Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/elog-3.1.3-1/src/elconv.c
Examining data/elog-3.1.3-1/src/elog.c
Examining data/elog-3.1.3-1/src/git-revision.h
Examining data/elog-3.1.3-1/src/regex.c
Examining data/elog-3.1.3-1/src/elogd.c
Examining data/elog-3.1.3-1/src/locext.c
Examining data/elog-3.1.3-1/src/elogd.h
Examining data/elog-3.1.3-1/src/auth.c
Examining data/elog-3.1.3-1/src/regex.h
Examining data/elog-3.1.3-1/src/crypt.c
Examining data/elog-3.1.3-1/src/mxml.c
Examining data/elog-3.1.3-1/src/mxml.h
Examining data/elog-3.1.3-1/src/strlcpy.c
Examining data/elog-3.1.3-1/src/strlcpy.h
Examining data/elog-3.1.3-1/src/elog-version.h
FINAL RESULTS:
data/elog-3.1.3-1/src/elogd.c:1722:7: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
chown(logbook_dir, -1, gr->gr_gid);
data/elog-3.1.3-1/src/elogd.c:1747:7: [5] (race) chown:
This accepts filename arguments; if an attacker can move those files, a
race condition results. (CWE-362). Use fchown( ) instead.
chown(logbook_dir, pw->pw_uid, -1);
data/elog-3.1.3-1/src/auth.c:86:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Using %s as server principal for authentication", princ_name);
data/elog-3.1.3-1/src/auth.c:139:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Using %s as server principal for authentication", princ_name);
data/elog-3.1.3-1/src/auth.c:266:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ldap_bindDN,"%s=%s,%s",ldap_login_attr,user,ldap_userbase);
data/elog-3.1.3-1/src/auth.c:325:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(filter, "(%s=%s)", ldap_login_attr, user);
data/elog-3.1.3-1/src/auth.c:378:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fullname, "%s %s", usergn, usersn);
data/elog-3.1.3-1/src/auth.c:384:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(lbs_str, "/list/user[name=%s]", user_enc);
data/elog-3.1.3-1/src/auth.c:408:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str,"New user: %s, %s added", user_enc, useremail);
data/elog-3.1.3-1/src/auth.c:449:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "/list/user[name=%s]/password", user);
data/elog-3.1.3-1/src/elconv.c:41:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/elog-3.1.3-1/src/elconv.c:41:18: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/elog-3.1.3-1/src/elconv.c:248:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, path);
data/elog-3.1.3-1/src/elconv.c:250:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(str, pattern);
data/elog-3.1.3-1/src/elconv.c:288:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dir, data_dir);
data/elog-3.1.3-1/src/elconv.c:315:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, tag);
data/elog-3.1.3-1/src/elconv.c:325:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name, "%s%02d%02d%02d.log", dir, tms->tm_year % 100, tms->tm_mon + 1, tms->tm_mday);
data/elog-3.1.3-1/src/elconv.c:388:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name, "%s%06d.log", dir, min % 1000000);
data/elog-3.1.3-1/src/elconv.c:419:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name, "%s%06d.log", dir, max % 1000000);
data/elog-3.1.3-1/src/elconv.c:457:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tag, str);
data/elog-3.1.3-1/src/elconv.c:528:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tag, str);
data/elog-3.1.3-1/src/elconv.c:601:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(afile_name[index], afilename[index]);
data/elog-3.1.3-1/src/elconv.c:606:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file_name, afilename[index]);
data/elog-3.1.3-1/src/elconv.c:617:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dir, data_dir);
data/elog-3.1.3-1/src/elconv.c:622:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, p);
data/elog-3.1.3-1/src/elconv.c:623:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(afile_name[index], "%02d%02d%02d_%02d%02d%02d_%s",
data/elog-3.1.3-1/src/elconv.c:626:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name, "%s%02d%02d%02d_%02d%02d%02d_%s", dir,
data/elog-3.1.3-1/src/elconv.c:644:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dir, data_dir);
data/elog-3.1.3-1/src/elconv.c:651:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, tag);
data/elog-3.1.3-1/src/elconv.c:656:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name, "%s%s.log", dir, str);
data/elog-3.1.3-1/src/elconv.c:690:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name, "%s%02d%02d%02d.log", dir, tms->tm_year % 100, tms->tm_mon + 1, tms->tm_mday);
data/elog-3.1.3-1/src/elconv.c:696:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(date, ctime(&now));
data/elog-3.1.3-1/src/elconv.c:700:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(thread, "%16s %16s", reply_to, "0");
data/elog-3.1.3-1/src/elconv.c:702:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(thread, "%16s %16s", "0", "0");
