsanitycheck_dcc ((int(*)(char *, char *, sockname_t *, char *, char *))global[239])
data/eggdrop-1.8.4/src/mod/module.h:421:36: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define dcc_dnsipbyhost ((void (*)(char *))global[240])
data/eggdrop-1.8.4/src/mod/module.h:424:35: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define make_rand_str ((void (*) (char *, int))global[243])
data/eggdrop-1.8.4/src/mod/module.h:427:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define findchan_by_dname ((struct chanset_t *(*)(char *))global[245])
data/eggdrop-1.8.4/src/mod/module.h:434:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define egg_inet_aton ((int (*)(const char *cp, struct in_addr *addr))global[251])
data/eggdrop-1.8.4/src/mod/module.h:437:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define egg_vsnprintf ((int (*)(char *, size_t, const char *, va_list))global[253])
data/eggdrop-1.8.4/src/mod/module.h:437:55: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define egg_vsnprintf ((int (*)(char *, size_t, const char *, va_list))global[253])
data/eggdrop-1.8.4/src/mod/module.h:439:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define egg_strcasecmp ((int (*)(const char *, const char *))global[255])
data/eggdrop-1.8.4/src/mod/module.h:439:54: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define egg_strcasecmp ((int (*)(const char *, const char *))global[255])
data/eggdrop-1.8.4/src/mod/module.h:441:41: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define egg_strncasecmp ((int (*)(const char *, const char *, size_t))global[256])
data/eggdrop-1.8.4/src/mod/module.h:441:55: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define egg_strncasecmp ((int (*)(const char *, const char *, size_t))global[256])
data/eggdrop-1.8.4/src/mod/module.h:442:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define is_file ((int (*)(const char *))global[257])
data/eggdrop-1.8.4/src/mod/module.h:448:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define str_escape ((char *(*)(const char *, const char, const char))global[262])
data/eggdrop-1.8.4/src/mod/module.h:448:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define str_escape ((char *(*)(const char *, const char, const char))global[262])
data/eggdrop-1.8.4/src/mod/module.h:449:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define strchr_unescape ((char *(*)(char *, const char, const char))global[263])
data/eggdrop-1.8.4/src/mod/module.h:449:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define strchr_unescape ((char *(*)(char *, const char, const char))global[263])
data/eggdrop-1.8.4/src/mod/module.h:451:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define str_unescape ((void (*)(char *, const char))global[264])
data/eggdrop-1.8.4/src/mod/module.h:452:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define egg_strcatn ((int (*)(char *dst, const char *src, size_t max))global[265])
data/eggdrop-1.8.4/src/mod/module.h:452:48: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define egg_strcatn ((int (*)(char *dst, const char *src, size_t max))global[265])
data/eggdrop-1.8.4/src/mod/module.h:453:48: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define clear_chanlist_member ((void (*)(const char *nick))global[266])
data/eggdrop-1.8.4/src/mod/module.h:454:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define fixfrom ((char *(*)(char *))global[267])
data/eggdrop-1.8.4/src/mod/module.h:454:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define fixfrom ((char *(*)(char *))global[267])
data/eggdrop-1.8.4/src/mod/module.h:463:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define kill_bot ((void (*)(char *, char *))global[271])
data/eggdrop-1.8.4/src/mod/module.h:463:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define kill_bot ((void (*)(char *, char *))global[271])
data/eggdrop-1.8.4/src/mod/module.h:465:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define quit_msg ((char *)(global[272]))
data/eggdrop-1.8.4/src/mod/module.h:466:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define module_load ((char *(*)(char *))global[273])
data/eggdrop-1.8.4/src/mod/module.h:466:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define module_load ((char *(*)(char *))global[273])
data/eggdrop-1.8.4/src/mod/module.h:467:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define module_unload ((char *(*)(char *, char *))global[274])
data/eggdrop-1.8.4/src/mod/module.h:467:35: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define module_unload ((char *(*)(char *, char *))global[274])
data/eggdrop-1.8.4/src/mod/module.h:467:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define module_unload ((char *(*)(char *, char *))global[274])
data/eggdrop-1.8.4/src/mod/module.h:473:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define MD5_Final ((void (*)(unsigned char *, MD5_CTX *))global[279])
data/eggdrop-1.8.4/src/mod/module.h:475:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define wild_match_per ((int (*)(const char *, const char *))global[280])
data/eggdrop-1.8.4/src/mod/module.h:475:54: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define wild_match_per ((int (*)(const char *, const char *))global[280])
data/eggdrop-1.8.4/src/mod/module.h:481:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define file_readable ((int (*) (char *))global[285])
data/eggdrop-1.8.4/src/mod/module.h:482:45: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define setsockname ((int (*)(sockname_t *, char *, int, int))global[286])
data/eggdrop-1.8.4/src/mod/module.h:488:42: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define strip_mirc_codes ((void (*)(int, char *))global[289])
data/eggdrop-1.8.4/src/mod/module.h:489:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define check_ansi ((int (*) (char *))global[290])
data/eggdrop-1.8.4/src/mod/module.h:490:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define oatoi ((int (*) (const char *))global[291])
data/eggdrop-1.8.4/src/mod/module.h:492:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define str_isdigit ((int (*) (const char *))global[292])
data/eggdrop-1.8.4/src/mod/module.h:493:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define remove_crlf ((void (*) (char **))global[293])
data/eggdrop-1.8.4/src/mod/module.h:494:36: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define addr_match ((int (*)(const char *, const char *, int, int))global[294])
data/eggdrop-1.8.4/src/mod/module.h:494:50: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define addr_match ((int (*)(const char *, const char *, int, int))global[294])
data/eggdrop-1.8.4/src/mod/module.h:495:36: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define mask_match ((int (*)(const char *, const char *))global[295])
data/eggdrop-1.8.4/src/mod/module.h:495:50: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define mask_match ((int (*)(const char *, const char *))global[295])
data/eggdrop-1.8.4/src/mod/module.h:499:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define LOG_TS ((char *)(global[298]))
data/eggdrop-1.8.4/src/mod/module.h:503:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define tcl_resultstring ((const char *(*)(void))global[301])
data/eggdrop-1.8.4/src/mod/module.h:504:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define getdccfamilyaddr ((int (*) (sockname_t *, char *, socklen_t, int))global[302])
data/eggdrop-1.8.4/src/mod/module.h:506:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
# define strlcpy ((size_t (*) (char *, const char *, size_t))global[303])
data/eggdrop-1.8.4/src/mod/module.h:506:46: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
# define strlcpy ((size_t (*) (char *, const char *, size_t))global[303])
data/eggdrop-1.8.4/src/mod/module.h:509:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define strncpyz ((size_t (*) (char *, const char *, size_t))global[304])
data/eggdrop-1.8.4/src/mod/module.h:509:46: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define strncpyz ((size_t (*) (char *, const char *, size_t))global[304])
data/eggdrop-1.8.4/src/mod/module.h:525:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(((char *(*)(char *,char*))encryption_funcs[4])(a,b))
data/eggdrop-1.8.4/src/mod/module.h:525:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(((char *(*)(char *,char*))encryption_funcs[4])(a,b))
data/eggdrop-1.8.4/src/mod/module.h:527:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(((char *(*)(char *,char*))encryption_funcs[5])(a,b))
data/eggdrop-1.8.4/src/mod/module.h:527:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(((char *(*)(char *,char*))encryption_funcs[5])(a,b))
data/eggdrop-1.8.4/src/mod/notes.mod/cmdsnote.c:219:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char handle[512], *p;
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:40:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char notefile[121]; /* Name of the notefile */
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:82:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[513], *to, *s1;
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:86:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(notefile, "r");
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:114:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[513], *to, *s1;
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:121:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(notefile, "r");
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:125:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
g = fopen(s, "w");
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:165:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[513], *to, *from, *ts, *s1;
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:170:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(notefile, "r");
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:174:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
g = fopen(s, "w");
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:190:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lapse = (now - (time_t) atoi(ts)) / 86400;
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:217:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char u[20], *f1, *to = NULL, work[1024];
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:223:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
idx = findanyidx(atoi(argv[4]));
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:226:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fwd[161], fwd2[161], *f2, *p, *q, *r;
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:300:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(notefile, "a");
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:302:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(notefile, "w");
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:345:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dl[idl] = atoi(s + i);
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:350:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dl[idl] = atoi(s + i + 1); /* Will be 0 if not a number */
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:381:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[601], *to, *s1;
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:395:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(notefile, "r");
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:401:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
g = fopen(s, "w");
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:429:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, "%d", erased);
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:443:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[32];
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:456:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, "%d", i);
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:472:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[601], *to, *dt, *from, *s1, wt[100];
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:488:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(notefile, "r");
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:510:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tt = atoi(dt);
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:576:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[513], *to, *s1;
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:590:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(notefile, "r");
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:599:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
g = fopen(s, "w");
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:667:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[601], *to, *from, *dt, *s1, *p;
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:668:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
EGG_CONST char *list[3];
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:678:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, "%d", num_notes(argv[1]));
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:686:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(notefile, "r");
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:808:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(notefile, "a");
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:810:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(notefile, "w");
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:837:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s1[NICKMAX+UHOSTLEN+1];
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:1238:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&USERENTRY_FWD, &USERENTRY_INFO, sizeof(void *) * 12);
data/eggdrop-1.8.4/src/mod/seen.mod/seen.c:122:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix[91]; /* sizeof(name) + strlen("PRIVMSG :") */
data/eggdrop-1.8.4/src/mod/seen.mod/seen.c:134:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char prefix[50];
data/eggdrop-1.8.4/src/mod/seen.mod/seen.c:156:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stuff[512], word1[512], word2[512], whotarget[128], object[128],
data/eggdrop-1.8.4/src/mod/seen.mod/seen.c:207:11: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(whoredirect, " is ");
data/eggdrop-1.8.4/src/mod/seen.mod/seen.c:209:11: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(whoredirect, ", and ");
data/eggdrop-1.8.4/src/mod/seen.mod/seen.c:300:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(whoredirect, "My owner is ");
data/eggdrop-1.8.4/src/mod/seen.mod/seen.c:302:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(whoredirect, ", and ");
data/eggdrop-1.8.4/src/mod/seen.mod/seen.c:304:11: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(whoredirect, "that's YOU");
data/eggdrop-1.8.4/src/mod/seen.mod/seen.c:306:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(whoredirect, "!!!");
data/eggdrop-1.8.4/src/mod/seen.mod/seen.c:308:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(whoredirect, ", ");
data/eggdrop-1.8.4/src/mod/seen.mod/seen.c:354:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(whoredirect, " is ");
data/eggdrop-1.8.4/src/mod/seen.mod/seen.c:356:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(whoredirect, ", and ");
data/eggdrop-1.8.4/src/mod/seen.mod/seen.c:372:11: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(whoredirect, " is ");
data/eggdrop-1.8.4/src/mod/seen.mod/seen.c:374:11: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(whoredirect, ", and ");
data/eggdrop-1.8.4/src/mod/seen.mod/seen.c:434:11: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(whoredirect,
data/eggdrop-1.8.4/src/mod/seen.mod/seen.c:491:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(word2 + strlen(word2) - 2, " ago.");
data/eggdrop-1.8.4/src/mod/seen.mod/seen.c:505:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char fixit[512];
data/eggdrop-1.8.4/src/mod/server.mod/cmdsserv.c:28:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[1024];
data/eggdrop-1.8.4/src/mod/server.mod/cmdsserv.c:90:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = atoi(sport);
data/eggdrop-1.8.4/src/mod/server.mod/cmdsserv.c:102:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = atoi(sport);
data/eggdrop-1.8.4/src/mod/server.mod/server.c:35:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char newserver[121]; /* new server? */
data/eggdrop-1.8.4/src/mod/server.mod/server.c:37:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char newserverpass[121]; /* new server password? */
data/eggdrop-1.8.4/src/mod/server.mod/server.c:40:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char altnick[NICKLEN]; /* possible alternate nickname to use */
data/eggdrop-1.8.4/src/mod/server.mod/server.c:41:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char raltnick[NICKLEN]; /* random nick created from altnick */
data/eggdrop-1.8.4/src/mod/server.mod/server.c:47:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char initserver[121]; /* what, if anything, to send to the
data/eggdrop-1.8.4/src/mod/server.mod/server.c:49:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char botuserhost[121]; /* bot's user@host (refreshed whenever the
data/eggdrop-1.8.4/src/mod/server.mod/server.c:64:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char botrealname[81]; /* realname of bot */
data/eggdrop-1.8.4/src/mod/server.mod/server.c:70:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char oldnick[NICKLEN]; /* previous nickname *before* rehash */
data/eggdrop-1.8.4/src/mod/server.mod/server.c:78:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char connectserver[121]; /* what, if anything, to do before connect
data/eggdrop-1.8.4/src/mod/server.mod/server.c:86:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char stackablecmds[511];
data/eggdrop-1.8.4/src/mod/server.mod/server.c:87:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char stackable2cmds[511];
data/eggdrop-1.8.4/src/mod/server.mod/server.c:140:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s2, s, len);
data/eggdrop-1.8.4/src/mod/server.mod/server.c:413:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msgstr[511], nextmsgstr[511], tosend[511], victims[511], stackable[511],
data/eggdrop-1.8.4/src/mod/server.mod/server.c:539:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[511], *msg, *nicks, *nick, *chan, newnicks[511], newmsg[511];
data/eggdrop-1.8.4/src/mod/server.mod/server.c:595:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[511], *reason, *nicks, *nick, *chan, newnicks[511],
data/eggdrop-1.8.4/src/mod/server.mod/server.c:664:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[511], buf2[511], *reason2, *nicks, *chan, *chan2, *reason, *nick,
data/eggdrop-1.8.4/src/mod/server.mod/server.c:804:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[511];
data/eggdrop-1.8.4/src/mod/server.mod/server.c:906:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(q->msg, buf, len);
data/eggdrop-1.8.4/src/mod/server.mod/server.c:968:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[256] = "", port[11] = "", pass[121] = "";
data/eggdrop-1.8.4/src/mod/server.mod/server.c:1003:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
x->port = atoi(port);
data/eggdrop-1.8.4/src/mod/server.mod/server.c:1110:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char x[20];
data/eggdrop-1.8.4/src/mod/server.mod/server.c:1244:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[1024];
data/eggdrop-1.8.4/src/mod/server.mod/server.c:1270:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[1024];
data/eggdrop-1.8.4/src/mod/server.mod/server.c:1297:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[1024];
data/eggdrop-1.8.4/src/mod/server.mod/server.c:1361:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[40];
data/eggdrop-1.8.4/src/mod/server.mod/server.c:1444:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char x[1024];
data/eggdrop-1.8.4/src/mod/server.mod/server.c:1481:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
add_server((char *) list[i]);
data/eggdrop-1.8.4/src/mod/server.mod/server.c:1520:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *action, *param, *ip, *prt, buf[512], *msg = buf;
data/eggdrop-1.8.4/src/mod/server.mod/server.c:1560:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
} else if (atoi(prt) < 1024 || atoi(prt) > 65535) {
data/eggdrop-1.8.4/src/mod/server.mod/server.c:1560:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
} else if (atoi(prt) < 1024 || atoi(prt) > 65535) {
data/eggdrop-1.8.4/src/mod/server.mod/server.c:1577:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dcc[i].port = atoi(prt);
data/eggdrop-1.8.4/src/mod/server.mod/server.c:1608:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/eggdrop-1.8.4/src/mod/server.mod/server.c:1777:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s1[64], s[128];
data/eggdrop-1.8.4/src/mod/server.mod/server.c:1990:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(botrealname, "A deranged product of evil coders");
data/eggdrop-1.8.4/src/mod/server.mod/server.c:2010:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(stackable2cmds, "USERHOST ISON");
data/eggdrop-1.8.4/src/mod/server.mod/server.h:32:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define botuserhost ((char *)(server_funcs[5]))
data/eggdrop-1.8.4/src/mod/server.mod/server.h:45:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define match_my_nick ((int(*)(char *))server_funcs[12])
data/eggdrop-1.8.4/src/mod/server.mod/server.h:46:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define check_tcl_flud ((int (*)(char *,char *,struct userrec *,char *,char *))server_funcs[13])
data/eggdrop-1.8.4/src/mod/server.mod/server.h:46:41: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define check_tcl_flud ((int (*)(char *,char *,struct userrec *,char *,char *))server_funcs[13])
data/eggdrop-1.8.4/src/mod/server.mod/server.h:46:65: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define check_tcl_flud ((int (*)(char *,char *,struct userrec *,char *,char *))server_funcs[13])
data/eggdrop-1.8.4/src/mod/server.mod/server.h:46:72: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define check_tcl_flud ((int (*)(char *,char *,struct userrec *,char *,char *))server_funcs[13])
data/eggdrop-1.8.4/src/mod/server.mod/server.h:53:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define nuke_server ((void(*)(char *))server_funcs[19])
data/eggdrop-1.8.4/src/mod/server.mod/server.h:55:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define newserver ((char *)(server_funcs[20]))
data/eggdrop-1.8.4/src/mod/server.mod/server.h:57:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define newserverpass ((char *)(server_funcs[22]))
data/eggdrop-1.8.4/src/mod/server.mod/server.h:73:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define ctcp_reply ((char *)(server_funcs[35]))
data/eggdrop-1.8.4/src/mod/server.mod/server.h:75:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define get_altbotnick ((char *(*)(void))(server_funcs[36]))
data/eggdrop-1.8.4/src/mod/server.mod/server.h:77:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define check_tcl_notc ((int (*)(char *,char *,struct userrec *,char *,char *))server_funcs[38])
data/eggdrop-1.8.4/src/mod/server.mod/server.h:77:41: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define check_tcl_notc ((int (*)(char *,char *,struct userrec *,char *,char *))server_funcs[38])
data/eggdrop-1.8.4/src/mod/server.mod/server.h:77:65: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define check_tcl_notc ((int (*)(char *,char *,struct userrec *,char *,char *))server_funcs[38])
data/eggdrop-1.8.4/src/mod/server.mod/server.h:77:72: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define check_tcl_notc ((int (*)(char *,char *,struct userrec *,char *,char *))server_funcs[38])
data/eggdrop-1.8.4/src/mod/server.mod/servmsg.c:120:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char args[1024];
data/eggdrop-1.8.4/src/mod/server.mod/servmsg.c:251:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char args[32], *queue;
data/eggdrop-1.8.4/src/mod/server.mod/servmsg.c:395:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ctcp_reply[1024] = "";
data/eggdrop-1.8.4/src/mod/server.mod/servmsg.c:398:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char lastmsghost[FLOOD_GLOBAL_MAX][81];
data/eggdrop-1.8.4/src/mod/server.mod/servmsg.c:405:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *p, ftype[10], h[1024];