data/elog-3.1.3-1/src/elconv.c:709:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(message, "Date: %s\n", date);
data/elog-3.1.3-1/src/elconv.c:710:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(message + strlen(message), "Thread: %s\n", thread);
data/elog-3.1.3-1/src/elconv.c:713:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(message + strlen(message), "%s: %s\n", attr_name[i], attr_value[i]);
data/elog-3.1.3-1/src/elconv.c:726:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, data_dir);
data/elog-3.1.3-1/src/elconv.c:727:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(str, p);
data/elog-3.1.3-1/src/elconv.c:733:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(message + strlen(message), "Attachment: %s", afile_name[i]);
data/elog-3.1.3-1/src/elconv.c:736:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(message + strlen(message), ",%s", afile_name[i]);
data/elog-3.1.3-1/src/elconv.c:741:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(message + strlen(message), "Attachment: %s", p);
data/elog-3.1.3-1/src/elconv.c:744:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(message + strlen(message), ",%s", p);
data/elog-3.1.3-1/src/elconv.c:749:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(message + strlen(message), "Attachment: %s", afile_name[0]);
data/elog-3.1.3-1/src/elconv.c:752:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(message + strlen(message), ",%s", afile_name[i]);
data/elog-3.1.3-1/src/elconv.c:756:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(message + strlen(message), "Encoding: %s\n", encoding);
data/elog-3.1.3-1/src/elconv.c:758:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(message, text);
data/elog-3.1.3-1/src/elconv.c:794:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(last, reply_to);
data/elog-3.1.3-1/src/elconv.c:806:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%16s", tag);
data/elog-3.1.3-1/src/elconv.c:812:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(last, strtok(str, " "));
data/elog-3.1.3-1/src/elconv.c:932:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(thread_list[message_id - 1].v1_tag, tag);
data/elog-3.1.3-1/src/elconv.c:979:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, tag);
data/elog-3.1.3-1/src/elconv.c:981:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name, "%s%sa.log", data_dir, str);
data/elog-3.1.3-1/src/elconv.c:988:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(last_file, str);
data/elog-3.1.3-1/src/elconv.c:1072:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(data_dir, DIR_SEPARATOR_STR);
data/elog-3.1.3-1/src/elog.c:384:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(request + strlen(request), "%s/%s/%d?cmd=download", subdir, str, message_id);
data/elog-3.1.3-1/src/elog.c:386:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(request + strlen(request), "%s/%d?cmd=download", subdir, message_id);
data/elog-3.1.3-1/src/elog.c:388:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(request + strlen(request), "%s/%d?cmd=download", str, message_id);
data/elog-3.1.3-1/src/elog.c:400:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(request + strlen(request), "unm=%s;", uname);
data/elog-3.1.3-1/src/elog.c:409:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(request + strlen(request), "upwd=%s;", encrypted_passwd);
data/elog-3.1.3-1/src/elog.c:620:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(host_name, phe->h_name);
data/elog-3.1.3-1/src/elog.c:773:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(content, boundary);
data/elog-3.1.3-1/src/elog.c:777:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(content + strlen(content),
data/elog-3.1.3-1/src/elog.c:782:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(content + strlen(content),
data/elog-3.1.3-1/src/elog.c:788:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(content + strlen(content),
data/elog-3.1.3-1/src/elog.c:792:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(content + strlen(content),
data/elog-3.1.3-1/src/elog.c:796:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(content + strlen(content),
data/elog-3.1.3-1/src/elog.c:798:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(content + strlen(content),
data/elog-3.1.3-1/src/elog.c:803:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(content + strlen(content),
data/elog-3.1.3-1/src/elog.c:807:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(content + strlen(content),
data/elog-3.1.3-1/src/elog.c:810:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(content + strlen(content),
data/elog-3.1.3-1/src/elog.c:813:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(content + strlen(content),
data/elog-3.1.3-1/src/elog.c:817:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, attrib_name[i]);
data/elog-3.1.3-1/src/elog.c:820:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(content + strlen(content),
data/elog-3.1.3-1/src/elog.c:826:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(content + strlen(content),
data/elog-3.1.3-1/src/elog.c:835:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(p,
data/elog-3.1.3-1/src/elog.c:843:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, boundary);
data/elog-3.1.3-1/src/elog.c:853:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(request + strlen(request), "%s/", subdir);
data/elog-3.1.3-1/src/elog.c:855:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, experiment);
data/elog-3.1.3-1/src/elog.c:857:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(request + strlen(request), "%s/", str);
data/elog-3.1.3-1/src/elog.c:861:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(request + strlen(request), "Content-Type: multipart/form-data; boundary=%s\r\n", boundary);
data/elog-3.1.3-1/src/elog.c:863:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s:%d", host, port);
data/elog-3.1.3-1/src/elog.c:865:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s", host);
data/elog-3.1.3-1/src/elog.c:866:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(request + strlen(request), "Host: %s\r\n", str);
data/elog-3.1.3-1/src/elog.c:1036:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(host_name, argv[++i]);
data/elog-3.1.3-1/src/elog.c:1040:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(logbook, argv[++i]);
data/elog-3.1.3-1/src/elog.c:1042:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(subdir, argv[++i]);
data/elog-3.1.3-1/src/elog.c:1044:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(uname, argv[++i]);
data/elog-3.1.3-1/src/elog.c:1045:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(upwd, argv[++i]);
data/elog-3.1.3-1/src/elog.c:1047:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, argv[++i]);
data/elog-3.1.3-1/src/elog.c:1049:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(attrib[n_attr], strchr(str, '=') + 1);
data/elog-3.1.3-1/src/elog.c:1051:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(attr_name[n_attr], str);
data/elog-3.1.3-1/src/elog.c:1058:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(attachment[n_att++], argv[++i]);
data/elog-3.1.3-1/src/elog.c:1071:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(textfile, argv[++i]);
data/elog-3.1.3-1/src/elog.c:1100:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(text, argv[i]);
data/elog-3.1.3-1/src/elogd.c:538:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s, string);
data/elog-3.1.3-1/src/elogd.c:628:14: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
return vsprintf(*result, format, args);
data/elog-3.1.3-1/src/elogd.c:696:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, buf);
data/elog-3.1.3-1/src/elogd.c:869:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "cmd /q /c %s", cmd);
data/elog-3.1.3-1/src/elogd.c:1001:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "/bin/sh -c \"%s\" > /tmp/elog-shell 2>&1", cmd);
data/elog-3.1.3-1/src/elogd.c:1009:7: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(str);
data/elog-3.1.3-1/src/elogd.c:1106:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, p + 7);
data/elog-3.1.3-1/src/elogd.c:1110:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, p + 6);
data/elog-3.1.3-1/src/elogd.c:1154:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tail, p + strlen(pattern));
data/elog-3.1.3-1/src/elogd.c:1980:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(user_name, _sid[i].user_name);
data/elog-3.1.3-1/src/elogd.c:2030:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(charset, DEFAULT_HTTP_CHARSET);
data/elog-3.1.3-1/src/elogd.c:2164:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "Email from %s to ", from);
data/elog-3.1.3-1/src/elogd.c:2510:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(host, str);
data/elog-3.1.3-1/src/elogd.c:2581:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(last_host, host);
data/elog-3.1.3-1/src/elogd.c:2584:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "GET %s%s HTTP/1.0\r\nConnection: Close\r\n", subdir, param);
data/elog-3.1.3-1/src/elogd.c:2594:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str + strlen(str), "Cookie: unm=%s; upwd=%s\r\n", unm, upwd);
data/elog-3.1.3-1/src/elogd.c:2598:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str + strlen(str), "Host: %s:%d\r\n", host, port);
data/elog-3.1.3-1/src/elogd.c:2747:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(_topgroup, topgroup);
data/elog-3.1.3-1/src/elogd.c:2948:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lb_config[n_lb_config].section_name, str);
data/elog-3.1.3-1/src/elogd.c:2974:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lb_config[n_lb_config].config_param[i].param, str);
data/elog-3.1.3-1/src/elogd.c:2990:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lb_config[n_lb_config].config_param[i].value, str);