data/eggdrop-1.8.4/src/mod/server.mod/servmsg.c:428:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ftype, "msg");
data/eggdrop-1.8.4/src/mod/server.mod/servmsg.c:433:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ftype, "ctcp");
data/eggdrop-1.8.4/src/mod/server.mod/servmsg.c:479:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *to, buf[UHOSTLEN], *nick, ctcpbuf[512], *uhost = buf, *ctcp,
data/eggdrop-1.8.4/src/mod/server.mod/servmsg.c:616:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *to, *nick, ctcpbuf[512], *p, *p1, buf[512], *uhost = buf, *ctcp;
data/eggdrop-1.8.4/src/mod/server.mod/servmsg.c:1053:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(dcc[idx].nick, "(server)");
data/eggdrop-1.8.4/src/mod/server.mod/servmsg.c:1185:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pass[121], botserver[UHOSTLEN];
data/eggdrop-1.8.4/src/mod/server.mod/servmsg.c:1235:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(dcc[servidx].nick, "(server)");
data/eggdrop-1.8.4/src/mod/server.mod/servmsg.c:1282:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pass[121];
data/eggdrop-1.8.4/src/mod/server.mod/servmsg.c:1329:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(botrealname, "/msg LamestBot hello");
data/eggdrop-1.8.4/src/mod/server.mod/tclserv.c:37:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512], *p, *q, *r;
data/eggdrop-1.8.4/src/mod/server.mod/tclserv.c:87:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[511], *p;
data/eggdrop-1.8.4/src/mod/server.mod/tclserv.c:114:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[511], *p;
data/eggdrop-1.8.4/src/mod/server.mod/tclserv.c:141:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[511], *p;
data/eggdrop-1.8.4/src/mod/server.mod/tclserv.c:179:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newserverport = atoi(argv[2]);
data/eggdrop-1.8.4/src/mod/server.mod/tclserv.c:182:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
newserverport = atoi(argv[2]);
data/eggdrop-1.8.4/src/mod/server.mod/tclserv.c:199:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[20];
data/eggdrop-1.8.4/src/mod/server.mod/tclserv.c:280:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[20];
data/eggdrop-1.8.4/src/mod/share.mod/share.c:51:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char private_globals[51];
data/eggdrop-1.8.4/src/mod/share.mod/share.c:66:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bot[HANDLEN + 1];
data/eggdrop-1.8.4/src/mod/share.mod/share.c:201:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
yn = atoi(val);
data/eggdrop-1.8.4/src/mod/share.mod/share.c:241:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
yn = atoi(val);
data/eggdrop-1.8.4/src/mod/share.mod/share.c:281:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
yn = atoi(val);
data/eggdrop-1.8.4/src/mod/share.mod/share.c:331:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *hand, *atr, s[100];
data/eggdrop-1.8.4/src/mod/share.mod/share.c:465:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *nick, *host, *pass, s[100];
data/eggdrop-1.8.4/src/mod/share.mod/share.c:553:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/eggdrop-1.8.4/src/mod/share.mod/share.c:589:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *hand, p[32];
data/eggdrop-1.8.4/src/mod/share.mod/share.c:651:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pass[30];
data/eggdrop-1.8.4/src/mod/share.mod/share.c:876:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
expire_time = (time_t) atoi(tm);
data/eggdrop-1.8.4/src/mod/share.mod/share.c:922:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
expire_time = (time_t) atoi(tm);
data/eggdrop-1.8.4/src/mod/share.mod/share.c:954:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
expire_time = (time_t) atoi(tm);
data/eggdrop-1.8.4/src/mod/share.mod/share.c:996:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
expire_time = (time_t) atoi(tm);
data/eggdrop-1.8.4/src/mod/share.mod/share.c:1025:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
expire_time = (time_t) atoi(tm);
data/eggdrop-1.8.4/src/mod/share.mod/share.c:1067:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
expire_time = (time_t) atoi(tm);
data/eggdrop-1.8.4/src/mod/share.mod/share.c:1089:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!atoi(ts))
data/eggdrop-1.8.4/src/mod/share.mod/share.c:1092:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
expire_time = now + atoi(ts);
data/eggdrop-1.8.4/src/mod/share.mod/share.c:1170:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[1024];
data/eggdrop-1.8.4/src/mod/share.mod/share.c:1183:35: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
} else if (copy_to_tmp && !(f = tmpfile())) {
data/eggdrop-1.8.4/src/mod/share.mod/share.c:1186:36: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
} else if (!copy_to_tmp && !(f = fopen(s, "wb"))) {
data/eggdrop-1.8.4/src/mod/share.mod/share.c:1195:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dcc[i].sockname, &dcc[idx].sockname, sizeof dcc[i].sockname);
data/eggdrop-1.8.4/src/mod/share.mod/share.c:1196:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dcc[i].port = atoi(port);
data/eggdrop-1.8.4/src/mod/share.mod/share.c:1213:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(dcc[i].nick, "*users");
data/eggdrop-1.8.4/src/mod/share.mod/share.c:1217:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dcc[i].u.xfer->length = atoi(par);
data/eggdrop-1.8.4/src/mod/share.mod/share.c:1392:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[601];
data/eggdrop-1.8.4/src/mod/share.mod/share.c:1401:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s, "s ");
data/eggdrop-1.8.4/src/mod/share.mod/share.c:1426:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[601];
data/eggdrop-1.8.4/src/mod/share.mod/share.c:1434:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s, "s ");
data/eggdrop-1.8.4/src/mod/share.mod/share.c:1649:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[121];
data/eggdrop-1.8.4/src/mod/share.mod/share.c:1673:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((f = fopen(fn, "wb"))) {
data/eggdrop-1.8.4/src/mod/share.mod/share.c:1961:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char share_file[1024], s1[64];
data/eggdrop-1.8.4/src/mod/share.mod/share.c:1966:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[INET6_ADDRSTRLEN];
data/eggdrop-1.8.4/src/mod/share.mod/share.c:1968:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[INET_ADDRSTRLEN];
data/eggdrop-1.8.4/src/mod/share.mod/share.c:2024:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s2[1024];
data/eggdrop-1.8.4/src/mod/share.mod/uf_features.c:75:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char uff_sbuf[512];
data/eggdrop-1.8.4/src/mod/transfer.mod/tcltransfer.c:23:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[10], *sys, *nfn;
data/eggdrop-1.8.4/src/mod/transfer.mod/tcltransfer.c:84:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[15];
data/eggdrop-1.8.4/src/mod/transfer.mod/tcltransfer.c:88:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sock = atoi(argv[1]);
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.c:186:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[15];
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.c:271:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *nfn, s[1024], *hand;
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.c:424:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xnick[NICKLEN];
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.c:425:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bbuf[4];
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.c:435:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(dcc[idx].u.xfer->buf[dcc[idx].u.xfer->sofar]), buf, len);
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.c:444:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(®et_data, dcc[idx].u.xfer->buf, dcc[idx].u.xfer->sofar);
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.c:445:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(®et_data + dcc[idx].u.xfer->sofar, buf, len);
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.c:455:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bbuf, dcc[idx].u.xfer->buf, dcc[idx].u.xfer->sofar);
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.c:456:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(bbuf[dcc[idx].u.xfer->sofar]), buf, len);
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.c:461:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dcc[idx].u.xfer->buf, &(buf[p]), w);
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.c:464:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bbuf, &(buf[p]), w);
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.c:543:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
strcpy((char *) xnick, dcc[idx].nick);
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.c:564:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xnick[NICKLEN], s[1024];
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.c:631:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xx[1024];
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.c:846:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s1[121];
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.c:953:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(filename, "r");
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.c:982:9: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
f = tmpfile();
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.c:990:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(filename, "r");
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.c:1007:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(dcc[i].host, "irc");
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.c:1023:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[INET6_ADDRSTRLEN];
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.c:1025:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[INET_ADDRSTRLEN];
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.c:1058:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *action, *fn, buf[512], *msg = buf;
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.c:1069:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = atoi(newsplit(&msg));
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.h:107:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define at_limit(a) (((int (*) (char *))transfer_funcs[5])(a))
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.h:109:44: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define fileq_cancel(a,b) (((void (*) (int,char *))transfer_funcs[7])(a,b))
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.h:111:41: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define queue_file(a,b,c,d) (((void (*)(char *,char *,char *,char *))transfer_funcs[8])(a,b,c,d))
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.h:111:48: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define queue_file(a,b,c,d) (((void (*)(char *,char *,char *,char *))transfer_funcs[8])(a,b,c,d))
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.h:111:55: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define queue_file(a,b,c,d) (((void (*)(char *,char *,char *,char *))transfer_funcs[8])(a,b,c,d))
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.h:111:62: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define queue_file(a,b,c,d) (((void (*)(char *,char *,char *,char *))transfer_funcs[8])(a,b,c,d))
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.h:112:41: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define raw_dcc_send(a,b,c) (((int (*) (char *,char *,char *))transfer_funcs[9])(a,b,c))
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.h:112:48: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define raw_dcc_send(a,b,c) (((int (*) (char *,char *,char *))transfer_funcs[9])(a,b,c))
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.h:112:55: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define raw_dcc_send(a,b,c) (((int (*) (char *,char *,char *))transfer_funcs[9])(a,b,c))
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.h:114:41: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define wild_match_file(a,b) (((int (*)(char *, char *))transfer_funcs[11])(a,b))
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.h:114:49: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define wild_match_file(a,b) (((int (*)(char *, char *))transfer_funcs[11])(a,b))
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.h:123:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define raw_dcc_resend(a,b,c) (((int (*) (char *,char *,char *))transfer_funcs[18])(a,b,c))
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.h:123:50: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define raw_dcc_resend(a,b,c) (((int (*) (char *,char *,char *))transfer_funcs[18])(a,b,c))
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.h:123:57: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
#define raw_dcc_resend(a,b,c) (((int (*) (char *,char *,char *))transfer_funcs[18])(a,b,c))
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.h:165:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nick[NICKLEN]; /* Who queued this file */
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.h:166:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char to[NICKLEN]; /* Who will it be sent to */
data/eggdrop-1.8.4/src/mod/transfer.mod/transferfstat.c:32:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fs->uploads = atoi(arg);
data/eggdrop-1.8.4/src/mod/transfer.mod/transferfstat.c:36:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fs->upload_ks = atoi(arg);
data/eggdrop-1.8.4/src/mod/transfer.mod/transferfstat.c:40:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fs->dnloads = atoi(arg);
data/eggdrop-1.8.4/src/mod/transfer.mod/transferfstat.c:44:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fs->dnload_ks = atoi(arg);
data/eggdrop-1.8.4/src/mod/transfer.mod/transferfstat.c:138:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d[50];
data/eggdrop-1.8.4/src/mod/transfer.mod/transferfstat.c:154:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d[50];
data/eggdrop-1.8.4/src/mod/transfer.mod/transferfstat.c:229:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fs->uploads = atoi(p);
data/eggdrop-1.8.4/src/mod/transfer.mod/transferfstat.c:233:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fs->upload_ks = atoi(p);
data/eggdrop-1.8.4/src/mod/transfer.mod/transferfstat.c:237:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fs->dnloads = atoi(p);
data/eggdrop-1.8.4/src/mod/transfer.mod/transferfstat.c:241:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fs->dnload_ks = atoi(p);
data/eggdrop-1.8.4/src/mod/transfer.mod/transferfstat.c:258:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fs, e->u.extra, sizeof(struct filesys_stats));
data/eggdrop-1.8.4/src/mod/transfer.mod/transferfstat.c:308:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
f = atoi(argv[4]);
data/eggdrop-1.8.4/src/mod/transfer.mod/transferfstat.c:310:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
k = atoi(argv[5]);
data/eggdrop-1.8.4/src/mod/transfer.mod/transferqueue.c:119:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
strcpy(this->dir, &(p[atoi(this->dir)]));
data/eggdrop-1.8.4/src/mod/uptime.mod/uptime.c:70:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[3];
data/eggdrop-1.8.4/src/mod/uptime.mod/uptime.c:86:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char uptime_version[48] = "";
data/eggdrop-1.8.4/src/mod/uptime.mod/uptime.c:136:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char x[64], *z = x;
data/eggdrop-1.8.4/src/mod/uptime.mod/uptime.c:178:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char servhost[UHOSTLEN] = "none";
data/eggdrop-1.8.4/src/mod/uptime.mod/uptime.c:221:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mem, &upPack, sizeof(upPack));
data/eggdrop-1.8.4/src/modules.c:116:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char moddir[121] = "modules/";
data/eggdrop-1.8.4/src/modules.c:618:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(module_list->name, "eggdrop");
data/eggdrop-1.8.4/src/modules.c:687:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char workbuf[1024];
data/eggdrop-1.8.4/src/modules.c:856:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
e = (((char *(*)()) f[MODCALL_CLOSE]) (user));
data/eggdrop-1.8.4/src/modules.c:977:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char x[100], *p;
data/eggdrop-1.8.4/src/modules.c:992:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char x[100], *p;
data/eggdrop-1.8.4/src/modules.c:1005:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char x[100], *p;
data/eggdrop-1.8.4/src/net.c:56:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char natip[121] = ""; /* Public IPv4 to report for systems behind NAT */
data/eggdrop-1.8.4/src/net.c:57:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char listen_ip[121] = ""; /* IP (or hostname) for listening sockets */
data/eggdrop-1.8.4/src/net.c:58:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vhost[121] = ""; /* IPv4 vhost for outgoing connections */
data/eggdrop-1.8.4/src/net.c:60:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vhost6[121] = ""; /* IPv6 vhost for outgoing connections */
data/eggdrop-1.8.4/src/net.c:63:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char firewall[121] = ""; /* Socks server for firewall. */
data/eggdrop-1.8.4/src/net.c:65:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char botuser[11] = "eggdrop"; /* Username of the user running the bot. */
data/eggdrop-1.8.4/src/net.c:112:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char s[INET6_ADDRSTRLEN] = "";
data/eggdrop-1.8.4/src/net.c:118:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char s[INET_ADDRSTRLEN] = "";
data/eggdrop-1.8.4/src/net.c:167:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&addr->addr.s4.sin_addr, hp->h_addr, hp->h_length);
data/eggdrop-1.8.4/src/net.c:169:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&addr->addr.s6.sin6_addr, hp->h_addr, hp->h_length);
data/eggdrop-1.8.4/src/net.c:223:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&addr->addr.s4.sin_addr, hp->h_addr, hp->h_length);
data/eggdrop-1.8.4/src/net.c:457:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host[121], s[256];
data/eggdrop-1.8.4/src/net.c:484:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(host, &addr->addr.s4.sin_addr.s_addr, 4);
data/eggdrop-1.8.4/src/net.c:699:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char h[121];
data/eggdrop-1.8.4/src/net.c:771:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ip, r->addr.s6.sin6_addr.s6_addr + 12, sizeof ip);
data/eggdrop-1.8.4/src/net.c:1031:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char xx[514], *p, *px;
data/eggdrop-1.8.4/src/net.c:1052:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(px, p, len2);
data/eggdrop-1.8.4/src/net.c:1066:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s, socklist[i].handler.sock.inbuf, socklist[i].handler.sock.inbuflen);
data/eggdrop-1.8.4/src/net.c:1073:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s, socklist[i].handler.sock.inbuf, *len);
data/eggdrop-1.8.4/src/net.c:1074:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(socklist[i].handler.sock.inbuf, socklist[i].handler.sock.inbuf + *len, *len);
data/eggdrop-1.8.4/src/net.c:1098:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s, xx, *len);
data/eggdrop-1.8.4/src/net.c:1109:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(socklist[ret].handler.sock.inbuf, xx, *len);
data/eggdrop-1.8.4/src/net.c:1121:41: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
socklist[ret].handler.sock.inbuf = (char *) nrealloc(socklist[ret].handler.sock.inbuf,
data/eggdrop-1.8.4/src/net.c:1123:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(socklist[ret].handler.sock.inbuf + socklist[ret].handler.sock.inbuflen, xx, *len);
data/eggdrop-1.8.4/src/net.c:1156:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s, xx, p - xx);
data/eggdrop-1.8.4/src/net.c:1195:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(socklist[ret].handler.sock.inbuf, xx, len2);
data/eggdrop-1.8.4/src/net.c:1247:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
p = (char *) nrealloc(socklist[i].handler.sock.outbuf, socklist[i].handler.sock.outbuflen + len);
data/eggdrop-1.8.4/src/net.c:1248:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p + socklist[i].handler.sock.outbuflen, s, len);
data/eggdrop-1.8.4/src/net.c:1277:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(socklist[i].handler.sock.outbuf, &s[x], len - x);
data/eggdrop-1.8.4/src/net.c:1373:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(socklist[i].handler.sock.outbuf, p + x,
data/eggdrop-1.8.4/src/net.c:1402:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[80];
data/eggdrop-1.8.4/src/net.c:1407:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, " %d", socklist[i].sock);
data/eggdrop-1.8.4/src/net.c:1409:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(s, " (binary)");
data/eggdrop-1.8.4/src/net.c:1411:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(s, " (listen)");
data/eggdrop-1.8.4/src/net.c:1413:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(s, " (passed on)");
data/eggdrop-1.8.4/src/net.c:1415:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(s, " (connecting)");
data/eggdrop-1.8.4/src/net.c:1417:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(s, " (strong)");
data/eggdrop-1.8.4/src/net.c:1419:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(s, " (file)");
data/eggdrop-1.8.4/src/net.c:1422:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(s, " (TLS)");
data/eggdrop-1.8.4/src/net.c:1425:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(s, " (tcl)");
data/eggdrop-1.8.4/src/net.c:1428:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&s[strlen(s)], " (inbuf: %04X)",
data/eggdrop-1.8.4/src/net.c:1431:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&s[strlen(s)], " (outbuf: %06lX)", socklist[i].handler.sock.outbuflen);
data/eggdrop-1.8.4/src/net.c:1455:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char badaddress[INET6_ADDRSTRLEN];
data/eggdrop-1.8.4/src/net.c:1459:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char badaddress[INET_ADDRSTRLEN];
data/eggdrop-1.8.4/src/net.c:1462:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int prt = atoi(port);
data/eggdrop-1.8.4/src/net.c:1481:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ip, name.addr.s6.sin6_addr.s6_addr + 12, sizeof ip);
data/eggdrop-1.8.4/src/net.c:1498:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char badaddress[INET6_ADDRSTRLEN];
data/eggdrop-1.8.4/src/net.c:1503:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostn[256];
data/eggdrop-1.8.4/src/tandem.h:28:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bot[HANDLEN + 1];
data/eggdrop-1.8.4/src/tandem.h:38:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nick[HANDLEN + 1];
data/eggdrop-1.8.4/src/tandem.h:39:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bot[HANDLEN + 1];
data/eggdrop-1.8.4/src/tcl.c:80:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char whois_fields[1025] = "";
data/eggdrop-1.8.4/src/tcl.c:146:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *s, s1[41];
data/eggdrop-1.8.4/src/tcl.c:180:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *s, s1[40];
data/eggdrop-1.8.4/src/tcl.c:260:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s1[127];
data/eggdrop-1.8.4/src/tcl.c:291:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
firewallport = atoi(s);
data/eggdrop-1.8.4/src/tcl.c:600:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *langEnv, pver[1024] = "";
data/eggdrop-1.8.4/src/tcldcc.c:77:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
j = findidx(atoi(argv[1]));
data/eggdrop-1.8.4/src/tcldcc.c:106:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
z = atoi(argv[1]);
data/eggdrop-1.8.4/src/tcldcc.c:120:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tputs(j, argv[3], atoi(argv[2]));
data/eggdrop-1.8.4/src/tcldcc.c:135:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
idx = findidx(atoi(argv[1]));
data/eggdrop-1.8.4/src/tcldcc.c:156:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[401];
data/eggdrop-1.8.4/src/tcldcc.c:170:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[11];