data/elog-3.1.3-1/src/elogd.c:3062:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(group, lb_config[index].section_name);
data/elog-3.1.3-1/src/elogd.c:3091:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "global %s", getcfg_topgroup());
data/elog-3.1.3-1/src/elogd.c:3357:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(result, loc("Change %s"), orig + 7);
data/elog-3.1.3-1/src/elogd.c:3363:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(result, orig);
data/elog-3.1.3-1/src/elogd.c:3539:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(email_from_name, "ELog <ELog@%s>", host_name);
data/elog-3.1.3-1/src/elogd.c:3540:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(email_from, "<ELog@%s>", host_name);
data/elog-3.1.3-1/src/elogd.c:3561:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(email_from_name, "%s <%s>", login_name, email_from);
data/elog-3.1.3-1/src/elogd.c:3568:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ret, email_from);
data/elog-3.1.3-1/src/elogd.c:3570:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ret_name, email_from_name);
data/elog-3.1.3-1/src/elogd.c:3678:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmp, str);
data/elog-3.1.3-1/src/elogd.c:3945:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Cannot open file \"%s\"", file_name);
data/elog-3.1.3-1/src/elogd.c:3981:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lbs->el_index[*lbs->n_el_index].file_name, str);
data/elog-3.1.3-1/src/elogd.c:4099:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(base_dir, lbs->data_dir);
data/elog-3.1.3-1/src/elogd.c:4212:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lb_list[n].name, logbook);
data/elog-3.1.3-1/src/elogd.c:4213:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lb_list[n].name_enc, logbook);
data/elog-3.1.3-1/src/elogd.c:4253:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, p);
data/elog-3.1.3-1/src/elogd.c:4297:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lb_list[n].data_dir, data_dir);
data/elog-3.1.3-1/src/elogd.c:4340:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lb_list[j].top_group, phier->member[i]->name);
data/elog-3.1.3-1/src/elogd.c:4503:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name, "%s%s%s", lbs->data_dir, lbs->el_index[index].subdir, lbs->el_index[index].file_name);
data/elog-3.1.3-1/src/elogd.c:4568:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s: ", attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:4591:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(attachment[i], p);
data/elog-3.1.3-1/src/elogd.c:4670:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ext_file_name, "%02d%02d%02d_%02d%02d%02d_%s", tms.tm_year % 100, tms.tm_mon + 1,
data/elog-3.1.3-1/src/elogd.c:4696:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Cannot write attachment file \"%s\"", file_name);
data/elog-3.1.3-1/src/elogd.c:4764:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name, "%s%s%s", lbs->data_dir, lbs->el_index[index].subdir, lbs->el_index[index].file_name);
data/elog-3.1.3-1/src/elogd.c:4881:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dir, lbs->data_dir);
data/elog-3.1.3-1/src/elogd.c:4894:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name, "%s%s%s", lbs->data_dir, lbs->el_index[index].subdir, lbs->el_index[index].file_name);
data/elog-3.1.3-1/src/elogd.c:4965:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s: ", attr_name[i]);
data/elog-3.1.3-1/src/elogd.c:4999:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s%s", dir, subdir);
data/elog-3.1.3-1/src/elogd.c:5009:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s%s%s", dir, subdir, file_name);
data/elog-3.1.3-1/src/elogd.c:5060:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(message + strlen(message), "Date: %s\n", date1);
data/elog-3.1.3-1/src/elogd.c:5063:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(message + strlen(message), "Reply to: %s\n", reply_to1);
data/elog-3.1.3-1/src/elogd.c:5066:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(message + strlen(message), "In reply to: %s\n", in_reply_to1);
data/elog-3.1.3-1/src/elogd.c:5069:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(message + strlen(message), "%s: %s\n", attr_name[i], attrib[i]);
data/elog-3.1.3-1/src/elogd.c:5074:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(message + strlen(message), "%s", afilename[0]);
data/elog-3.1.3-1/src/elogd.c:5077:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(message + strlen(message), ",%s", afilename[i]);
data/elog-3.1.3-1/src/elogd.c:5081:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(message + strlen(message), "Encoding: %s\n", encoding1);
data/elog-3.1.3-1/src/elogd.c:5083:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(message + strlen(message), "Locked by: %s\n", locked_by1);