data/eggdrop-1.8.4/src/tcldcc.c:187:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[7];
data/eggdrop-1.8.4/src/tcldcc.c:192:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
idx = findidx(atoi(argv[1]));
data/eggdrop-1.8.4/src/tcldcc.c:215:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
idx = findidx(atoi(argv[1]));
data/eggdrop-1.8.4/src/tcldcc.c:234:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
chan = atoi(argv[2]);
data/eggdrop-1.8.4/src/tcldcc.c:269:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[401];
data/eggdrop-1.8.4/src/tcldcc.c:273:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
chan = atoi(argv[1]);
data/eggdrop-1.8.4/src/tcldcc.c:292:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = findidx(atoi(argv[1]));
data/eggdrop-1.8.4/src/tcldcc.c:325:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[2];
data/eggdrop-1.8.4/src/tcldcc.c:369:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = findidx(atoi(argv[1]));
data/eggdrop-1.8.4/src/tcldcc.c:385:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[2];
data/eggdrop-1.8.4/src/tcldcc.c:413:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = findidx(atoi(argv[1]));
data/eggdrop-1.8.4/src/tcldcc.c:419:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(argv[2]))
data/eggdrop-1.8.4/src/tcldcc.c:440:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char x[20];
data/eggdrop-1.8.4/src/tcldcc.c:445:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = findidx(atoi(argv[1]));
data/eggdrop-1.8.4/src/tcldcc.c:451:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int l = atoi(argv[2]);
data/eggdrop-1.8.4/src/tcldcc.c:481:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
idx = findidx(atoi(argv[1]));
data/eggdrop-1.8.4/src/tcldcc.c:514:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
idx = findidx(atoi(argv[1]));
data/eggdrop-1.8.4/src/tcldcc.c:528:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
idx = findidx(atoi(argv[1]));
data/eggdrop-1.8.4/src/tcldcc.c:558:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[401];
data/eggdrop-1.8.4/src/tcldcc.c:575:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[401];
data/eggdrop-1.8.4/src/tcldcc.c:590:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
idx = findidx(atoi(argv[1]));
data/eggdrop-1.8.4/src/tcldcc.c:627:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *p, sh[2], string[20];
data/eggdrop-1.8.4/src/tcldcc.c:628:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
EGG_CONST char *list[4];
data/eggdrop-1.8.4/src/tcldcc.c:651:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *p, idxstr[10], timestamp[11], other[160];
data/eggdrop-1.8.4/src/tcldcc.c:653:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
EGG_CONST char *list[6];
data/eggdrop-1.8.4/src/tcldcc.c:687:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[2], idle[32], work[20], *p;
data/eggdrop-1.8.4/src/tcldcc.c:689:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
EGG_CONST char *list[7];
data/eggdrop-1.8.4/src/tcldcc.c:705:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
chan = atoi(argv[1]);
data/eggdrop-1.8.4/src/tcldcc.c:764:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[20];
data/eggdrop-1.8.4/src/tcldcc.c:776:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[21];
data/eggdrop-1.8.4/src/tcldcc.c:780:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
idx = findidx(atoi(argv[1]));
data/eggdrop-1.8.4/src/tcldcc.c:798:17: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
idx = findidx(atol(argv[1]));
data/eggdrop-1.8.4/src/tcldcc.c:816:17: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
idx = findidx(atol(argv[1]));
data/eggdrop-1.8.4/src/tcldcc.c:833:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bot[HANDLEN + 1], bot2[HANDLEN + 1];
data/eggdrop-1.8.4/src/tcldcc.c:857:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char bot[HANDLEN + 1];
data/eggdrop-1.8.4/src/tcldcc.c:881:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[81];
data/eggdrop-1.8.4/src/tcldcc.c:895:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sock = open_telnet(i, argv[1], atoi(argv[2]));
data/eggdrop-1.8.4/src/tcldcc.c:938:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[11], msg[256];
data/eggdrop-1.8.4/src/tcldcc.c:943:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = realport = atoi(argv[1]);
data/eggdrop-1.8.4/src/tcldcc.c:1014:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(dcc[idx].nick, "(script)");
data/eggdrop-1.8.4/src/tcldcc.c:1038:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(dcc[idx].nick, "(bots)");
data/eggdrop-1.8.4/src/tcldcc.c:1040:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(dcc[idx].nick, "(users)");
data/eggdrop-1.8.4/src/tcldcc.c:1042:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(dcc[idx].nick, "(telnet)");
data/eggdrop-1.8.4/src/tcldcc.c:1071:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char who[NOTENAMELEN + 1];
data/eggdrop-1.8.4/src/tcldcc.c:1079:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char whonick[HANDLEN + 1];
data/eggdrop-1.8.4/src/tcldcc.c:1140:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/eggdrop-1.8.4/src/tcldcc.c:1145:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "irc %lu %lu %lu %lu", itraffic_irc_today, itraffic_irc +
data/eggdrop-1.8.4/src/tcldcc.c:1151:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "botnet %lu %lu %lu %lu", itraffic_bn_today, itraffic_bn +
data/eggdrop-1.8.4/src/tcldcc.c:1157:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "partyline %lu %lu %lu %lu", itraffic_dcc_today, itraffic_dcc +
data/eggdrop-1.8.4/src/tcldcc.c:1163:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "transfer %lu %lu %lu %lu", itraffic_trans_today,
data/eggdrop-1.8.4/src/tcldcc.c:1169:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "misc %lu %lu %lu %lu", itraffic_unknown_today,
data/eggdrop-1.8.4/src/tcldcc.c:1185:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "total %lu %lu %lu %lu", in_total_today, in_total,
data/eggdrop-1.8.4/src/tclhash.c:552:5: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
F(atoi(argv[1]), atoi(argv[2]), atoi(argv[3]), atoi(argv[4]), atoi(argv[5]));
data/eggdrop-1.8.4/src/tclhash.c:552:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
F(atoi(argv[1]), atoi(argv[2]), atoi(argv[3]), atoi(argv[4]), atoi(argv[5]));
data/eggdrop-1.8.4/src/tclhash.c:552:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
F(atoi(argv[1]), atoi(argv[2]), atoi(argv[3]), atoi(argv[4]), atoi(argv[5]));
data/eggdrop-1.8.4/src/tclhash.c:552:50: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
F(atoi(argv[1]), atoi(argv[2]), atoi(argv[3]), atoi(argv[4]), atoi(argv[5]));
data/eggdrop-1.8.4/src/tclhash.c:552:65: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
F(atoi(argv[1]), atoi(argv[2]), atoi(argv[3]), atoi(argv[4]), atoi(argv[5]));
data/eggdrop-1.8.4/src/tclhash.c:563:5: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
F(atoi(argv[1]), atoi(argv[2]), atoi(argv[3]), atoi(argv[4]), atoi(argv[5]));
data/eggdrop-1.8.4/src/tclhash.c:563:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
F(atoi(argv[1]), atoi(argv[2]), atoi(argv[3]), atoi(argv[4]), atoi(argv[5]));
data/eggdrop-1.8.4/src/tclhash.c:563:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
F(atoi(argv[1]), atoi(argv[2]), atoi(argv[3]), atoi(argv[4]), atoi(argv[5]));
data/eggdrop-1.8.4/src/tclhash.c:563:50: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
F(atoi(argv[1]), atoi(argv[2]), atoi(argv[3]), atoi(argv[4]), atoi(argv[5]));
data/eggdrop-1.8.4/src/tclhash.c:563:65: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
F(atoi(argv[1]), atoi(argv[2]), atoi(argv[3]), atoi(argv[4]), atoi(argv[5]));
data/eggdrop-1.8.4/src/tclhash.c:585:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
F(argv[1], argv[2], atoi(argv[3]));
data/eggdrop-1.8.4/src/tclhash.c:596:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
F(argv[1], argv[2], atoi(argv[3]), argv[4][0],
data/eggdrop-1.8.4/src/tclhash.c:597:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
argv[4][0] ? atoi(argv[4] + 1) : 0, argv[5]);
data/eggdrop-1.8.4/src/tclhash.c:610:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
idx = findidx(atoi(argv[1]));
data/eggdrop-1.8.4/src/tclhash.c:615:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
r = (((char *(*)()) F) (idx, argv[2]));
data/eggdrop-1.8.4/src/tclhash.c:630:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
idx = findanyidx(atoi(argv[2]));
data/eggdrop-1.8.4/src/tclhash.c:648:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ch = atoi(argv[2]);
data/eggdrop-1.8.4/src/tclhash.c:661:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
idx = findidx(atoi(argv[2]));
data/eggdrop-1.8.4/src/tclhash.c:706:5: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
F(atoi(argv[1]));
data/eggdrop-1.8.4/src/tclhash.c:978:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[11];
data/eggdrop-1.8.4/src/tclhash.c:982:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
Tcl_SetVar(interp, "_dcc1", (char *) dcc[idx].nick, 0);
data/eggdrop-1.8.4/src/tclhash.c:1016:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[11];
data/eggdrop-1.8.4/src/tclhash.c:1032:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[11];
data/eggdrop-1.8.4/src/tclhash.c:1072:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[11];
data/eggdrop-1.8.4/src/tclhash.c:1108:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[11];
data/eggdrop-1.8.4/src/tclhash.c:1122:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[11], t[2], u[11];
data/eggdrop-1.8.4/src/tclhash.c:1161:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char u[11], v[11];
data/eggdrop-1.8.4/src/tclhash.c:1175:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char u[11];
data/eggdrop-1.8.4/src/tclhash.c:1189:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char y[24];
data/eggdrop-1.8.4/src/tclhash.c:1246:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mask[512];
data/eggdrop-1.8.4/src/tclhash.c:1260:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[11];
data/eggdrop-1.8.4/src/tclhash.c:1276:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *name, *proc, *s, flg[100];
data/eggdrop-1.8.4/src/tclhash.c:1347:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char p[1024], *l;
data/eggdrop-1.8.4/src/tclhash.c:1369:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char p[1024], *l;
data/eggdrop-1.8.4/src/tclhash.h:67:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[5]; /* Name of the bind. */
data/eggdrop-1.8.4/src/tclmisc.c:79:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[151];
data/eggdrop-1.8.4/src/tclmisc.c:155:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char logtext[501];
data/eggdrop-1.8.4/src/tclmisc.c:166:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char logtext[501];
data/eggdrop-1.8.4/src/tclmisc.c:177:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char logtext[501];
data/eggdrop-1.8.4/src/tclmisc.c:189:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char logtext[501];
data/eggdrop-1.8.4/src/tclmisc.c:207:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *g, flg[100], hits[11];
data/eggdrop-1.8.4/src/tclmisc.c:208:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
EGG_CONST char *list[5];
data/eggdrop-1.8.4/src/tclmisc.c:255:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[16];
data/eggdrop-1.8.4/src/tclmisc.c:259:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(argv[1]) < 0) {
data/eggdrop-1.8.4/src/tclmisc.c:263:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (argc == 4 && atoi(argv[3]) < 0) {
data/eggdrop-1.8.4/src/tclmisc.c:268:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
x = add_timer(&timer, atoi(argv[1]), (argc == 4 ? atoi(argv[3]) : 1),
data/eggdrop-1.8.4/src/tclmisc.c:268:55: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
x = add_timer(&timer, atoi(argv[1]), (argc == 4 ? atoi(argv[3]) : 1),
data/eggdrop-1.8.4/src/tclmisc.c:279:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[16];
data/eggdrop-1.8.4/src/tclmisc.c:283:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(argv[1]) < 0) {
data/eggdrop-1.8.4/src/tclmisc.c:287:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (argc == 4 && atoi(argv[3]) < 0) {
data/eggdrop-1.8.4/src/tclmisc.c:292:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
x = add_timer(&utimer, atoi(argv[1]), (argc == 4 ? atoi(argv[3]) : 1),
data/eggdrop-1.8.4/src/tclmisc.c:292:56: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
x = add_timer(&utimer, atoi(argv[1]), (argc == 4 ? atoi(argv[3]) : 1),
data/eggdrop-1.8.4/src/tclmisc.c:308:28: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (remove_timer(&timer, atol(&argv[1][5])))
data/eggdrop-1.8.4/src/tclmisc.c:322:29: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (remove_timer(&utimer, atol(&argv[1][5])))
data/eggdrop-1.8.4/src/tclmisc.c:346:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[70];
data/eggdrop-1.8.4/src/tclmisc.c:351:7: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atol(argv[1]) <= 0) {
data/eggdrop-1.8.4/src/tclmisc.c:355:9: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sec = atol(argv[1]);
data/eggdrop-1.8.4/src/tclmisc.c:395:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[11];
data/eggdrop-1.8.4/src/tclmisc.c:408:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[25];
data/eggdrop-1.8.4/src/tclmisc.c:412:17: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tt = (time_t) atol(argv[1]);
data/eggdrop-1.8.4/src/tclmisc.c:420:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/eggdrop-1.8.4/src/tclmisc.c:427:9: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
t = atol(argv[2]);
data/eggdrop-1.8.4/src/tclmisc.c:442:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[INET6_ADDRSTRLEN];
data/eggdrop-1.8.4/src/tclmisc.c:444:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[INET_ADDRSTRLEN];
data/eggdrop-1.8.4/src/tclmisc.c:459:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[11];
data/eggdrop-1.8.4/src/tclmisc.c:463:7: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atol(argv[1]);
data/eggdrop-1.8.4/src/tclmisc.c:484:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[5], from[NOTENAMELEN + 1], to[NOTENAMELEN + 1], msg[451];
data/eggdrop-1.8.4/src/tclmisc.c:498:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nick[NICKLEN];
data/eggdrop-1.8.4/src/tclmisc.c:516:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(argv[1]);
data/eggdrop-1.8.4/src/tclmisc.c:538:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[1024];
data/eggdrop-1.8.4/src/tclmisc.c:597:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *p, s[24], s2[24];
data/eggdrop-1.8.4/src/tclmisc.c:598:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
EGG_CONST char *list[100], *list2[2];
data/eggdrop-1.8.4/src/tclmisc.c:623:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
Tcl_Free((char *) list[i]);
data/eggdrop-1.8.4/src/tclmisc.c:716:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char digest_string[33], *string;
data/eggdrop-1.8.4/src/tclmisc.c:717:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[16];
data/eggdrop-1.8.4/src/tclmisc.c:730:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(digest_string + (i * 2), "%.2x", digest[i]);
data/eggdrop-1.8.4/src/tclmisc.c:750:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (cidr_match(argv[1], argv[2], atoi(argv[3])))
data/eggdrop-1.8.4/src/tclmisc.c:775:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[15];
data/eggdrop-1.8.4/src/tcluser.c:81:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *chan, *chg, work[100];
data/eggdrop-1.8.4/src/tcluser.c:164:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *chan, *chg, work[100];
data/eggdrop-1.8.4/src/tcluser.c:284:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
for (p = (unsigned char *) argv[1]; *p; p++)
data/eggdrop-1.8.4/src/tcluser.c:302:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *p, *q, addr[75], hand[HANDLEN + 1];
data/eggdrop-1.8.4/src/tcluser.c:420:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bi->telnet_port = atoi(q);
data/eggdrop-1.8.4/src/tcluser.c:431:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bi->relay_port = atoi(p);
data/eggdrop-1.8.4/src/tcluser.c:517:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newhand[HANDLEN + 1];
data/eggdrop-1.8.4/src/tcluser.c:576:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ign[UHOSTLEN], cmt[66], from[HANDLEN + 1];
data/eggdrop-1.8.4/src/tcluser.c:587:22: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (argc == 5 && atol(argv[4]) == 0)
data/eggdrop-1.8.4/src/tcluser.c:590:33: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
expire_time = now + (60 * atol(argv[4])); /* This is a potential crash. FIXME -poptix */
data/eggdrop-1.8.4/src/tcluser.c:606:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expire[11], added[11], *p;
data/eggdrop-1.8.4/src/tcluser.c:608:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
EGG_CONST char *list[5];
data/eggdrop-1.8.4/src/tls.c:42:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tls_capath[121] = ""; /* Path to trusted CA certificates */
data/eggdrop-1.8.4/src/tls.c:43:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tls_cafile[121] = ""; /* File containing trusted CA certificates */
data/eggdrop-1.8.4/src/tls.c:44:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tls_certfile[121] = ""; /* Our own digital certificate ;) */
data/eggdrop-1.8.4/src/tls.c:45:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tls_keyfile[121] = ""; /* Private key for use with eggdrop */
data/eggdrop-1.8.4/src/tls.c:46:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tls_ciphers[2049] = ""; /* A list of ciphers for SSL to use */
data/eggdrop-1.8.4/src/tls.c:75:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stackdata[1024];
data/eggdrop-1.8.4/src/tls.c:76:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char rand_file[120];
data/eggdrop-1.8.4/src/tls.c:88:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fh = fopen("/dev/urandom", "r"))) {
data/eggdrop-1.8.4/src/tls.c:246:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char fp[64];
data/eggdrop-1.8.4/src/tls.c:247:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char md[EVP_MAX_MD_SIZE];
data/eggdrop-1.8.4/src/tls.c:429:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, data, len); /* don't strlcpy() for it would read data[len] */
data/eggdrop-1.8.4/src/tls.c:462:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, data, len); /* don't strlcpy() for it would read data[len] */
data/eggdrop-1.8.4/src/tls.c:489:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, data, len); /* don't strlcpy() for it would read data[len] */
data/eggdrop-1.8.4/src/tls.c:508:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char md[EVP_MAX_MD_SIZE];
data/eggdrop-1.8.4/src/tls.c:627:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/eggdrop-1.8.4/src/tls.c:833:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
j = findidx(atoi(argv[1]));
data/eggdrop-1.8.4/src/tls.c:855:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
j = findidx(atoi(argv[1]));
data/eggdrop-1.8.4/src/tls.c:894:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = findanyidx(atoi(argv[1]));
data/eggdrop-1.8.4/src/userent.c:242:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char new[32];
data/eggdrop-1.8.4/src/userent.c:309:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
li->laston = atoi(arg);
data/eggdrop-1.8.4/src/userent.c:318:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char work[1024];
data/eggdrop-1.8.4/src/userent.c:377:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char number[20];
data/eggdrop-1.8.4/src/userent.c:394:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(number, "%lu ", tv);
data/eggdrop-1.8.4/src/userent.c:428:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cr->laston = atoi(argv[3]);
data/eggdrop-1.8.4/src/userent.c:442:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
li->laston = atoi(argv[3]);
data/eggdrop-1.8.4/src/userent.c:506:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bi->telnet_port = atoi(q);
data/eggdrop-1.8.4/src/userent.c:512:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bi->relay_port = atoi(q + 1);
data/eggdrop-1.8.4/src/userent.c:515:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bi->relay_port = atoi(q + 1);
data/eggdrop-1.8.4/src/userent.c:534:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char work[1024], *p, *q = work;
data/eggdrop-1.8.4/src/userent.c:698:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bi->telnet_port = atoi(argv[4]);
data/eggdrop-1.8.4/src/userent.c:700:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bi->relay_port = atoi(argv[4]);
data/eggdrop-1.8.4/src/userent.c:711:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bi->relay_port = atoi(argv[5]);
data/eggdrop-1.8.4/src/userent.c:759:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bi->telnet_port = atoi(arg);
data/eggdrop-1.8.4/src/userent.c:760:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bi->relay_port = atoi(buf);
data/eggdrop-1.8.4/src/userent.c:1147:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[1024];
data/eggdrop-1.8.4/src/userent.c:1151:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s, " HOSTS: ");
data/eggdrop-1.8.4/src/userent.c:1162:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(s, ", ");
data/eggdrop-1.8.4/src/userrec.c:52:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char x[1024];
data/eggdrop-1.8.4/src/userrec.c:66:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char x[1024];
data/eggdrop-1.8.4/src/userrec.c:168:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char uhost[UHOSTLEN];
data/eggdrop-1.8.4/src/userrec.c:310:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host2[UHOSTLEN];
data/eggdrop-1.8.4/src/userrec.c:352:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *cmp, new[32];
data/eggdrop-1.8.4/src/userrec.c:381:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[181];
data/eggdrop-1.8.4/src/userrec.c:536:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s1[81];
data/eggdrop-1.8.4/src/userrec.c:547:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(new_userfile, "w");
data/eggdrop-1.8.4/src/userrec.c:581:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[HANDLEN + 1];
data/eggdrop-1.8.4/src/userrec.c:641:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(xk->key, "created");
data/eggdrop-1.8.4/src/userrec.c:645:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(xk->data, "%li", tv);
data/eggdrop-1.8.4/src/userrec.c:673:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char x[100];
data/eggdrop-1.8.4/src/userrec.c:865:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char word[512];
data/eggdrop-1.8.4/src/users.c:49:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char userfile[121] = ""; /* where the user records are stored */
data/eggdrop-1.8.4/src/users.c:68:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[UHOSTLEN];
data/eggdrop-1.8.4/src/users.c:71:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!strchr(ign, '!') && (j = atoi(ign))) {
data/eggdrop-1.8.4/src/users.c:150:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dates[81], s[41];
data/eggdrop-1.8.4/src/users.c:158:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s, "(perm)");
data/eggdrop-1.8.4/src/users.c:160:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s1[29];
data/eggdrop-1.8.4/src/users.c:273:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi(expi), flags, atoi(add), atoi(last));
data/eggdrop-1.8.4/src/users.c:273:48: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi(expi), flags, atoi(add), atoi(last));
data/eggdrop-1.8.4/src/users.c:273:59: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi(expi), flags, atoi(add), atoi(last));
data/eggdrop-1.8.4/src/users.c:284:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi(expi), flags, now, 0);
data/eggdrop-1.8.4/src/users.c:327:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
desc, atoi(expi), flags, atoi(add), atoi(last));
data/eggdrop-1.8.4/src/users.c:327:54: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
desc, atoi(expi), flags, atoi(add), atoi(last));
data/eggdrop-1.8.4/src/users.c:327:65: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
desc, atoi(expi), flags, atoi(add), atoi(last));
data/eggdrop-1.8.4/src/users.c:338:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
desc, atoi(expi), flags, now, 0);
data/eggdrop-1.8.4/src/users.c:381:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
desc, atoi(expi), flags, atoi(add),
data/eggdrop-1.8.4/src/users.c:381:54: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
desc, atoi(expi), flags, atoi(add),
data/eggdrop-1.8.4/src/users.c:382:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi(last));
data/eggdrop-1.8.4/src/users.c:393:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
desc, atoi(expi), flags, now, 0);
data/eggdrop-1.8.4/src/users.c:437:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
p->expire = atoi(expi);
data/eggdrop-1.8.4/src/users.c:438:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
p->added = atoi(added);
data/eggdrop-1.8.4/src/users.c:457:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[81], s1[81], format[81];
data/eggdrop-1.8.4/src/users.c:476:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s1, "never");
data/eggdrop-1.8.4/src/users.c:495:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s1, "never");
data/eggdrop-1.8.4/src/users.c:523:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[81];
data/eggdrop-1.8.4/src/users.c:544:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[81];
data/eggdrop-1.8.4/src/users.c:653:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *p, buf[512], lasthand[512], *attr, *pass, *code, s1[512], *s;
data/eggdrop-1.8.4/src/users.c:658:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ignored[LOGLINEMAX]; /* putlog() will truncate anything larger anyway */
data/eggdrop-1.8.4/src/users.c:673:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(file, "r");
data/eggdrop-1.8.4/src/users.c:760:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cr->laston = atoi(st);
data/eggdrop-1.8.4/src/users.h:148:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char channel[CHANNELLEN + 1];
data/eggdrop-1.8.4/src/users.h:159:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char handle[HANDLEN + 1];
data/eggdrop-1.8.4/src/bg.c:158:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (read(bg.comm_recv, &message, sizeof(message)) > 0) {
data/eggdrop-1.8.4/src/bg.c:172:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(bg.comm_recv, pid_file, message.comm_data.transferpf.len) <= 0)
data/eggdrop-1.8.4/src/bg.c:194:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
message.comm_data.transferpf.len = strlen(pid_file);
data/eggdrop-1.8.4/src/botcmd.c:326:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(c->dname);
data/eggdrop-1.8.4/src/botcmd.c:335:11: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(s, ",");
data/eggdrop-1.8.4/src/botcmd.c:343:7: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(s, c->dname, ssize);
data/eggdrop-1.8.4/src/botcmd.c:501:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(s2, "s");
data/eggdrop-1.8.4/src/botcmd.c:508:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&s2[strlen(s2)], "%02d:%02d", (int) hr, (int) min);
data/eggdrop-1.8.4/src/botcmd.c:513:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(s) + strlen(chan->dname) + strlen(network)
data/eggdrop-1.8.4/src/botcmd.c:513:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(s) + strlen(chan->dname) + strlen(network)
data/eggdrop-1.8.4/src/botcmd.c:513:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(s) + strlen(chan->dname) + strlen(network)
data/eggdrop-1.8.4/src/botcmd.c:514:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(botnetnick) + strlen(ver) + 1) >= 200) {
data/eggdrop-1.8.4/src/botcmd.c:514:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(botnetnick) + strlen(ver) + 1) >= 200) {
data/eggdrop-1.8.4/src/botcmd.c:523:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s[strlen(s) - 2] = 0;
data/eggdrop-1.8.4/src/botcmd.c:1051:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (s[strlen(s) - 1] == '\n')
data/eggdrop-1.8.4/src/botcmd.c:1052:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s[strlen(s) - 1] = 0;
data/eggdrop-1.8.4/src/botcmd.c:1054:11: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(s, " ");
data/eggdrop-1.8.4/src/botmsg.c:768:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(msg) > 450)
data/eggdrop-1.8.4/src/botmsg.c:787:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(from) > FROMLEN)
data/eggdrop-1.8.4/src/botnet.c:59:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += strlen(party[i].away) + 1;
data/eggdrop-1.8.4/src/botnet.c:61:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += strlen(party[i].from) + 1;
data/eggdrop-1.8.4/src/botnet.c:96:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ptr2->bot, who, HANDLEN);
data/eggdrop-1.8.4/src/botnet.c:164:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
party[i].from = nmalloc(strlen(from) + 1);
data/eggdrop-1.8.4/src/botnet.c:176:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(party[parties].nick, nick, HANDLEN);
data/eggdrop-1.8.4/src/botnet.c:178:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(party[parties].bot, bot, HANDLEN);
data/eggdrop-1.8.4/src/botnet.c:189:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
party[parties].from = nmalloc(strlen(from) + 1);
data/eggdrop-1.8.4/src/botnet.c:268:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(party[i].nick, nick, HANDLEN);
data/eggdrop-1.8.4/src/botnet.c:288:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
party[i].away = nmalloc(strlen(msg) + 1);
data/eggdrop-1.8.4/src/botnet.c:305:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(whoin);
data/eggdrop-1.8.4/src/botnet.c:458:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = strlen(dcc[i].nick);
data/eggdrop-1.8.4/src/botnet.c:461:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = strlen(botnetnick);
data/eggdrop-1.8.4/src/botnet.c:468:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = strlen(party[i].nick);
data/eggdrop-1.8.4/src/botnet.c:471:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = strlen(party[i].bot);
data/eggdrop-1.8.4/src/botnet.c:562:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(botnetnick);
data/eggdrop-1.8.4/src/botnet.c:575:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i += strlen(bot->bot);
data/eggdrop-1.8.4/src/botnet.c:606:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i += strlen(bot->bot);
data/eggdrop-1.8.4/src/botnet.c:1014:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!bi || !strlen(bi->address) || !bi->telnet_port ||
data/eggdrop-1.8.4/src/botnet.c:1051:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dcc[i].u.dns->cptr = get_data_ptr(strlen(linker) + 1);
data/eggdrop-1.8.4/src/botnet.c:1053:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dcc[i].u.dns->host = get_data_ptr(strlen(dcc[i].host) + 1);
data/eggdrop-1.8.4/src/botnet.c:1172:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!bi || !strlen(bi->address) || !bi->relay_port || (bi->relay_port <= 0)) {
data/eggdrop-1.8.4/src/botnet.c:1216:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dcc[i].u.dns->host = get_data_ptr(strlen(bi->address) + 1);
data/eggdrop-1.8.4/src/botnet.c:1618:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tputs(dcc[idx].sock, buf, strlen(buf));
data/eggdrop-1.8.4/src/chanprog.c:79:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (q = s + strlen(s) - 1; q >= s && egg_isspace(*q); q--);
data/eggdrop-1.8.4/src/chanprog.c:225:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tot += sizeof(tcl_timer_t) + strlen(t->cmd) + 1;
data/eggdrop-1.8.4/src/chanprog.c:227:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tot += sizeof(tcl_timer_t) + strlen(t->cmd) + 1;
data/eggdrop-1.8.4/src/chanprog.c:263:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(s, "s");
data/eggdrop-1.8.4/src/chanprog.c:270:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&s[strlen(s)], "%02d:%02d", (int) hr, (int) min);
data/eggdrop-1.8.4/src/chanprog.c:318:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(s, "s");
data/eggdrop-1.8.4/src/chanprog.c:325:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&s[strlen(s)], "%02d:%02d", (int) hr, (int) min);
data/eggdrop-1.8.4/src/chanprog.c:515:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (helpdir[strlen(helpdir) - 1] != '/')
data/eggdrop-1.8.4/src/chanprog.c:516:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(helpdir, "/");
data/eggdrop-1.8.4/src/chanprog.c:569:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(*stack)->cmd = nmalloc(strlen(cmd) + 1);
data/eggdrop-1.8.4/src/chanprog.c:706:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(owner) + sizeof EGG_BG_HANDLE < sizeof owner)
data/eggdrop-1.8.4/src/cmds.c:117:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(dcc[i].nick) > nicklen)
data/eggdrop-1.8.4/src/cmds.c:118:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nicklen = strlen(dcc[i].nick);
data/eggdrop-1.8.4/src/cmds.c:140:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&s[strlen(s)], " (con:%s)",
data/eggdrop-1.8.4/src/cmds.c:150:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&s[strlen(s)], " (idle %lud%luh)", days, hrs);
data/eggdrop-1.8.4/src/cmds.c:152:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&s[strlen(s)], " (idle %luh%lum)", hrs, mins);
data/eggdrop-1.8.4/src/cmds.c:154:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&s[strlen(s)], " (idle %lum)", mins);
data/eggdrop-1.8.4/src/cmds.c:203:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&s[strlen(s)], "(%5d) ", dcc[i].u.chat->channel);
data/eggdrop-1.8.4/src/cmds.c:208:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&s[strlen(s)], " (con:%s)",
data/eggdrop-1.8.4/src/cmds.c:214:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&s[strlen(s)], " (idle %dm)", k);
data/eggdrop-1.8.4/src/cmds.c:216:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&s[strlen(s)], " (idle %dh%dm)", k / 60, k % 60);
data/eggdrop-1.8.4/src/cmds.c:260:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(s2, "s");
data/eggdrop-1.8.4/src/cmds.c:267:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&s2[strlen(s2)], "%02d:%02d", (int) hr, (int) min);
data/eggdrop-1.8.4/src/cmds.c:275:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(s) + strlen(chan->dname) + strlen(network)
data/eggdrop-1.8.4/src/cmds.c:275:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(s) + strlen(chan->dname) + strlen(network)
data/eggdrop-1.8.4/src/cmds.c:275:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(s) + strlen(chan->dname) + strlen(network)
data/eggdrop-1.8.4/src/cmds.c:276:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(botnetnick) + strlen(ver) + 1) >= 490) {
data/eggdrop-1.8.4/src/cmds.c:276:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(botnetnick) + strlen(ver) + 1) >= 490) {
data/eggdrop-1.8.4/src/cmds.c:286:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s[strlen(s) - 2] = 0;
data/eggdrop-1.8.4/src/cmds.c:387:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(par) > 60)
data/eggdrop-1.8.4/src/cmds.c:406:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(new) > 16)
data/eggdrop-1.8.4/src/cmds.c:408:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(new) < 6) {
data/eggdrop-1.8.4/src/cmds.c:811:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(handle) > HANDLEN)
data/eggdrop-1.8.4/src/cmds.c:876:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(addr) > 60)
data/eggdrop-1.8.4/src/cmds.c:881:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
addr[strlen(addr)-1] = 0;
data/eggdrop-1.8.4/src/cmds.c:882:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(addr, addr + 1, strlen(addr));
data/eggdrop-1.8.4/src/cmds.c:890:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bi->address = user_malloc(strlen(addr) + 1);
data/eggdrop-1.8.4/src/cmds.c:960:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < strlen(newhand); i++)
data/eggdrop-1.8.4/src/cmds.c:1006:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < strlen(newhandle); i++)
data/eggdrop-1.8.4/src/cmds.c:1057:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(new = newsplit(&par));
data/eggdrop-1.8.4/src/cmds.c:1216:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(addr) > UHOSTMAX)
data/eggdrop-1.8.4/src/cmds.c:1239:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
addr[strlen(addr)-1] = 0;
data/eggdrop-1.8.4/src/cmds.c:1240:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(addr, addr + 1, strlen(addr));
data/eggdrop-1.8.4/src/cmds.c:1243:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bi->address = user_malloc(strlen(addr) + 1);
data/eggdrop-1.8.4/src/cmds.c:1398:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dcc[i].type->activity(i, par, strlen(par));
data/eggdrop-1.8.4/src/cmds.c:1684:11: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(dcc[i].u.chat->con_chan, "*");
data/eggdrop-1.8.4/src/cmds.c:1759:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmpchg = nmalloc(strlen(chg) + 2);
data/eggdrop-1.8.4/src/cmds.c:1760:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(tmpchg, "|");
data/eggdrop-1.8.4/src/cmds.c:1948:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmpchg = nmalloc(strlen(chg) + 2);
data/eggdrop-1.8.4/src/cmds.c:1949:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(tmpchg, "|");
data/eggdrop-1.8.4/src/cmds.c:2386:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dcc[idx].u.chat->away = get_data_ptr(strlen(dcc[idx].nick) + 1);
data/eggdrop-1.8.4/src/cmds.c:2388:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dcc[idx].u.chat->su_nick = get_data_ptr(strlen(dcc[idx].nick) + 1);
data/eggdrop-1.8.4/src/cmds.c:2405:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dcc[idx].u.chat->su_nick = get_data_ptr(strlen(dcc[idx].nick) + 1);
data/eggdrop-1.8.4/src/cmds.c:2642:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen(par) > 65)
data/eggdrop-1.8.4/src/cmds.c:2644:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(who) > UHOSTMAX - 4)
data/eggdrop-1.8.4/src/cmds.c:2699:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(handle) > HANDLEN)
data/eggdrop-1.8.4/src/compat/gnu_strftime.c:396:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
# define aw_len strlen (a_wkday)
data/eggdrop-1.8.4/src/compat/gnu_strftime.c:397:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
# define am_len strlen (a_month)
data/eggdrop-1.8.4/src/compat/gnu_strftime.c:398:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
# define ap_len strlen (ampm)
data/eggdrop-1.8.4/src/compat/gnu_strftime.c:516:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen (f + len);
data/eggdrop-1.8.4/src/compat/gnu_strftime.c:641:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cpy (strlen (f_wkday), f_wkday);
data/eggdrop-1.8.4/src/compat/gnu_strftime.c:667:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cpy (strlen (f_month), f_month);
data/eggdrop-1.8.4/src/compat/gnu_strftime.c:734:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen (era->name_fmt);
data/eggdrop-1.8.4/src/compat/gnu_strftime.c:803:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t digitlen = strlen (cp);
data/eggdrop-1.8.4/src/compat/gnu_strftime.c:1124:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cpy (strlen (zone), zone);
data/eggdrop-1.8.4/src/compat/inet_ntop.c:50:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
# define SPRINTF(x) strlen(sprintf/**/x)
data/eggdrop-1.8.4/src/compat/inet_ntop.c:200:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tp += strlen(tp);
data/eggdrop-1.8.4/src/compat/snprintf.c:711:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (strlen(str));
data/eggdrop-1.8.4/src/compat/snprintf.c:738:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (strlen(str));
data/eggdrop-1.8.4/src/dcc.c:364:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MD5_Update(&md5context, (unsigned char *) challenge, strlen(challenge));
data/eggdrop-1.8.4/src/dcc.c:365:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MD5_Update(&md5context, (unsigned char *) password, strlen(password));
data/eggdrop-1.8.4/src/dcc.c:482:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(buf);
data/eggdrop-1.8.4/src/dcc.c:643:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(digest_string));
data/eggdrop-1.8.4/src/dcc.c:644:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MD5_Update(&md5context, (unsigned char *) botnetnick, strlen(botnetnick));
data/eggdrop-1.8.4/src/dcc.c:646:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MD5_Update(&md5context, (unsigned char *) password, strlen(password));
data/eggdrop-1.8.4/src/dcc.c:829:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tot += strlen(p->away) + 1;
data/eggdrop-1.8.4/src/dcc.c:841:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tot += strlen(p->su_nick) + 1;
data/eggdrop-1.8.4/src/dcc.c:951:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int l = strlen(line);
data/eggdrop-1.8.4/src/dcc.c:1002:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tputs(dcc[idx].sock, y, strlen(y));
data/eggdrop-1.8.4/src/dcc.c:1332:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(dcc[i].nick, "*");
data/eggdrop-1.8.4/src/dcc.c:1371:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
userhost = s + strlen("-telnet!");
data/eggdrop-1.8.4/src/dcc.c:1399:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(dcc[i].nick, "*");
data/eggdrop-1.8.4/src/dcc.c:1446:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(dcc[j].nick, "*");
data/eggdrop-1.8.4/src/dcc.c:1855:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tputs(dcc[idx].sock, buf, strlen(buf));
data/eggdrop-1.8.4/src/dcc.c:1906:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (x = 0; x < strlen(buf); x++)
data/eggdrop-1.8.4/src/dcc.c:1973:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf) < 4) {
data/eggdrop-1.8.4/src/dcc.c:1978:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (x = 0; x < strlen(buf); x++)
data/eggdrop-1.8.4/src/dcc.c:2201:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tputs(dcc[idx].sock, buf, strlen(buf));
data/eggdrop-1.8.4/src/dcc.c:2418:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(dcc[i].nick, "*");
data/eggdrop-1.8.4/src/dccutil.c:173:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf);
data/eggdrop-1.8.4/src/dccutil.c:207:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, "\n");
data/eggdrop-1.8.4/src/dccutil.c:213:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tputs(dcc[idx].sock, p, strlen(p));
data/eggdrop-1.8.4/src/dccutil.c:232:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(s);
data/eggdrop-1.8.4/src/dccutil.c:259:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(s);
data/eggdrop-1.8.4/src/dccutil.c:289:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(dcc[idx].u.chat->con_chan, "*");
data/eggdrop-1.8.4/src/dccutil.c:405:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(dcc[i].nick) > nicklen)
data/eggdrop-1.8.4/src/dccutil.c:406:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nicklen = strlen(dcc[i].nick);
data/eggdrop-1.8.4/src/dccutil.c:476:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dcc[idx].u.chat->away = nmalloc(strlen(s) + 1);
data/eggdrop-1.8.4/src/dns.c:76:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += strlen(p->host) + 1;
data/eggdrop-1.8.4/src/dns.c:78:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += strlen(p->cbuf) + 1;
data/eggdrop-1.8.4/src/dns.c:133:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dcc[idx].u.dns->host = get_data_ptr(strlen(hostn) + 1);
data/eggdrop-1.8.4/src/dns.c:206:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
de->res_data.hostname = nmalloc(strlen(hostn) + 1);
data/eggdrop-1.8.4/src/dns.c:291:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l += strlen(tclinfo->proc) + 1;
data/eggdrop-1.8.4/src/dns.c:293:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l += strlen(tclinfo->paras) + 1;
data/eggdrop-1.8.4/src/dns.c:324:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
de->res_data.hostname = nmalloc(strlen(hostn) + 1);
data/eggdrop-1.8.4/src/dns.c:329:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tclinfo->proc = nmalloc(strlen(proc) + 1);
data/eggdrop-1.8.4/src/dns.c:332:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tclinfo->paras = nmalloc(strlen(paras) + 1);
data/eggdrop-1.8.4/src/dns.c:360:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tclinfo->proc = nmalloc(strlen(proc) + 1);
data/eggdrop-1.8.4/src/dns.c:365:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tclinfo->paras = nmalloc(strlen(paras) + 1);
data/eggdrop-1.8.4/src/dns.c:388:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tot += strlen(de->res_data.hostname) + 1;
data/eggdrop-1.8.4/src/flags.c:36:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < strlen(s); i++)
data/eggdrop-1.8.4/src/language.c:127:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lp->lang = nmalloc(strlen(lang) + 1);
data/eggdrop-1.8.4/src/language.c:170:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l->text = nmalloc(strlen(ltext) + 1);
data/eggdrop-1.8.4/src/language.c:184:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l->text = nmalloc(strlen(ltext) + 1);
data/eggdrop-1.8.4/src/language.c:231:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ltext = nrealloc(ltext, strlen(ltext) + sizeof lbuf), lskip = 0) {
data/eggdrop-1.8.4/src/language.c:320:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ls->section = nmalloc(strlen(section) + 1);
data/eggdrop-1.8.4/src/language.c:378:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
langfile = nmalloc(strlen(ldir) + strlen(sec->section) + strlen(language) +
data/eggdrop-1.8.4/src/language.c:378:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
langfile = nmalloc(strlen(ldir) + strlen(sec->section) + strlen(language) +
data/eggdrop-1.8.4/src/language.c:378:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
langfile = nmalloc(strlen(ldir) + strlen(sec->section) + strlen(language) +
data/eggdrop-1.8.4/src/language.c:384:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sec->lang = nrealloc(sec->lang, strlen(language) + 1);
data/eggdrop-1.8.4/src/language.c:455:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = nmalloc(strlen(par) + 1);
data/eggdrop-1.8.4/src/language.c:534:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(par) > 2 && par[0] == '0' && par[1] == 'x')
data/eggdrop-1.8.4/src/language.c:573:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += (strlen(l->text) + 1);
data/eggdrop-1.8.4/src/language.c:578:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += strlen(ls->section) + 1;
data/eggdrop-1.8.4/src/language.c:580:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += strlen(ls->lang) + 1;
data/eggdrop-1.8.4/src/language.c:585:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += strlen(lp->lang) + 1;
data/eggdrop-1.8.4/src/language.c:648:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = nmalloc(strlen(argv[1]) + 1);
data/eggdrop-1.8.4/src/main.c:865:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
itraffic_bn_today += strlen(buf) + 1;
data/eggdrop-1.8.4/src/main.c:867:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
itraffic_irc_today += strlen(buf) + 1;
data/eggdrop-1.8.4/src/main.c:869:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
itraffic_dcc_today += strlen(buf) + 1;
data/eggdrop-1.8.4/src/main.c:871:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
itraffic_dcc_today += strlen(buf) + 1;
data/eggdrop-1.8.4/src/main.c:873:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
itraffic_trans_today += strlen(buf) + 1;
data/eggdrop-1.8.4/src/main.c:875:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
itraffic_trans_today += strlen(buf) + 1;
data/eggdrop-1.8.4/src/main.c:877:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
itraffic_trans_today += strlen(buf) + 1;
data/eggdrop-1.8.4/src/main.c:879:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
itraffic_unknown_today += strlen(buf) + 1;
data/eggdrop-1.8.4/src/main.c:1080:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
egg_snprintf(&egg_version[strlen(egg_version)], sizeof egg_version,
data/eggdrop-1.8.4/src/main.c:1088:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&egg_version[strlen(egg_version)], " %u", egg_numver);
data/eggdrop-1.8.4/src/main.c:1163:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(&s[11], &s[20], strlen(&s[20])+1);
data/eggdrop-1.8.4/src/match.c:443:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = nmalloc(strlen(mask) + 1);
data/eggdrop-1.8.4/src/mem.c:258:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&sofar[strlen(sofar)], "%-10s/%-4d:(%04d) ",
data/eggdrop-1.8.4/src/mem.c:261:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&sofar[strlen(sofar)], "%-4d:(%04d) ",