data/elog-3.1.3-1/src/elogd.c:5085:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(message + strlen(message), "Draft: %s\n", draft);
data/elog-3.1.3-1/src/elogd.c:5190:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, ps);
data/elog-3.1.3-1/src/elogd.c:5242:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name, "%s%s%s", lbs->data_dir, lbs->el_index[index].subdir, lbs->el_index[index].file_name);
data/elog-3.1.3-1/src/elogd.c:5307:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(attachment[i], p);
data/elog-3.1.3-1/src/elogd.c:5355:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, lbs->el_index[index].file_name);
data/elog-3.1.3-1/src/elogd.c:5443:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(reply_to, list1[i1]);
data/elog-3.1.3-1/src/elogd.c:5470:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(in_reply_to, list1[i1]);
data/elog-3.1.3-1/src/elogd.c:5640:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf + strlen(buf), "[%s@%s(%s)] ", unm, rem_host, rem_host_ip);
data/elog-3.1.3-1/src/elogd.c:5642:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf + strlen(buf), "[%s@%s] ", unm, rem_host);
data/elog-3.1.3-1/src/elogd.c:5645:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf + strlen(buf), "[%s(%s)] ", rem_host, rem_host_ip);
data/elog-3.1.3-1/src/elogd.c:5647:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf + strlen(buf), "[%s] ", rem_host);
data/elog-3.1.3-1/src/elogd.c:5649:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf + strlen(buf), "[%s] ", rem_host_ip);
data/elog-3.1.3-1/src/elogd.c:5652:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf + strlen(buf), "{%s} ", lbs->name);
data/elog-3.1.3-1/src/elogd.c:5931:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(p, "<img border=\"0\" src=\"cid:att%d@%s\">", index, domain);
data/elog-3.1.3-1/src/elogd.c:5983:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(result, "<a href=\"%s%s\">elog:%s</a>", base_url, link, link_text);
data/elog-3.1.3-1/src/elogd.c:5989:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(result, "<a href=\"%s%s/%d%s\">elog:%s</a>", base_url, lbs->name_enc, message_id, link,
data/elog-3.1.3-1/src/elogd.c:5996:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(result, "<a href=\"%s%s\">elog:%s</a>", base_url, link, link_text);
data/elog-3.1.3-1/src/elogd.c:6010:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(return_buffer + strlen_retbuf, str);
data/elog-3.1.3-1/src/elogd.c:6103:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(return_buffer + j, "<a href=\"mailto:%s\">%s</a>", link, link_text);
data/elog-3.1.3-1/src/elogd.c:6105:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(return_buffer + j, "<a href=\"%s", key_list[l]);
data/elog-3.1.3-1/src/elogd.c:6113:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(return_buffer + j, "\">%s", key_list[l]);
data/elog-3.1.3-1/src/elogd.c:6417:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(return_buffer + j, "<a href=\"%s%s\">elog:%s</a>", base_url, link, link_text);
data/elog-3.1.3-1/src/elogd.c:6423:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(return_buffer + j, "<a href=\"%s%s/%d%s\">elog:%s</a>", base_url, lbs->name_enc,
data/elog-3.1.3-1/src/elogd.c:6430:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(return_buffer + j, "<a href=\"%s%s\">elog:%s</a>", base_url, link, link_text);
data/elog-3.1.3-1/src/elogd.c:6433:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(return_buffer + j, "<a href=\"mailto:%s\">%s</a>", link, link_text);
data/elog-3.1.3-1/src/elogd.c:6435:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(return_buffer + j, "<a href=\"%s", key_list[l]);
data/elog-3.1.3-1/src/elogd.c:6443:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(return_buffer + j, "\">%s", key_list[l]);
data/elog-3.1.3-1/src/elogd.c:6517:22: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(value, loc("%s wrote"), attrib);
data/elog-3.1.3-1/src/elogd.c:6519:25: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(return_buffer + j, email_quote_table, value);
data/elog-3.1.3-1/src/elogd.c:6521:25: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(return_buffer + j, pattern_list[l].subst, value);
data/elog-3.1.3-1/src/elogd.c:6525:25: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(return_buffer + j, email_quote_table, loc("Quote"));
data/elog-3.1.3-1/src/elogd.c:6527:25: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(return_buffer + j, pattern_list[l].subst, loc("Quote"));
data/elog-3.1.3-1/src/elogd.c:6553:28: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(hattrib, "../%s", attrib + 5);
data/elog-3.1.3-1/src/elogd.c:6555:28: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(hattrib, "%d%s", _current_message_id, attrib + 5);
data/elog-3.1.3-1/src/elogd.c:6557:28: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(hattrib, "%s", attrib + 5);