data/eggdrop-1.8.4/src/mem.c:264:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(sofar) > 60) {
data/eggdrop-1.8.4/src/mem.c:265:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sofar[strlen(sofar) - 1] = 0;
data/eggdrop-1.8.4/src/mem.c:274:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sofar[strlen(sofar) - 1] = 0;
data/eggdrop-1.8.4/src/mem.c:298:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&sofar[strlen(sofar)], "%-10s/%-4d:(%04X) ", p + 1,
data/eggdrop-1.8.4/src/mem.c:300:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(sofar) > 60) {
data/eggdrop-1.8.4/src/mem.c:301:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sofar[strlen(sofar) - 1] = 0;
data/eggdrop-1.8.4/src/mem.c:310:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sofar[strlen(sofar) - 1] = 0;
data/eggdrop-1.8.4/src/mem.c:348:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(memtbl[i].file, p ? p + 1 : file, 19);
data/eggdrop-1.8.4/src/mem.c:385:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(memtbl[i].file, p ? p + 1 : file, 19);
data/eggdrop-1.8.4/src/misc.c:88:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tot += sizeof(struct help_ref) + strlen(current->name) + 1;
data/eggdrop-1.8.4/src/misc.c:91:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tot += sizeof(struct help_list_t) + strlen(item->name) + 1;
data/eggdrop-1.8.4/src/misc.c:211:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(rest, p + 1, strlen(p + 1) + 1);
data/eggdrop-1.8.4/src/misc.c:337:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(nw, s, u - s);
data/eggdrop-1.8.4/src/misc.c:352:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(nw, u, h - u);
data/eggdrop-1.8.4/src/misc.c:358:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(nw, "*");
data/eggdrop-1.8.4/src/misc.c:374:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(nw, h, ++p - h);
data/eggdrop-1.8.4/src/misc.c:376:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(nw, "*");
data/eggdrop-1.8.4/src/misc.c:398:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(nw, h, p - h);
data/eggdrop-1.8.4/src/misc.c:409:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (d > 3 || (d == 3 && strlen(p) > 3))
data/eggdrop-1.8.4/src/misc.c:414:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(nw, "*");
data/eggdrop-1.8.4/src/misc.c:424:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int max_data_len = 500 - strlen(prefix);
data/eggdrop-1.8.4/src/misc.c:430:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (strlen(p) > max_data_len) {
data/eggdrop-1.8.4/src/misc.c:535:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(stamp, " ");
data/eggdrop-1.8.4/src/misc.c:536:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tsl = strlen(stamp);
data/eggdrop-1.8.4/src/misc.c:574:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(out, "\n");
data/eggdrop-1.8.4/src/misc.c:750:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
colstr = nrealloc(colstr, strlen(colstr) + strlen(newcol) +
data/eggdrop-1.8.4/src/misc.c:750:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
colstr = nrealloc(colstr, strlen(colstr) + strlen(newcol) +
data/eggdrop-1.8.4/src/misc.c:766:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = strlen(q); i < colwidth; i++)
data/eggdrop-1.8.4/src/misc.c:767:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(s, " ");
data/eggdrop-1.8.4/src/misc.c:836:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(writeidx, readidx, (s + HELP_BUF_LEN) - writeidx);
data/eggdrop-1.8.4/src/misc.c:941:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(chan->dname) + writeidx + 2) >= (s + HELP_BUF_LEN)) {
data/eggdrop-1.8.4/src/misc.c:942:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(writeidx, chan->dname, (s + HELP_BUF_LEN) - writeidx);
data/eggdrop-1.8.4/src/misc.c:1021:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((writeidx + strlen(towrite)) >= (s + HELP_BUF_LEN)) {
data/eggdrop-1.8.4/src/misc.c:1022:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(writeidx, towrite, (s + HELP_BUF_LEN) - writeidx);
data/eggdrop-1.8.4/src/misc.c:1037:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(readidx);
data/eggdrop-1.8.4/src/misc.c:1039:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(writeidx, readidx, (s + HELP_BUF_LEN) - writeidx);
data/eggdrop-1.8.4/src/misc.c:1048:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = 35 - (strlen(xx) / 2);
data/eggdrop-1.8.4/src/misc.c:1107:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
current->name = nmalloc(strlen(file) + 1);
data/eggdrop-1.8.4/src/misc.c:1223:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (s[strlen(s) - 1] == '\n')
data/eggdrop-1.8.4/src/misc.c:1224:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s[strlen(s) - 1] = 0;
data/eggdrop-1.8.4/src/misc.c:1226:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(s, " ");
data/eggdrop-1.8.4/src/misc.c:1228:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((s[0]) && (strlen(s) > 1)) {
data/eggdrop-1.8.4/src/misc.c:1254:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (s[strlen(s) - 1] == '\n')
data/eggdrop-1.8.4/src/misc.c:1255:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s[strlen(s) - 1] = 0;
data/eggdrop-1.8.4/src/misc.c:1257:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(s, " ");
data/eggdrop-1.8.4/src/misc.c:1344:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (s[strlen(s) - 1] == '\n')
data/eggdrop-1.8.4/src/misc.c:1345:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s[strlen(s) - 1] = 0;
data/eggdrop-1.8.4/src/misc.c:1347:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(s, " ");
data/eggdrop-1.8.4/src/misc.c:1386:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (s[strlen(s) - 1] == '\n')
data/eggdrop-1.8.4/src/misc.c:1387:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s[strlen(s) - 1] = 0;
data/eggdrop-1.8.4/src/misc.c:1389:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(s, " ");
data/eggdrop-1.8.4/src/misc.c:1422:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (s[strlen(s) - 1] == '\n')
data/eggdrop-1.8.4/src/misc.c:1423:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s[strlen(s) - 1] = 0;
data/eggdrop-1.8.4/src/misc.c:1425:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(s, " ");
data/eggdrop-1.8.4/src/misc.c:1476:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int len = strlen(str);
data/eggdrop-1.8.4/src/misc_file.c:63:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
x = read(fi, buf, 512);
data/eggdrop-1.8.4/src/misc_file.c:114:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
x = read(fi, buf, sizeof buf);
data/eggdrop-1.8.4/src/mod/assoc.mod/assoc.c:235:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(par) > 20) {
data/eggdrop-1.8.4/src/mod/blowfish.mod/blowfish.c:223:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(box[bx].key, (char *) key, keybytes);
data/eggdrop-1.8.4/src/mod/blowfish.mod/blowfish.c:299:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
blowfish_init((unsigned char *) text, strlen(text));
data/eggdrop-1.8.4/src/mod/blowfish.mod/blowfish.c:330:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = nmalloc(strlen(str) + 9);
data/eggdrop-1.8.4/src/mod/blowfish.mod/blowfish.c:335:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dest = nmalloc((strlen(str) + 9) * 2);
data/eggdrop-1.8.4/src/mod/blowfish.mod/blowfish.c:340:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
blowfish_init((unsigned char *) key, strlen(key));
data/eggdrop-1.8.4/src/mod/blowfish.mod/blowfish.c:378:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen(str) + 8;
data/eggdrop-1.8.4/src/mod/blowfish.mod/blowfish.c:393:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
blowfish_init((unsigned char *) key, strlen(key));
data/eggdrop-1.8.4/src/mod/blowfish.mod/blowfish.c:490:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = nmalloc(strlen(str) + 12);
data/eggdrop-1.8.4/src/mod/blowfish.mod/blowfish.c:495:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dest = nmalloc(strlen(str) + 12);
data/eggdrop-1.8.4/src/mod/blowfish.mod/blowfish.c:500:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
blowfish_init((unsigned char *) key, strlen(key));
data/eggdrop-1.8.4/src/mod/blowfish.mod/blowfish.c:530:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
slen = strlen(str);
data/eggdrop-1.8.4/src/mod/blowfish.mod/blowfish.c:537:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
blowfish_init((unsigned char *) key, strlen(key));
data/eggdrop-1.8.4/src/mod/blowfish.mod/blowfish.c:664:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(argv[1]) > 0) {
data/eggdrop-1.8.4/src/mod/channels.mod/channels.c:186:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&s1[strlen(s1)], "%d ", chan->limit_prot);
data/eggdrop-1.8.4/src/mod/channels.mod/channels.c:190:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&s1[strlen(s1)], "%s ", chan->key_prot);
data/eggdrop-1.8.4/src/mod/channels.mod/channels.c:238:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s1[strlen(s1) - 1] = 0;
data/eggdrop-1.8.4/src/mod/channels.mod/channels.c:239:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(s, " ");
data/eggdrop-1.8.4/src/mod/channels.mod/channels.c:358:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(dcc[idx].u.chat->con_chan, "*");
data/eggdrop-1.8.4/src/mod/channels.mod/channels.c:594:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(s);
data/eggdrop-1.8.4/src/mod/channels.mod/channels.c:608:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(s);
data/eggdrop-1.8.4/src/mod/channels.mod/channels.c:609:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s2[strlen(s2) - 2] = 0;
data/eggdrop-1.8.4/src/mod/channels.mod/channels.c:615:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(s);
data/eggdrop-1.8.4/src/mod/channels.mod/channels.c:726:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result += strlen(m->mask) + 1;
data/eggdrop-1.8.4/src/mod/channels.mod/channels.c:728:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result += strlen(m->who) + 1;
data/eggdrop-1.8.4/src/mod/channels.mod/channels.c:741:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tot += strlen(chan->channel.key) + 1;
data/eggdrop-1.8.4/src/mod/channels.mod/channels.c:743:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tot += strlen(chan->channel.topic) + 1;
data/eggdrop-1.8.4/src/mod/channels.mod/channels.c:751:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tot += strlen(chan->cmode[i].op) + 1;
data/eggdrop-1.8.4/src/mod/channels.mod/channels.c:753:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tot += strlen(chan->key) + 1;
data/eggdrop-1.8.4/src/mod/channels.mod/channels.c:755:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tot += strlen(chan->rmkey) + 1;
data/eggdrop-1.8.4/src/mod/channels.mod/channels.c:759:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tot += strlen(lastdeletedmask) + 1;
data/eggdrop-1.8.4/src/mod/channels.mod/channels.c:785:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!(item[i]) || (strlen(item[i]) < 2))
data/eggdrop-1.8.4/src/mod/channels.mod/cmdschan.c:109:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen(par) > MASKREASON_MAX)
data/eggdrop-1.8.4/src/mod/channels.mod/cmdschan.c:111:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(who) > UHOSTMAX - 4)
data/eggdrop-1.8.4/src/mod/channels.mod/cmdschan.c:133:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) > 70) {
data/eggdrop-1.8.4/src/mod/channels.mod/cmdschan.c:251:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen(par) > MASKREASON_MAX)
data/eggdrop-1.8.4/src/mod/channels.mod/cmdschan.c:253:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(who) > UHOSTMAX - 4)
data/eggdrop-1.8.4/src/mod/channels.mod/cmdschan.c:267:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) > 70) {
data/eggdrop-1.8.4/src/mod/channels.mod/cmdschan.c:379:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen(par) > MASKREASON_MAX)
data/eggdrop-1.8.4/src/mod/channels.mod/cmdschan.c:381:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(who) > UHOSTMAX - 4)
data/eggdrop-1.8.4/src/mod/channels.mod/cmdschan.c:395:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) > 70) {
data/eggdrop-1.8.4/src/mod/channels.mod/cmdschan.c:1273:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(dcc[i].u.chat->con_chan, "*");
data/eggdrop-1.8.4/src/mod/channels.mod/cmdschan.c:1404:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
work_len = strlen(work);
data/eggdrop-1.8.4/src/mod/channels.mod/cmdschan.c:1421:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int work_len = strlen(work);
data/eggdrop-1.8.4/src/mod/channels.mod/cmdschan.c:1482:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(par) > 2 && par[0] == '*' && par[1] == ' ') {
data/eggdrop-1.8.4/src/mod/channels.mod/cmdschan.c:1520:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = nmalloc(strlen(par) + 1);
data/eggdrop-1.8.4/src/mod/channels.mod/cmdschan.c:1538:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(answers, " ");
data/eggdrop-1.8.4/src/mod/channels.mod/cmdschan.c:1561:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
parcpy = nmalloc(strlen(par) + 1);
data/eggdrop-1.8.4/src/mod/channels.mod/cmdschan.c:1565:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(answers);
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:925:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = nmalloc(strlen(ul->name) + strlen(p) + 2);
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:925:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = nmalloc(strlen(ul->name) + strlen(p) + 2);
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:1594:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
val = nmalloc(3 * strlen(item[i]) + 10);
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:1596:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
val = nrealloc(val, strlen(val) + 1);
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:2049:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(buf, glob_chanset, 2047 - strlen(buf));
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:2049:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(buf, glob_chanset, 2047 - strlen(buf));
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:2050:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(buf, options, 2047 - strlen(buf));
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:2050:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(buf, options, 2047 - strlen(buf));
data/eggdrop-1.8.4/src/mod/channels.mod/tclchan.c:2164:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ul->name = nmalloc(strlen(argv[3]) + 1);
data/eggdrop-1.8.4/src/mod/channels.mod/udefchan.c:29:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i += strlen(ul->name) + 1;
data/eggdrop-1.8.4/src/mod/channels.mod/udefchan.c:41:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i += strlen(ul->chan) + 1;
data/eggdrop-1.8.4/src/mod/channels.mod/udefchan.c:43:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i += strlen((char *) ul->value) + 1;
data/eggdrop-1.8.4/src/mod/channels.mod/udefchan.c:86:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ul->chan = nmalloc(strlen(name) + 1);
data/eggdrop-1.8.4/src/mod/channels.mod/udefchan.c:100:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) < 1)
data/eggdrop-1.8.4/src/mod/channels.mod/udefchan.c:114:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ul->name = nmalloc(strlen(name) + 1);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:105:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ch->info = (char *) user_malloc(strlen(info) + 1);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:271:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lastdeletedmask = nmalloc(strlen((*u)->mask) + 1);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:326:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lastdeletedmask = nmalloc(strlen((*u)->mask) + 1);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:382:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lastdeletedmask = nmalloc(strlen((*u)->mask) + 1);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:468:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p->mask = user_malloc(strlen(host) + 1);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:470:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p->user = user_malloc(strlen(from) + 1);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:472:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p->desc = user_malloc(strlen(note) + 1);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:532:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p->mask = user_malloc(strlen(host) + 1);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:534:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p->user = user_malloc(strlen(from) + 1);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:536:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p->desc = user_malloc(strlen(note) + 1);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:596:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p->mask = user_malloc(strlen(host) + 1);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:598:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p->user = user_malloc(strlen(from) + 1);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:600:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p->desc = user_malloc(strlen(note) + 1);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:631:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(dates);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:675:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(dates);
data/eggdrop-1.8.4/src/mod/channels.mod/userchan.c:719:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(dates);
data/eggdrop-1.8.4/src/mod/compress.mod/compress.c:303:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp_fn = nmalloc(strlen(filename) + sizeof rands);
data/eggdrop-1.8.4/src/mod/compress.mod/compress.c:329:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
temp_fn = nmalloc(strlen(filename) + sizeof rands);
data/eggdrop-1.8.4/src/mod/console.mod/console.c:55:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ci->channel = user_malloc(strlen(arg) + 1);
data/eggdrop-1.8.4/src/mod/console.mod/console.c:179:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(argv[3]);
data/eggdrop-1.8.4/src/mod/console.mod/console.c:183:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(i->channel, argv[3], l);
data/eggdrop-1.8.4/src/mod/console.mod/console.c:207:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return sizeof(struct console_info) + strlen(i->channel) + 1;
data/eggdrop-1.8.4/src/mod/console.mod/console.c:235:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j->channel = user_malloc(strlen(i->channel) + 1);
data/eggdrop-1.8.4/src/mod/console.mod/console.c:317:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i->channel = user_malloc(strlen(dcc[idx].u.chat->con_chan) + 1);
data/eggdrop-1.8.4/src/mod/ctcp.mod/ctcp.c:52:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ctcp_mode != 1 && strlen(text) <= 80)
data/eggdrop-1.8.4/src/mod/ctcp.mod/ctcp.c:63:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((ctcp_mode != 1 || (atr & USER_OP)) && strlen(text) <= 80)
data/eggdrop-1.8.4/src/mod/dns.mod/coredns.c:233:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(d + strlen(d), "%uh", hours);
data/eggdrop-1.8.4/src/mod/dns.mod/coredns.c:235:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(d + strlen(d), "%um", minutes);
data/eggdrop-1.8.4/src/mod/dns.mod/coredns.c:237:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(d + strlen(d), "%us", seconds);
data/eggdrop-1.8.4/src/mod/dns.mod/coredns.c:885:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(stackstring, rp->hostn, 1024);
data/eggdrop-1.8.4/src/mod/dns.mod/coredns.c:1041:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rp->hostn = nmalloc(strlen(namestring) + 1);
data/eggdrop-1.8.4/src/mod/dns.mod/coredns.c:1227:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rp->hostn = nmalloc(strlen(hostn) + 1);
data/eggdrop-1.8.4/src/mod/dns.mod/dns.c:211:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += strlen(rp->hostn) + 1;
data/eggdrop-1.8.4/src/mod/filesys.mod/dbcompat.c:44:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s1 = nmalloc(strlen(path) + 8);
data/eggdrop-1.8.4/src/mod/filesys.mod/dbcompat.c:65:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (s[strlen(s) - 1] == '\n')
data/eggdrop-1.8.4/src/mod/filesys.mod/dbcompat.c:66:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s[strlen(s) - 1] = 0;
data/eggdrop-1.8.4/src/mod/filesys.mod/dbcompat.c:77:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(fdbe->desc) + strlen(s) + 2);
data/eggdrop-1.8.4/src/mod/filesys.mod/dbcompat.c:77:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(fdbe->desc) + strlen(s) + 2);
data/eggdrop-1.8.4/src/mod/filesys.mod/dbcompat.c:78:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(fdbe->desc, "\n");
data/eggdrop-1.8.4/src/mod/filesys.mod/dbcompat.c:80:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fdbe->desc = nmalloc(strlen(s) + 2);
data/eggdrop-1.8.4/src/mod/filesys.mod/dbcompat.c:96:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(fn) - 1;
data/eggdrop-1.8.4/src/mod/filesys.mod/dbcompat.c:231:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tempdb = nmalloc(strlen(filedb) + 5);
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:289:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fdh.filename_len = strlen(fdbe->filename) + 1;
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:291:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fdh.desc_len = strlen(fdbe->desc) + 1;
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:293:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fdh.chan_len = strlen(fdbe->chan) + 1;
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:295:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fdh.uploader_len = strlen(fdbe->uploader) + 1;
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:297:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fdh.flags_req_len = strlen(fdbe->flags_req) + 1;
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:299:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fdh.sharelink_len = strlen(fdbe->sharelink) + 1;
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:662:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = nmalloc(strlen(path) + strlen(name) + 2);
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:662:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = nmalloc(strlen(path) + strlen(name) + 2);
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:700:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = nmalloc(strlen(path) + 1 + strlen(fdbe->filename) + 1);
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:700:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = nmalloc(strlen(path) + 1 + strlen(fdbe->filename) + 1);
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:730:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (s2[strlen(s2) - 1] == '/')
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:731:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s2[strlen(s2) - 1] = 0; /* remove trailing '/' */
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:750:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
npath = nmalloc(strlen(dccdir) + strlen(path) + 1);
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:750:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
npath = nmalloc(strlen(dccdir) + strlen(path) + 1);
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:757:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = nmalloc(strlen(filedb_path) + strlen(s2) + 8);
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:757:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = nmalloc(strlen(filedb_path) + strlen(s2) + 8);
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:761:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = nmalloc(strlen(npath) + 10);
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:914:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(fdbe->filename) > 45) {
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:916:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s2 = nmalloc(strlen(fdbe->filename) + 3);
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:921:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s2 = nmalloc(strlen(fdbe->filename) + 2);
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:929:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s3 = nmalloc(42 + strlen(s2 ? s2 : "") + 6 +
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:930:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(FILES_REQUIRES) + strlen(fdbe->flags_req) + 1 +
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:930:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(FILES_REQUIRES) + strlen(fdbe->flags_req) + 1 +
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:931:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(fdbe->chan ? fdbe->chan : "") + 1);
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:937:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s3 = nmalloc(38 + strlen(s2 ? s2 : ""));
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:962:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(fdbe->filename) > 30) {
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:963:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s3 = nmalloc(strlen(fdbe->filename) + 2);
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:970:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s4 = nmalloc(69 + strlen(s3 ? s3 : "") + strlen(s1) +
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:970:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s4 = nmalloc(69 + strlen(s3 ? s3 : "") + strlen(s1) +
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:971:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(fdbe->uploader) + strlen(t) + strlen(s2));
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:971:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(fdbe->uploader) + strlen(t) + strlen(s2));
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:971:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(fdbe->uploader) + strlen(t) + strlen(s2));
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:979:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s4 = nmalloc(9 + strlen(fdbe->sharelink));
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:992:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sd = nmalloc(strlen(fdbe->desc) + 5);
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:1003:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sd = nmalloc(strlen(fdbe->desc) + 5);
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:1057:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s1 = nmalloc(strlen(dccdir) + strlen(dir) + strlen(what) + 2);
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:1057:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s1 = nmalloc(strlen(dccdir) + strlen(dir) + strlen(what) + 2);
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:1057:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s1 = nmalloc(strlen(dccdir) + strlen(dir) + strlen(what) + 2);
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:1068:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s1 = nmalloc(strlen(botnetnick) + strlen(dir) + strlen(what) + 3);
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:1068:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s1 = nmalloc(strlen(botnetnick) + strlen(dir) + strlen(what) + 3);
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:1068:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s1 = nmalloc(strlen(botnetnick) + strlen(dir) + strlen(what) + 3);
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:1107:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*desc = nmalloc(strlen(fdbe->desc) + 1);
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.c:1121:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*owner = nmalloc(strlen(fdbe->uploader) + 1);
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.h:94:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(target) = nrealloc((target), strlen(entry) + 1); \
data/eggdrop-1.8.4/src/mod/filesys.mod/filedb3.h:102:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(target) = nrealloc((target), strlen(entry) + 1); \
data/eggdrop-1.8.4/src/mod/filesys.mod/filelist.c:59:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FILELIST_LE(flist).fn = nmalloc(strlen(filename) + 1);
data/eggdrop-1.8.4/src/mod/filesys.mod/filelist.c:70:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(FILELIST_LE(flist).output) +
data/eggdrop-1.8.4/src/mod/filesys.mod/filelist.c:71:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(desc) + 1);
data/eggdrop-1.8.4/src/mod/filesys.mod/filelist.c:74:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FILELIST_LE(flist).output = nmalloc(strlen(desc) + 1);
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:26:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
# define NAMLEN(dirent) strlen((dirent)->d_name)
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:67:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(dccdir, dir, strlen(dccdir)) &&
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:68:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(f = filedb_open(&dir[strlen(dccdir)], 2))) {
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:160:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new = nmalloc(strlen(change) + 2); /* Add 2, because we add '/' below */
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:168:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(new, "/");
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:241:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (s[0] && s[strlen(s) - 1] != '/') {
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:242:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = nrealloc(s, strlen(s) + 2);
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:243:11: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(s, "/");
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:245:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
work = nmalloc(strlen(s) + strlen(elem) + 1);
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:245:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
work = nmalloc(strlen(s) + strlen(elem) + 1);
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:248:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = nrealloc(s, strlen(dccdir) + strlen(*real) + 1);
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:248:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = nrealloc(s, strlen(dccdir) + strlen(*real) + 1);
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:259:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = nrealloc(s, strlen(dccdir) + strlen(*real) + 1);
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:259:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = nrealloc(s, strlen(dccdir) + strlen(*real) + 1);
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:348:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(dcc[idx].u.file->dir, s, 160);
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:442:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(par) > nicklen) {
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:480:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bot = nmalloc(strlen(fdbe->sharelink) + 1);
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:491:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = nmalloc(strlen(whoto) + strlen(botnetnick) + 13);
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:491:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = nmalloc(strlen(whoto) + strlen(botnetnick) + 13);
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:497:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = nrealloc(s, strlen(bot) + strlen(fdbe->sharelink) + 2);
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:497:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = nrealloc(s, strlen(bot) + strlen(fdbe->sharelink) + 2);
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:540:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = nmalloc(strlen(par) + 9);
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:729:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(share) > 60)
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:803:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
desc = nmalloc(strlen(par) + 2);
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:805:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(desc, "|");
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:815:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(q) > 60) {
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:838:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (desc[strlen(desc) - 1] == '\n')
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:839:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
desc[strlen(desc) - 1] = 0;
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:917:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = nmalloc(strlen(dccdir) + strlen(dcc[idx].u.file->dir)
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:917:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = nmalloc(strlen(dccdir) + strlen(dcc[idx].u.file->dir)
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:918:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(fdbe->filename) + 2);
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:954:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = strlen(name);
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:988:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = nmalloc(strlen(dccdir) + strlen(dcc[idx].u.file->dir)
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:988:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = nmalloc(strlen(dccdir) + strlen(dcc[idx].u.file->dir)
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:989:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(name) + 2);
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:1044:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (name[strlen(name) - 1] == '/')
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:1045:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
name[strlen(name) - 1] = 0;
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:1070:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = nmalloc(strlen(dccdir) + strlen(dcc[idx].u.file->dir)
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:1070:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = nmalloc(strlen(dccdir) + strlen(dcc[idx].u.file->dir)
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:1071:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(name) + 10);
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:1211:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = nmalloc(strlen(dccdir) + strlen(oldpath)
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:1211:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = nmalloc(strlen(dccdir) + strlen(oldpath)
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:1212:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(fdbe_old->filename) + 2);
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:1213:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s1 = nmalloc(strlen(dccdir) + strlen(newpath)
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:1213:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s1 = nmalloc(strlen(dccdir) + strlen(newpath)
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:1214:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(newfn[0] ? newfn : fdbe_old->filename) + 2);
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:1437:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bot = nmalloc(strlen(fdbe->sharelink) + 1);
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:1461:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = nmalloc(strlen(whoto) + strlen(botnetnick) + 13);
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:1461:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = nmalloc(strlen(whoto) + strlen(botnetnick) + 13);
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:1467:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = nrealloc(s, strlen(bot) + strlen(fdbe->sharelink) + 2);
data/eggdrop-1.8.4/src/mod/filesys.mod/files.c:1467:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = nrealloc(s, strlen(bot) + strlen(fdbe->sharelink) + 2);
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:36:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
# define NAMLEN(dirent) strlen((dirent)->d_name)
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:363:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(nick) > NICKMAX)
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:435:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (nick && strlen(nick) > NICKMAX)
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:450:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = nmalloc(strlen(dccdir) + strlen(dir) + strlen(fn) + 2);
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:450:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = nmalloc(strlen(dccdir) + strlen(dir) + strlen(fn) + 2);
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:450:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = nmalloc(strlen(dccdir) + strlen(dir) + strlen(fn) + 2);
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:453:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = nmalloc(strlen(dccdir) + strlen(fn) + 1);
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:453:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = nmalloc(strlen(dccdir) + strlen(fn) + 1);
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:471:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(xxx, "%d*%s%s", (int) strlen(dccdir), dccdir, dir);
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:571:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tputs(dcc[idx].sock, buf, strlen(buf));
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:634:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = nmalloc(strlen(text) + 1);
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:690:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dcc[i].u.dns->cbuf = get_data_ptr(strlen(param) + 1);
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:718:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(filename);
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:723:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(fn, filename, l);
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:744:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
param = nmalloc(strlen(dcc[i].u.dns->cbuf) + 1);
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:751:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dcc[i].u.xfer->origname = get_data_ptr(strlen(param) + 1);
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:754:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dcc[i].u.xfer->filename = get_data_ptr(strlen(tempf) + 1);
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:770:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s1 = nmalloc(strlen(dcc[i].u.xfer->dir) +
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:771:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(dcc[i].u.xfer->origname) + 1);
data/eggdrop-1.8.4/src/mod/filesys.mod/filesys.c:887:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(dcc[i].u.file->chat->con_chan, "*");
data/eggdrop-1.8.4/src/mod/filesys.mod/tclfiles.c:202:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (s[strlen(s) - 1] == '/')
data/eggdrop-1.8.4/src/mod/filesys.mod/tclfiles.c:203:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s[strlen(s) - 1] = 0;
data/eggdrop-1.8.4/src/mod/filesys.mod/tclfiles.c:259:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (s[strlen(s) - 1] == '/')
data/eggdrop-1.8.4/src/mod/filesys.mod/tclfiles.c:260:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s[strlen(s) - 1] = 0;
data/eggdrop-1.8.4/src/mod/filesys.mod/tclfiles.c:303:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (s[strlen(s) - 1] == '/')
data/eggdrop-1.8.4/src/mod/filesys.mod/tclfiles.c:304:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s[strlen(s) - 1] = 0;
data/eggdrop-1.8.4/src/mod/filesys.mod/tclfiles.c:326:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = nmalloc(strlen(dccdir) + strlen(d) + strlen(p) + 2);
data/eggdrop-1.8.4/src/mod/filesys.mod/tclfiles.c:326:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = nmalloc(strlen(dccdir) + strlen(d) + strlen(p) + 2);
data/eggdrop-1.8.4/src/mod/filesys.mod/tclfiles.c:326:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = nmalloc(strlen(dccdir) + strlen(d) + strlen(p) + 2);
data/eggdrop-1.8.4/src/mod/filesys.mod/tclfiles.c:379:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (s[strlen(s) - 1] == '/')
data/eggdrop-1.8.4/src/mod/filesys.mod/tclfiles.c:380:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s[strlen(s) - 1] = 0;
data/eggdrop-1.8.4/src/mod/filesys.mod/tclfiles.c:414:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = nmalloc(strlen(dccdir) + strlen(d) + strlen(p) + 11);
data/eggdrop-1.8.4/src/mod/filesys.mod/tclfiles.c:414:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = nmalloc(strlen(dccdir) + strlen(d) + strlen(p) + 11);
data/eggdrop-1.8.4/src/mod/filesys.mod/tclfiles.c:414:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t = nmalloc(strlen(dccdir) + strlen(d) + strlen(p) + 11);
data/eggdrop-1.8.4/src/mod/filesys.mod/tclfiles.c:536:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = nmalloc(strlen(dccdir) + strlen(oldpath)
data/eggdrop-1.8.4/src/mod/filesys.mod/tclfiles.c:536:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = nmalloc(strlen(dccdir) + strlen(oldpath)
data/eggdrop-1.8.4/src/mod/filesys.mod/tclfiles.c:537:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(fdbe_old->filename) + 2);
data/eggdrop-1.8.4/src/mod/filesys.mod/tclfiles.c:538:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s1 = nmalloc(strlen(dccdir) + strlen(newpath)
data/eggdrop-1.8.4/src/mod/filesys.mod/tclfiles.c:538:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s1 = nmalloc(strlen(dccdir) + strlen(newpath)
data/eggdrop-1.8.4/src/mod/filesys.mod/tclfiles.c:539:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(newfn[0] ? newfn : fdbe_old->filename) + 2);
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:265:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(chan->floodwho[which], p, 80);
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:413:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(kicknick, ",");
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:416:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(chan->name) + strlen(kicknick) + strlen(comment) + 5;
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:416:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(chan->name) + strlen(kicknick) + strlen(comment) + 5;
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:416:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(chan->name) + strlen(kicknick) + strlen(comment) + 5;
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:1173:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, origmsg, 510);
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:1222:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, origmsg, 510);
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:1266:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, origmsg, 510);
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:1367:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((chname[0] == '!') && (strlen(chname) > CHANNEL_ID_LEN)) {
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:1402:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((chname[0] == '!') && (strlen(chname) > CHANNEL_ID_LEN)) {
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:1437:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((chname[0] == '!') && (strlen(chname) > CHANNEL_ID_LEN)) {
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:1472:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((chname[0] == '!') && (strlen(chname) > CHANNEL_ID_LEN)) {
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:1549:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
chan->channel.topic = (char *) channel_malloc(strlen(k) + 1);
data/eggdrop-1.8.4/src/mod/irc.mod/chan.c:1691:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int l_chname = strlen(chname);
data/eggdrop-1.8.4/src/mod/irc.mod/cmdsirc.c:750:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(m->nick) > maxnicklen)
data/eggdrop-1.8.4/src/mod/irc.mod/cmdsirc.c:751:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
maxnicklen = strlen(m->nick);
data/eggdrop-1.8.4/src/mod/irc.mod/cmdsirc.c:752:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((m->user) && (strlen(m->user->handle) > maxhandlen))
data/eggdrop-1.8.4/src/mod/irc.mod/cmdsirc.c:753:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
maxhandlen = strlen(m->user->handle);
data/eggdrop-1.8.4/src/mod/irc.mod/cmdsirc.c:1023:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(hand) > HANDLEN)
data/eggdrop-1.8.4/src/mod/irc.mod/irc.c:263:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
chan->channel.key = (char *) channel_malloc(strlen(k) + 1);
data/eggdrop-1.8.4/src/mod/irc.mod/irc.c:303:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m->mask = (char *) channel_malloc(strlen(s) + 1);
data/eggdrop-1.8.4/src/mod/irc.mod/irc.c:305:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m->who = (char *) channel_malloc(strlen(who) + 1);
data/eggdrop-1.8.4/src/mod/irc.mod/irc.c:1242:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(opchars, "@");
data/eggdrop-1.8.4/src/mod/irc.mod/mode.c:76:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < strlen(chan->mns); i++)
data/eggdrop-1.8.4/src/mod/irc.mod/mode.c:83:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < strlen(chan->pls); i++)
data/eggdrop-1.8.4/src/mod/irc.mod/mode.c:136:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((chan->cmode[i].type & MINUS) && postsize > strlen(chan->cmode[i].op)) {
data/eggdrop-1.8.4/src/mod/irc.mod/mode.c:157:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((chan->cmode[i].type & PLUS) && postsize > strlen(chan->cmode[i].op)) {
data/eggdrop-1.8.4/src/mod/irc.mod/mode.c:313:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(op) + 1;
data/eggdrop-1.8.4/src/mod/irc.mod/mode.c:330:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
chan->key = (char *) channel_malloc(strlen(op) + 1);
data/eggdrop-1.8.4/src/mod/irc.mod/mode.c:338:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
chan->rmkey = (char *) channel_malloc(strlen(op) + 1);
data/eggdrop-1.8.4/src/mod/irc.mod/mode.c:353:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
chan->pls[strlen(chan->pls) + 1] = 0;
data/eggdrop-1.8.4/src/mod/irc.mod/mode.c:354:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
chan->pls[strlen(chan->pls)] = mode;
data/eggdrop-1.8.4/src/mod/irc.mod/mode.c:356:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
chan->mns[strlen(chan->mns) + 1] = 0;
data/eggdrop-1.8.4/src/mod/irc.mod/mode.c:357:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
chan->mns[strlen(chan->mns)] = mode;
data/eggdrop-1.8.4/src/mod/irc.mod/mode.c:388:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(key) != 0)
data/eggdrop-1.8.4/src/mod/irc.mod/mode.c:1010:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf, origmsg, 510);
data/eggdrop-1.8.4/src/mod/irc.mod/mode.c:1023:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
z = strlen(msg);
data/eggdrop-1.8.4/src/mod/irc.mod/msgcmds.c:96:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(nick) > HANDLEN)
data/eggdrop-1.8.4/src/mod/irc.mod/msgcmds.c:147:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(new) > 15)
data/eggdrop-1.8.4/src/mod/irc.mod/msgcmds.c:149:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(new) < 6) {
data/eggdrop-1.8.4/src/mod/irc.mod/msgcmds.c:458:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(par) > NICKMAX)
data/eggdrop-1.8.4/src/mod/irc.mod/msgcmds.c:833:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(s, "s");
data/eggdrop-1.8.4/src/mod/irc.mod/msgcmds.c:840:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&s[strlen(s)], "%02d:%02d", (int) hr, (int) min);
data/eggdrop-1.8.4/src/mod/irc.mod/msgcmds.c:852:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(s, chan->dname, sizeof(s) - 1 - strlen(s));
data/eggdrop-1.8.4/src/mod/irc.mod/msgcmds.c:852:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(s, chan->dname, sizeof(s) - 1 - strlen(s));
data/eggdrop-1.8.4/src/mod/irc.mod/msgcmds.c:854:7: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant string.