data/elog-3.1.3-1/src/elogd.c:6561:28: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(hattrib, "https://%s", attrib);
data/elog-3.1.3-1/src/elogd.c:6563:28: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(hattrib, "http://%s", attrib);
data/elog-3.1.3-1/src/elogd.c:6571:22: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(return_buffer + j, subst, hattrib, value);
data/elog-3.1.3-1/src/elogd.c:6586:28: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(hattrib, "cid:att%d@%s", m, domain);
data/elog-3.1.3-1/src/elogd.c:6598:34: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(hattrib + strlen(hattrib), "%d%s", _current_message_id, attrib + 5);
data/elog-3.1.3-1/src/elogd.c:6611:28: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(hattrib, "https://%s", attrib);
data/elog-3.1.3-1/src/elogd.c:6613:28: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(hattrib, "http://%s", attrib);
data/elog-3.1.3-1/src/elogd.c:6620:22: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(return_buffer + j, subst, attrib);
data/elog-3.1.3-1/src/elogd.c:6630:19: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(return_buffer + j, pattern_list[l].subst, attrib);
data/elog-3.1.3-1/src/elogd.c:6639:19: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(return_buffer + j, pattern_list[l].subst, attrib);
data/elog-3.1.3-1/src/elogd.c:6650:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(return_buffer + j, subst);
data/elog-3.1.3-1/src/elogd.c:6657:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(link, pattern_list[l].subst);
data/elog-3.1.3-1/src/elogd.c:6659:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmp, link);
data/elog-3.1.3-1/src/elogd.c:6664:25: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(link, tmp, base_url);
data/elog-3.1.3-1/src/elogd.c:6667:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(return_buffer + j, link);
data/elog-3.1.3-1/src/elogd.c:6671:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(return_buffer + j, pattern_list[l].pattern);
data/elog-3.1.3-1/src/elogd.c:6679:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(link, pattern_list[l].subst);
data/elog-3.1.3-1/src/elogd.c:6681:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmp, link);
data/elog-3.1.3-1/src/elogd.c:6686:22: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(link, tmp, base_url);
data/elog-3.1.3-1/src/elogd.c:6689:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(return_buffer + j, link);
data/elog-3.1.3-1/src/elogd.c:6700:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(link, pattern_list[l].subst);
data/elog-3.1.3-1/src/elogd.c:6702:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmp, link);
data/elog-3.1.3-1/src/elogd.c:6707:19: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(link, tmp, base_url);
data/elog-3.1.3-1/src/elogd.c:6710:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(return_buffer + j, link);
data/elog-3.1.3-1/src/elogd.c:6794:4: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(str, (char *) format, argptr);
data/elog-3.1.3-1/src/elogd.c:6803:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(return_buffer + strlen_retbuf, str);
data/elog-3.1.3-1/src/elogd.c:6879:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str,
data/elog-3.1.3-1/src/elogd.c:6926:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(param, _param[n]);
data/elog-3.1.3-1/src/elogd.c:6927:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(value, _value[n]);
data/elog-3.1.3-1/src/elogd.c:6986:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str2, p);
data/elog-3.1.3-1/src/elogd.c:6987:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, str2);
data/elog-3.1.3-1/src/elogd.c:7012:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str2, ph);
data/elog-3.1.3-1/src/elogd.c:7013:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, str2);
data/elog-3.1.3-1/src/elogd.c:7042:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(base_url + strlen(base_url), "%s/", host_name);
data/elog-3.1.3-1/src/elogd.c:7044:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(base_url + strlen(base_url), "%s:%d/", host_name, elog_tcp_port);
data/elog-3.1.3-1/src/elogd.c:7134:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(group, "Group %s", p);
data/elog-3.1.3-1/src/elogd.c:7139:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(group, "Top group %s", p);
data/elog-3.1.3-1/src/elogd.c:7146:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "https://%s", http_host);
data/elog-3.1.3-1/src/elogd.c:7148:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "http://%s", http_host);
data/elog-3.1.3-1/src/elogd.c:7247:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "../%s/", lbs->name_enc);
data/elog-3.1.3-1/src/elogd.c:7265:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lb_name, lbs->name);