strncat(s, " (trying)", sizeof(s) - 1 - strlen(s));
data/eggdrop-1.8.4/src/mod/irc.mod/msgcmds.c:854:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(s, " (trying)", sizeof(s) - 1 - strlen(s));
data/eggdrop-1.8.4/src/mod/irc.mod/msgcmds.c:856:7: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant string.
strncat(s, " (pending)", sizeof(s) - 1 - strlen(s));
data/eggdrop-1.8.4/src/mod/irc.mod/msgcmds.c:856:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(s, " (pending)", sizeof(s) - 1 - strlen(s));
data/eggdrop-1.8.4/src/mod/irc.mod/msgcmds.c:858:7: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant string.
strncat(s, " (need ops)", sizeof(s) - 1 - strlen(s));
data/eggdrop-1.8.4/src/mod/irc.mod/msgcmds.c:858:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(s, " (need ops)", sizeof(s) - 1 - strlen(s));
data/eggdrop-1.8.4/src/mod/irc.mod/msgcmds.c:859:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant string.
strncat(s, ", ", sizeof(s) - 1 - strlen(s));
data/eggdrop-1.8.4/src/mod/irc.mod/msgcmds.c:859:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(s, ", ", sizeof(s) - 1 - strlen(s));
data/eggdrop-1.8.4/src/mod/irc.mod/msgcmds.c:860:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) > 140) {
data/eggdrop-1.8.4/src/mod/irc.mod/msgcmds.c:861:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s[strlen(s) - 2] = 0; /* remove ', ' */
data/eggdrop-1.8.4/src/mod/irc.mod/msgcmds.c:866:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) > 10) {
data/eggdrop-1.8.4/src/mod/irc.mod/msgcmds.c:867:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s[strlen(s) - 2] = 0; /* remove ', ' */
data/eggdrop-1.8.4/src/mod/irc.mod/tclirc.c:500:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new = nmalloc(strlen(argv[1]) + 5);
data/eggdrop-1.8.4/src/mod/irc.mod/tclirc.c:979:7: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(kicknick, ",", sizeof kicknick - strlen(kicknick) - 1);
data/eggdrop-1.8.4/src/mod/irc.mod/tclirc.c:979:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(kicknick, ",", sizeof kicknick - strlen(kicknick) - 1);
data/eggdrop-1.8.4/src/mod/irc.mod/tclirc.c:980:5: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(kicknick, nick, sizeof kicknick - strlen(kicknick) - 1); /* Add to local queue */
data/eggdrop-1.8.4/src/mod/irc.mod/tclirc.c:980:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(kicknick, nick, sizeof kicknick - strlen(kicknick) - 1); /* Add to local queue */
data/eggdrop-1.8.4/src/mod/irc.mod/tclirc.c:984:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(chan->name) + strlen(kicknick) + strlen(comment);
data/eggdrop-1.8.4/src/mod/irc.mod/tclirc.c:984:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(chan->name) + strlen(kicknick) + strlen(comment);
data/eggdrop-1.8.4/src/mod/irc.mod/tclirc.c:984:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(chan->name) + strlen(kicknick) + strlen(comment);
data/eggdrop-1.8.4/src/mod/notes.mod/cmdsnote.c:35:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = buf = nmalloc(strlen(par) + 1);
data/eggdrop-1.8.4/src/mod/notes.mod/cmdsnote.c:78:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = buf = nmalloc(strlen(par) + 1);
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:91:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (s[strlen(s) - 1] == '\n')
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:92:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s[strlen(s) - 1] = 0;
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:133:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (s[strlen(s) - 1] == '\n')
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:134:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s[strlen(s) - 1] = 0;
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:182:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (s[strlen(s) - 1] == '\n')
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:183:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s[strlen(s) - 1] = 0;
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:382:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int read, erased;
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:413:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (s[strlen(s) - 1] == '\n')
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:414:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s[strlen(s) - 1] = 0;
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:421:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (!notes_in(nl, read))
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:498:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(s);
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:516:13: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(wt, NOTES_EXPIRE_TODAY, sizeof wt - strlen(wt) - 1);
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:516:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(wt, NOTES_EXPIRE_TODAY, sizeof wt - strlen(wt) - 1);
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:518:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&dt[strlen(dt)], NOTES_EXPIRE_XDAYS, note_life - lapse,
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:612:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (s[strlen(s) - 1] == '\n')
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:613:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s[strlen(s) - 1] = 0;
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:666:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int count, read, nl[128]; /* Is it enough? */
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:696:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (s[strlen(s) - 1] == '\n')
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:697:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s[strlen(s) - 1] = 0;
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:704:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (notes_in(nl, read)) {
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:954:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = user_malloc(strlen(xk->data) + 1);
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:1001:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mxk->data = user_malloc(strlen(mask) + 1);
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:1003:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
mxk->key = user_malloc(strlen(NOTES_IGNKEY) + 1);
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:1007:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
xk->data = user_realloc(xk->data, strlen(xk->data) + strlen(mask) + 2);
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:1007:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
xk->data = user_realloc(xk->data, strlen(xk->data) + strlen(mask) + 2);
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:1008:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(xk->data, " ");
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:1029:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += strlen(ignores[i]);
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:1034:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, " ");
data/eggdrop-1.8.4/src/mod/notes.mod/notes.c:1050:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
xk->key = user_malloc(strlen(NOTES_IGNKEY) + 1);
data/eggdrop-1.8.4/src/mod/seen.mod/seen.c:187:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(object, word1, oix - word1);
data/eggdrop-1.8.4/src/mod/seen.mod/seen.c:310:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(whoredirect, "!");
data/eggdrop-1.8.4/src/mod/seen.mod/seen.c:480:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(word2 + strlen(word2), "%lu hour%s, ", tv, (tv == 1) ? "" : "s");
data/eggdrop-1.8.4/src/mod/seen.mod/seen.c:485:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(word2 + strlen(word2), "%lu minute%s, ", tv,
data/eggdrop-1.8.4/src/mod/seen.mod/seen.c:491:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(word2 + strlen(word2) - 2, " ago.");
data/eggdrop-1.8.4/src/mod/seen.mod/seen.c:513:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
switch (nick[strlen(nick) - 1]) {
data/eggdrop-1.8.4/src/mod/seen.mod/seen.c:554:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (xk->data[0] == '{' && xk->data[strlen(xk->data) - 1] == '}' &&
data/eggdrop-1.8.4/src/mod/seen.mod/seen.c:555:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(xk->data) > 2) {
data/eggdrop-1.8.4/src/mod/seen.mod/seen.c:556:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(fixit, &xk->data[1], strlen(xk->data) - 2);
data/eggdrop-1.8.4/src/mod/seen.mod/seen.c:556:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(fixit, &xk->data[1], strlen(xk->data) - 2);
data/eggdrop-1.8.4/src/mod/seen.mod/seen.c:557:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fixit[strlen(xk->data) - 2] = 0;
data/eggdrop-1.8.4/src/mod/seen.mod/seen.c:574:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(rest, q, strlen(q) + 1);
data/eggdrop-1.8.4/src/mod/server.mod/server.c:272:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(msg);
data/eggdrop-1.8.4/src/mod/server.mod/server.c:274:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(cmd);
data/eggdrop-1.8.4/src/mod/server.mod/server.c:286:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (strlen(par3) > 0) {
data/eggdrop-1.8.4/src/mod/server.mod/server.c:292:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (strlen(par1) > 0) {
data/eggdrop-1.8.4/src/mod/server.mod/server.c:300:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(par2))
data/eggdrop-1.8.4/src/mod/server.mod/server.c:302:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (strlen(par2) > 0) {
data/eggdrop-1.8.4/src/mod/server.mod/server.c:309:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (strlen(msg) > 0) {
data/eggdrop-1.8.4/src/mod/server.mod/server.c:314:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (strlen(par1) > 0) {
data/eggdrop-1.8.4/src/mod/server.mod/server.c:323:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(par2) > 0) { /* topic manipulation => 2 penalty points */
data/eggdrop-1.8.4/src/mod/server.mod/server.c:326:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (strlen(par1) > 0) {
data/eggdrop-1.8.4/src/mod/server.mod/server.c:335:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (strlen(par1) > 0) {
data/eggdrop-1.8.4/src/mod/server.mod/server.c:342:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (strlen(par1) > 0) {
data/eggdrop-1.8.4/src/mod/server.mod/server.c:344:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(par2) > 4) /* long WHO-masks receive less penalty */
data/eggdrop-1.8.4/src/mod/server.mod/server.c:350:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(msg) > 0)
data/eggdrop-1.8.4/src/mod/server.mod/server.c:441:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (strlen(stckbl) > 0) {
data/eggdrop-1.8.4/src/mod/server.mod/server.c:459:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (strlen(stckbl) > 0)
data/eggdrop-1.8.4/src/mod/server.mod/server.c:476:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
((strlen(cmd) + strlen(victims) + strlen(nextto) + strlen(msg) + 2) <
data/eggdrop-1.8.4/src/mod/server.mod/server.c:476:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
((strlen(cmd) + strlen(victims) + strlen(nextto) + strlen(msg) + 2) <
data/eggdrop-1.8.4/src/mod/server.mod/server.c:476:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
((strlen(cmd) + strlen(victims) + strlen(nextto) + strlen(msg) + 2) <
data/eggdrop-1.8.4/src/mod/server.mod/server.c:476:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
((strlen(cmd) + strlen(victims) + strlen(nextto) + strlen(msg) + 2) <
data/eggdrop-1.8.4/src/mod/server.mod/server.c:495:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(tosend);
data/eggdrop-1.8.4/src/mod/server.mod/server.c:551:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (strlen(nicks) > 0) {
data/eggdrop-1.8.4/src/mod/server.mod/server.c:554:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
((9 + strlen(chan) + strlen(newnicks) + strlen(newnick) +
data/eggdrop-1.8.4/src/mod/server.mod/server.c:554:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
((9 + strlen(chan) + strlen(newnicks) + strlen(newnick) +
data/eggdrop-1.8.4/src/mod/server.mod/server.c:554:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
((9 + strlen(chan) + strlen(newnicks) + strlen(newnick) +
data/eggdrop-1.8.4/src/mod/server.mod/server.c:555:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(nicks) + strlen(msg)) < 510)) {
data/eggdrop-1.8.4/src/mod/server.mod/server.c:555:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(nicks) + strlen(msg)) < 510)) {
data/eggdrop-1.8.4/src/mod/server.mod/server.c:579:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m->msg = nmalloc(strlen(newmsg) + 1);
data/eggdrop-1.8.4/src/mod/server.mod/server.c:580:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m->len = strlen(newmsg);
data/eggdrop-1.8.4/src/mod/server.mod/server.c:609:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (strlen(nicks) > 0) {
data/eggdrop-1.8.4/src/mod/server.mod/server.c:614:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (strlen(chns) > 0) {
data/eggdrop-1.8.4/src/mod/server.mod/server.c:646:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m->msg = nmalloc(strlen(newmsg) + 1);
data/eggdrop-1.8.4/src/mod/server.mod/server.c:647:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m->len = strlen(newmsg);
data/eggdrop-1.8.4/src/mod/server.mod/server.c:704:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (strlen(nicks) > 0) {
data/eggdrop-1.8.4/src/mod/server.mod/server.c:719:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (strlen(nicks) > 0) {
data/eggdrop-1.8.4/src/mod/server.mod/server.c:721:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((nr < kick_method) && ((9 + strlen(chan) + strlen(newnicks) +
data/eggdrop-1.8.4/src/mod/server.mod/server.c:721:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((nr < kick_method) && ((9 + strlen(chan) + strlen(newnicks) +
data/eggdrop-1.8.4/src/mod/server.mod/server.c:722:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(nick) + strlen(reason)) < 510)) {
data/eggdrop-1.8.4/src/mod/server.mod/server.c:722:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(nick) + strlen(reason)) < 510)) {
data/eggdrop-1.8.4/src/mod/server.mod/server.c:746:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m->msg = nmalloc(strlen(newmsg) + 1);
data/eggdrop-1.8.4/src/mod/server.mod/server.c:747:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m->len = strlen(newmsg);
data/eggdrop-1.8.4/src/mod/server.mod/server.c:761:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write_to_server(newmsg, strlen(newmsg));
data/eggdrop-1.8.4/src/mod/server.mod/server.c:816:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf);
data/eggdrop-1.8.4/src/mod/server.mod/server.c:995:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
x->name = nmalloc(strlen(name) + 1);
data/eggdrop-1.8.4/src/mod/server.mod/server.c:998:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
x->pass = nmalloc(strlen(pass) + 1);
data/eggdrop-1.8.4/src/mod/server.mod/server.c:1064:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
x->name = nmalloc(strlen(serv) + 1);
data/eggdrop-1.8.4/src/mod/server.mod/server.c:1068:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
x->pass = nmalloc(strlen(pass) + 1);
data/eggdrop-1.8.4/src/mod/server.mod/server.c:1760:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tot += strlen(s->name) + 1;
data/eggdrop-1.8.4/src/mod/server.mod/server.c:1762:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tot += strlen(s->pass) + 1;
data/eggdrop-1.8.4/src/mod/server.mod/server.c:1764:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tot += strlen(s->realname) + 1;
data/eggdrop-1.8.4/src/mod/server.mod/server.c:1769:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tot += strlen(realservername) + 1;
data/eggdrop-1.8.4/src/mod/server.mod/servmsg.c:47:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int l = strlen(botname) - 1;
data/eggdrop-1.8.4/src/mod/server.mod/servmsg.c:302:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
x->realname = nmalloc(strlen(from) + 1);
data/eggdrop-1.8.4/src/mod/server.mod/servmsg.c:307:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
realservername = nmalloc(strlen(from) + 1);
data/eggdrop-1.8.4/src/mod/server.mod/servmsg.c:512:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(p1 - 1, p + 1, strlen(p + 1) + 1);
data/eggdrop-1.8.4/src/mod/server.mod/servmsg.c:733:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(botname, origbotname, strlen(botname))) {
data/eggdrop-1.8.4/src/mod/server.mod/servmsg.c:765:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!keepnick || !strncmp(botname, origbotname, strlen(botname))) {
data/eggdrop-1.8.4/src/mod/server.mod/servmsg.c:1246:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dcc[servidx].u.dns->host = get_data_ptr(strlen(dcc[servidx].host) + 1);
data/eggdrop-1.8.4/src/mod/server.mod/servmsg.c:1248:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dcc[servidx].u.dns->cbuf = get_data_ptr(strlen(pass) + 1);
data/eggdrop-1.8.4/src/mod/share.mod/share.c:114:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
d->mask = nmalloc(strlen(mask) + 1);
data/eggdrop-1.8.4/src/mod/share.mod/share.c:181:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += strlen(d->mask) + 1;
data/eggdrop-1.8.4/src/mod/share.mod/share.c:486:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(nick) > HANDLEN)
data/eggdrop-1.8.4/src/mod/share.mod/share.c:1097:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(from) > HANDLEN + 1)
data/eggdrop-1.8.4/src/mod/share.mod/share.c:1214:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dcc[i].u.xfer->filename = nmalloc(strlen(s) + 1);
data/eggdrop-1.8.4/src/mod/share.mod/share.c:1557:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
q->msg = nmalloc(strlen(s) + 1);
data/eggdrop-1.8.4/src/mod/share.mod/share.c:1571:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
q->msg = nmalloc(strlen(s) + 1);
data/eggdrop-1.8.4/src/mod/share.mod/share.c:1757:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nue->name = user_malloc(strlen(ue->name) + 1);
data/eggdrop-1.8.4/src/mod/share.mod/share.c:1767:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
list->extra = user_malloc(strlen(lt->extra) + 1);
data/eggdrop-1.8.4/src/mod/share.mod/share.c:2204:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tot += strlen(q->msg) + 1;
data/eggdrop-1.8.4/src/mod/share.mod/uf_features.c:241:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = s = buf = nmalloc(strlen(par) + 1); /* Allocate temp buffer */
data/eggdrop-1.8.4/src/mod/share.mod/uf_features.c:256:9: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(uff_sbuf, " ", sizeof uff_sbuf - strlen(uff_sbuf) - 1);
data/eggdrop-1.8.4/src/mod/share.mod/uf_features.c:256:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(uff_sbuf, " ", sizeof uff_sbuf - strlen(uff_sbuf) - 1);
data/eggdrop-1.8.4/src/mod/share.mod/uf_features.c:257:7: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(uff_sbuf, ul->entry->feature, sizeof uff_sbuf - strlen(uff_sbuf) - 1); /* Add feature to list */
data/eggdrop-1.8.4/src/mod/share.mod/uf_features.c:257:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(uff_sbuf, ul->entry->feature, sizeof uff_sbuf - strlen(uff_sbuf) - 1); /* Add feature to list */
data/eggdrop-1.8.4/src/mod/share.mod/uf_features.c:278:9: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(uff_sbuf, " ", sizeof uff_sbuf - strlen(uff_sbuf) - 1);
data/eggdrop-1.8.4/src/mod/share.mod/uf_features.c:278:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(uff_sbuf, " ", sizeof uff_sbuf - strlen(uff_sbuf) - 1);
data/eggdrop-1.8.4/src/mod/share.mod/uf_features.c:279:7: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(uff_sbuf, ul->entry->feature, sizeof uff_sbuf - strlen(uff_sbuf) - 1); /* Add feature to list */
data/eggdrop-1.8.4/src/mod/share.mod/uf_features.c:279:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(uff_sbuf, ul->entry->feature, sizeof uff_sbuf - strlen(uff_sbuf) - 1); /* Add feature to list */
data/eggdrop-1.8.4/src/mod/share.mod/uf_features.c:290:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = s = buf = nmalloc(strlen(par) + 1); /* Allocate temp buffer */
data/eggdrop-1.8.4/src/mod/transfer.mod/tcltransfer.c:45:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sys = nmalloc(strlen(argv[1]) + 2);
data/eggdrop-1.8.4/src/mod/transfer.mod/tcltransfer.c:68:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = nrealloc(s, strlen(q->to) + strlen(q->dir) + strlen(q->file) + 4);
data/eggdrop-1.8.4/src/mod/transfer.mod/tcltransfer.c:68:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = nrealloc(s, strlen(q->to) + strlen(q->dir) + strlen(q->file) + 4);
data/eggdrop-1.8.4/src/mod/transfer.mod/tcltransfer.c:68:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = nrealloc(s, strlen(q->to) + strlen(q->dir) + strlen(q->file) + 4);
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.c:136:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = ret = nmalloc(strlen(fn) + 1);
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.c:276:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int l = strlen(dcc[idx].u.xfer->filename);
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.c:289:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nfn = nmalloc(strlen(dcc[idx].u.xfer->dir)
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.c:290:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(dcc[idx].u.xfer->origname) + 1);
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.c:752:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tot += strlen(p->filename) + 1;
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.c:757:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tot += strlen(p->origname) + 1;
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.c:1008:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dcc[i].u.xfer->filename = get_data_ptr(strlen(filename) + 1);
data/eggdrop-1.8.4/src/mod/transfer.mod/transfer.c:1012:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dcc[i].u.xfer->origname = get_data_ptr(strlen(nfn) + 1);
data/eggdrop-1.8.4/src/mod/transfer.mod/transferqueue.c:27:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tot += strlen(q->dir) + strlen(q->file) + 2 + sizeof(fileq_t);
data/eggdrop-1.8.4/src/mod/transfer.mod/transferqueue.c:27:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tot += strlen(q->dir) + strlen(q->file) + 2 + sizeof(fileq_t);
data/eggdrop-1.8.4/src/mod/transfer.mod/transferqueue.c:39:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(dir) + 1;
data/eggdrop-1.8.4/src/mod/transfer.mod/transferqueue.c:42:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(file) + 1;
data/eggdrop-1.8.4/src/mod/transfer.mod/transferqueue.c:106:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = nmalloc(strlen(&this->dir[1]) + strlen(this->file) + 2);
data/eggdrop-1.8.4/src/mod/transfer.mod/transferqueue.c:106:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = nmalloc(strlen(&this->dir[1]) + strlen(this->file) + 2);
data/eggdrop-1.8.4/src/mod/transfer.mod/transferqueue.c:117:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = nmalloc(strlen(p) + strlen(this->file) + 2);
data/eggdrop-1.8.4/src/mod/transfer.mod/transferqueue.c:117:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = nmalloc(strlen(p) + strlen(this->file) + 2);
data/eggdrop-1.8.4/src/mod/transfer.mod/transferqueue.c:122:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = nrealloc(s, strlen(&this->dir[1]) + strlen(this->file) + 2);
data/eggdrop-1.8.4/src/mod/transfer.mod/transferqueue.c:122:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = nrealloc(s, strlen(&this->dir[1]) + strlen(this->file) + 2);
data/eggdrop-1.8.4/src/mod/transfer.mod/transferqueue.c:125:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = nrealloc(s, strlen(this->dir) + strlen(this->file) + 2);
data/eggdrop-1.8.4/src/mod/transfer.mod/transferqueue.c:125:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = nrealloc(s, strlen(this->dir) + strlen(this->file) + 2);
data/eggdrop-1.8.4/src/mod/transfer.mod/transferqueue.c:175:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
spaces[len = HANDLEN - strlen(q->to)] = 0;
data/eggdrop-1.8.4/src/mod/transfer.mod/transferqueue.c:202:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
spaces[len = HANDLEN - strlen(dcc[i].nick)] = 0;
data/eggdrop-1.8.4/src/mod/transfer.mod/transferqueue.c:228:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = nrealloc(s, strlen(q->dir) + strlen(q->file) + 3);
data/eggdrop-1.8.4/src/mod/transfer.mod/transferqueue.c:228:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = nrealloc(s, strlen(q->dir) + strlen(q->file) + 3);
data/eggdrop-1.8.4/src/mod/uptime.mod/uptime.c:104:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
next_update_at[strlen(next_update_at) - 1] = 0;
data/eggdrop-1.8.4/src/mod/uptime.mod/uptime.c:121:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((uptime_host[strlen(uptime_host) - 1] >= '0') &&
data/eggdrop-1.8.4/src/mod/uptime.mod/uptime.c:122:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(uptime_host[strlen(uptime_host) - 1] <= '9'))
data/eggdrop-1.8.4/src/mod/uptime.mod/uptime.c:214:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = sizeof(upPack) + strlen(botnetnick) + strlen(servhost) +
data/eggdrop-1.8.4/src/mod/uptime.mod/uptime.c:214:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = sizeof(upPack) + strlen(botnetnick) + strlen(servhost) +
data/eggdrop-1.8.4/src/mod/uptime.mod/uptime.c:215:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(uptime_version);
data/eggdrop-1.8.4/src/modules.c:130:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p->name = nmalloc(strlen(name) + 1);
data/eggdrop-1.8.4/src/modules.c:641:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c += sizeof(struct static_list) + strlen(s->name) + 1;
data/eggdrop-1.8.4/src/modules.c:653:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c += strlen(p->name) + 1;
data/eggdrop-1.8.4/src/modules.c:715:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&(workbuf[strlen(workbuf)]), "/%s%s." EGG_MOD_EXT, moddir, name);
data/eggdrop-1.8.4/src/modules.c:810:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p->name = nmalloc(strlen(name) + 1);
data/eggdrop-1.8.4/src/modules.c:913:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p->name = nmalloc(strlen(newname) + 1);
data/eggdrop-1.8.4/src/net.c:98:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tot += strlen(td->socklist[i].handler.sock.inbuf) + 1;
data/eggdrop-1.8.4/src/net.c:487:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tputs(sock, s, strlen(botuser) + 9); /* drummer */
data/eggdrop-1.8.4/src/net.c:491:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tputs(sock, s, strlen(s)); /* drummer */
data/eggdrop-1.8.4/src/net.c:914:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
x = read(STDIN, s, grab);
data/eggdrop-1.8.4/src/net.c:937:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
x = read(slist[i].sock, s, strlen("starttls -\n"));
data/eggdrop-1.8.4/src/net.c:937:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
x = read(slist[i].sock, s, strlen("starttls -\n"));
data/eggdrop-1.8.4/src/net.c:940:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
x = read(slist[i].sock, s, grab);
data/eggdrop-1.8.4/src/net.c:943:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
x = read(slist[i].sock, s, grab);
data/eggdrop-1.8.4/src/net.c:1050:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = strlen(p) + 1;
data/eggdrop-1.8.4/src/net.c:1059:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*len = strlen(s);
data/eggdrop-1.8.4/src/net.c:1133:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
socklist[ret].handler.sock.inbuf = nmalloc(strlen(p) + strlen(xx) + 1);
data/eggdrop-1.8.4/src/net.c:1133:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
socklist[ret].handler.sock.inbuf = nmalloc(strlen(p) + strlen(xx) + 1);
data/eggdrop-1.8.4/src/net.c:1137:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(socklist[ret].handler.sock.inbuf) < 512) {
data/eggdrop-1.8.4/src/net.c:1144:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
socklist[ret].handler.sock.inbuflen = strlen(p) - 510;
data/eggdrop-1.8.4/src/net.c:1159:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(xx, p, strlen(p) + 1);
data/eggdrop-1.8.4/src/net.c:1168:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(xx) >= 510) {
data/eggdrop-1.8.4/src/net.c:1175:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*len = strlen(s);
data/eggdrop-1.8.4/src/net.c:1186:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
socklist[ret].handler.sock.inbuflen = strlen(p) + strlen(xx);
data/eggdrop-1.8.4/src/net.c:1186:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
socklist[ret].handler.sock.inbuflen = strlen(p) + strlen(xx);
data/eggdrop-1.8.4/src/net.c:1192:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
socklist[ret].handler.sock.inbuflen = strlen(xx);
data/eggdrop-1.8.4/src/net.c:1288:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s[strlen(s) - 1] = 0;
data/eggdrop-1.8.4/src/net.c:1428:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&s[strlen(s)], " (inbuf: %04X)",
data/eggdrop-1.8.4/src/net.c:1429:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(unsigned int) strlen(socklist[i].handler.sock.inbuf));
data/eggdrop-1.8.4/src/net.c:1431:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&s[strlen(s)], " (outbuf: %06lX)", socklist[i].handler.sock.outbuflen);
data/eggdrop-1.8.4/src/net.c:1433:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(s, ",");
data/eggdrop-1.8.4/src/tcl.c:163:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) > 40)
data/eggdrop-1.8.4/src/tcl.c:280:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) > abs(st->max))
data/eggdrop-1.8.4/src/tcl.c:295:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (st->str[strlen(st->str) - 1] != '/')
data/eggdrop-1.8.4/src/tcl.c:296:11: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(st->str, "/");
data/eggdrop-1.8.4/src/tcl.c:711:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (j = 0; j <= strlen(egg_version); j++) {
data/eggdrop-1.8.4/src/tcl.c:714:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pver[strlen(pver)] = egg_version[j];
data/eggdrop-1.8.4/src/tcldcc.c:83:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tputs(dcc[j].sock, argv[2], strlen(argv[2]));
data/eggdrop-1.8.4/src/tcldcc.c:137:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int l = strlen(argv[2]);
data/eggdrop-1.8.4/src/tcldcc.c:319:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (j = 0; j < strlen(argv[arg]); j++) {
data/eggdrop-1.8.4/src/tcldcc.c:379:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (j = 0; j < strlen(argv[arg]); j++) {
data/eggdrop-1.8.4/src/tcldcc.c:739:9: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(idle, "0");
data/eggdrop-1.8.4/src/tcldcc.c:922:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(dcc[i].nick, "*");
data/eggdrop-1.8.4/src/tcldcc.c:1053:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(dcc[idx].host, "*");
data/eggdrop-1.8.4/src/tclhash.c:171:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tot += strlen(tc->func_name) + 1;
data/eggdrop-1.8.4/src/tclhash.c:183:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tot += strlen(tm->mask) + 1;
data/eggdrop-1.8.4/src/tclhash.c:276:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Assert(strlen(nme) <= 4);
data/eggdrop-1.8.4/src/tclhash.c:403:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tm->mask = nmalloc(strlen(cmd) + 1);
data/eggdrop-1.8.4/src/tclhash.c:437:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tc->func_name = nmalloc(strlen(proc) + 1);
data/eggdrop-1.8.4/src/tclhash.c:788:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (!egg_strncasecmp(match, mask, strlen(match)));
data/eggdrop-1.8.4/src/tclhash.c:956:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str = nmalloc(strlen(param) + 1);
data/eggdrop-1.8.4/src/tclmisc.c:63:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tot += strlen(logs[i].filename) + 1;
data/eggdrop-1.8.4/src/tclmisc.c:64:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tot += strlen(logs[i].chname) + 1;
data/eggdrop-1.8.4/src/tclmisc.c:126:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
logs[i].chname = nmalloc(strlen(argv[2]) + 1);
data/eggdrop-1.8.4/src/tclmisc.c:142:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
logs[i].filename = nmalloc(strlen(argv[3]) + 1);
data/eggdrop-1.8.4/src/tclmisc.c:144:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
logs[i].chname = nmalloc(strlen(argv[2]) + 1);
data/eggdrop-1.8.4/src/tclmisc.c:365:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&s[strlen(s)], "%lu week%s ", tmp, (tmp == 1) ? "" : "s");
data/eggdrop-1.8.4/src/tclmisc.c:370:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&s[strlen(s)], "%lu day%s ", tmp, (tmp == 1) ? "" : "s");
data/eggdrop-1.8.4/src/tclmisc.c:375:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&s[strlen(s)], "%lu hour%s ", tmp, (tmp == 1) ? "" : "s");
data/eggdrop-1.8.4/src/tclmisc.c:380:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&s[strlen(s)], "%lu minute%s ", tmp, (tmp == 1) ? "" : "s");
data/eggdrop-1.8.4/src/tclmisc.c:385:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&s[strlen(s)], "%lu second%s", tmp, (tmp == 1) ? "" : "s");
data/eggdrop-1.8.4/src/tclmisc.c:387:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) > 0 && s[strlen(s) - 1] == ' ')
data/eggdrop-1.8.4/src/tclmisc.c:387:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) > 0 && s[strlen(s) - 1] == ' ')
data/eggdrop-1.8.4/src/tclmisc.c:388:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s[strlen(s) - 1] = 0;
data/eggdrop-1.8.4/src/tclmisc.c:702:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = Tcl_Alloc(strlen(argv[2]) + 1);
data/eggdrop-1.8.4/src/tcluser.c:282:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(argv[1]) > HANDLEN)
data/eggdrop-1.8.4/src/tcluser.c:401:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((count = strlen(addr)) > 60) {
data/eggdrop-1.8.4/src/tcluser.c:527:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < strlen(newhand); i++)
data/eggdrop-1.8.4/src/tcluser.c:532:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen(newhand) < 1)
data/eggdrop-1.8.4/src/tls.c:207:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
out = user_realloc(out, strlen(fp) + 1);
data/eggdrop-1.8.4/src/userent.c:73:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tot += sizeof(struct list_type) + strlen(t->extra) + 1;
data/eggdrop-1.8.4/src/userent.c:128:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int l = strlen(string);
data/eggdrop-1.8.4/src/userent.c:185:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(e->u.string) + 1;
data/eggdrop-1.8.4/src/userent.c:252:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(pass) > 30)
data/eggdrop-1.8.4/src/userent.c:263:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
e->u.extra = user_malloc(strlen(new) + 1);
data/eggdrop-1.8.4/src/userent.c:308:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
li->lastonplace = user_malloc(strlen(par) + 1);
data/eggdrop-1.8.4/src/userent.c:436:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
li->lastonplace = user_malloc(strlen(argv[4]) + 1);
data/eggdrop-1.8.4/src/userent.c:450:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(((struct laston_info *) (e->u.extra))->lastonplace) + 1;
data/eggdrop-1.8.4/src/userent.c:462:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
li2->lastonplace = user_malloc(strlen(li->lastonplace) + 1);
data/eggdrop-1.8.4/src/userent.c:495:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bi->address = user_malloc(strlen(p) + 1);
data/eggdrop-1.8.4/src/userent.c:499:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(bi->address, p, q - p);
data/eggdrop-1.8.4/src/userent.c:576:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
addr = user_malloc(strlen(bi->address) + 1);
data/eggdrop-1.8.4/src/userent.c:681:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bi->address = user_malloc(strlen(argv[3]) + 1);
data/eggdrop-1.8.4/src/userent.c:726:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(bi->address) + 1 + sizeof(struct bot_addr);
data/eggdrop-1.8.4/src/userent.c:750:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bi->address = user_malloc(strlen(arg) + 1);
data/eggdrop-1.8.4/src/userent.c:784:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bi2->address = user_malloc(strlen(bi->address) + 1);
data/eggdrop-1.8.4/src/userent.c:867:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(argv[3]);
data/eggdrop-1.8.4/src/userent.c:875:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int k = strlen(argv[4]);
data/eggdrop-1.8.4/src/userent.c:900:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t->key = user_malloc(strlen(key) + 1);
data/eggdrop-1.8.4/src/userent.c:902:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t->data = user_malloc(strlen(data) + 1);
data/eggdrop-1.8.4/src/userent.c:921:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t->extra = user_malloc(strlen(curr->key) + strlen(curr->data) + 4);
data/eggdrop-1.8.4/src/userent.c:921:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
t->extra = user_malloc(strlen(curr->key) + strlen(curr->data) + 4);
data/eggdrop-1.8.4/src/userent.c:966:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(arg);
data/eggdrop-1.8.4/src/userent.c:973:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int k = strlen(buf);
data/eggdrop-1.8.4/src/userent.c:992:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
x2->key = user_malloc(strlen(x1->key) + 1);
data/eggdrop-1.8.4/src/userent.c:994:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
x2->data = user_malloc(strlen(x1->data) + 1);
data/eggdrop-1.8.4/src/userent.c:1083:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tot += strlen(x->key) + 1;
data/eggdrop-1.8.4/src/userent.c:1084:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tot += strlen(x->data) + 1;
data/eggdrop-1.8.4/src/userent.c:1154:7: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(s, q->extra, (sizeof s - strlen(s) -1));
data/eggdrop-1.8.4/src/userent.c:1154:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncat(s, q->extra, (sizeof s - strlen(s) -1));
data/eggdrop-1.8.4/src/userent.c:1158:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) + strlen(q->extra) + 2 > 65) {
data/eggdrop-1.8.4/src/userent.c:1158:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s) + strlen(q->extra) + 2 > 65) {
data/eggdrop-1.8.4/src/userent.c:1205:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(*t)->extra = user_malloc(strlen(host) + 1);
data/eggdrop-1.8.4/src/userent.c:1390:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
e->name = user_malloc(strlen(e->type->name) + 1);
data/eggdrop-1.8.4/src/userrec.c:83:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result += strlen(m->mask) + 1;
data/eggdrop-1.8.4/src/userrec.c:85:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result += strlen(m->user) + 1;
data/eggdrop-1.8.4/src/userrec.c:87:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result += strlen(m->desc) + 1;
data/eggdrop-1.8.4/src/userrec.c:110:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tot += strlen(ch->info) + 1;
data/eggdrop-1.8.4/src/userrec.c:118:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tot += strlen(ue->name) + 1;
data/eggdrop-1.8.4/src/userrec.c:144:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tot += strlen(i->igmask) + 1;
data/eggdrop-1.8.4/src/userrec.c:146:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tot += strlen(i->user) + 1;
data/eggdrop-1.8.4/src/userrec.c:148:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tot += strlen(i->msg) + 1;
data/eggdrop-1.8.4/src/userrec.c:370:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(pass) > 30)
data/eggdrop-1.8.4/src/userrec.c:544:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new_userfile = nmalloc(strlen(userfile) + 5);
data/eggdrop-1.8.4/src/userrec.c:842:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
li->lastonplace = nmalloc(strlen(where) + 1);
data/eggdrop-1.8.4/src/users.c:130:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p->igmask = user_malloc(strlen(ign) + 1);
data/eggdrop-1.8.4/src/users.c:132:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p->user = user_malloc(strlen(from) + 1);
data/eggdrop-1.8.4/src/users.c:134:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p->msg = user_malloc(strlen(mnote) + 1);
data/eggdrop-1.8.4/src/users.c:232:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p->mask = user_malloc(strlen(mask) + 1);
data/eggdrop-1.8.4/src/users.c:234:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p->user = user_malloc(strlen(from) + 1);
data/eggdrop-1.8.4/src/users.c:236:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p->desc = user_malloc(strlen(note) + 1);
data/eggdrop-1.8.4/src/users.c:440:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p->igmask = user_malloc(strlen(host) + 1);
data/eggdrop-1.8.4/src/users.c:442:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p->user = user_malloc(strlen(user) + 1);
data/eggdrop-1.8.4/src/users.c:445:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p->msg = user_malloc(strlen(desc) + 1);
data/eggdrop-1.8.4/src/users.c:764:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cr->info = (char *) user_malloc(strlen(s) + 1);
data/eggdrop-1.8.4/src/users.c:777:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(s1, " ");
data/eggdrop-1.8.4/src/users.c:779:15: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(ignored, lasthand,
data/eggdrop-1.8.4/src/users.c:780:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sizeof(ignored) - 1 - strlen(ignored));
data/eggdrop-1.8.4/src/users.c:781:15: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(ignored, " ",
data/eggdrop-1.8.4/src/users.c:782:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sizeof(ignored) - 1 - strlen(ignored));
data/eggdrop-1.8.4/src/users.c:805:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(s1, " ");
data/eggdrop-1.8.4/src/users.c:807:15: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(ignored, lasthand,
data/eggdrop-1.8.4/src/users.c:808:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sizeof(ignored) - 1 - strlen(ignored));
data/eggdrop-1.8.4/src/users.c:809:15: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(ignored, " ",
data/eggdrop-1.8.4/src/users.c:810:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sizeof(ignored) - 1 - strlen(ignored));
data/eggdrop-1.8.4/src/users.c:835:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(s1, " ");
data/eggdrop-1.8.4/src/users.c:837:15: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(ignored, lasthand,
data/eggdrop-1.8.4/src/users.c:838:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sizeof(ignored) - 1 - strlen(ignored));
data/eggdrop-1.8.4/src/users.c:839:15: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(ignored, " ",
data/eggdrop-1.8.4/src/users.c:840:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sizeof(ignored) - 1 - strlen(ignored));
data/eggdrop-1.8.4/src/users.c:870:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
list->extra = user_malloc(strlen(s) + 1);
data/eggdrop-1.8.4/src/users.c:878:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ue->name = user_malloc(strlen(code) - 1);
data/eggdrop-1.8.4/src/users.c:884:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ue->u.list->extra = user_malloc(strlen(s) + 1);
data/eggdrop-1.8.4/src/users.c:925:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(code) > HANDLEN)
data/eggdrop-1.8.4/src/users.c:927:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(pass) > 20) {
data/eggdrop-1.8.4/src/users.c:929:17: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(pass, "-");
ANALYSIS SUMMARY:
Hits = 2876
Lines analyzed = 74909 in approximately 2.27 seconds (33017 lines/second)
Physical Source Lines of Code (SLOC) = 59508
Hits@level = [0] 103 [1] 853 [2] 1494 [3] 15 [4] 505 [5] 9
Hits@level+ = [0+] 2979 [1+] 2876 [2+] 2023 [3+] 529 [4+] 514 [5+] 9
Hits/KSLOC@level+ = [0+] 50.0605 [1+] 48.3296 [2+] 33.9954 [3+] 8.88956 [4+] 8.63749 [5+] 0.15124
Dot directories skipped = 2 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.