data/elog-3.1.3-1/src/elogd.c:7445:13: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Attribute \"%s\" is not allowed in config file"), attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:7456:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Options %s", attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:7460:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "MOptions %s", attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:7466:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "ROptions %s", attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:7472:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "IOptions %s", attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:7478:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str2, "Sort Attribute Options %s", attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:7530:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Type %s", attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:8154:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, logbook);
data/elog-3.1.3-1/src/elogd.c:8209:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file_name, str);
data/elog-3.1.3-1/src/elogd.c:8248:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file_name, str);
data/elog-3.1.3-1/src/elogd.c:8298:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file_name, str);
data/elog-3.1.3-1/src/elogd.c:8421:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lb_name, lbs->name);
data/elog-3.1.3-1/src/elogd.c:8427:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(exp, str);
data/elog-3.1.3-1/src/elogd.c:8528:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(charset, DEFAULT_HTTP_CHARSET);
data/elog-3.1.3-1/src/elogd.c:8749:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(list[i], attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:8757:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Date format %s", attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:8760:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(format, DEFAULT_DATE_FORMAT);
data/elog-3.1.3-1/src/elogd.c:8770:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Time format %s", attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:8773:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(format, DEFAULT_TIME_FORMAT);
data/elog-3.1.3-1/src/elogd.c:8778:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(value[i], attrib[i]);
data/elog-3.1.3-1/src/elogd.c:8802:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(full_name, loc("Anonymous"));
data/elog-3.1.3-1/src/elogd.c:8833:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(format, DEFAULT_TIME_FORMAT);
data/elog-3.1.3-1/src/elogd.c:8838:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(value[i++], str);
data/elog-3.1.3-1/src/elogd.c:8846:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(format, DEFAULT_TIME_FORMAT);
data/elog-3.1.3-1/src/elogd.c:8851:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(value[i++], str);
data/elog-3.1.3-1/src/elogd.c:8855:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(value[i++], VERSION);
data/elog-3.1.3-1/src/elogd.c:8858:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(value[i++], "%s", git_revision());
data/elog-3.1.3-1/src/elogd.c:8884:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(format, DEFAULT_TIME_FORMAT);
data/elog-3.1.3-1/src/elogd.c:8996:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "?cmd=%s&cfg_user=%s", loc("Config"), config);
data/elog-3.1.3-1/src/elogd.c:8998:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "?cmd=%s", loc("Config"));
data/elog-3.1.3-1/src/elogd.c:9006:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "?cmd=%s&config=%s&fail=%s", loc("Change password"), getparam("unm"), error_str);
data/elog-3.1.3-1/src/elogd.c:9008:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "?cmd=%s&config=%s&fail=%d", loc("Change password"), getparam("unm"), wrong_pwd);
data/elog-3.1.3-1/src/elogd.c:9148:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Preset %s", attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:9152:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(owner, attrib[i]);
data/elog-3.1.3-1/src/elogd.c:9165:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Preset %s", attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:9169:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(owner, attrib[i]);
data/elog-3.1.3-1/src/elogd.c:9191:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Preset %s", attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:9194:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(author, attrib[i]);
data/elog-3.1.3-1/src/elogd.c:9202:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Preset %s", attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:9205:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(author, attrib[i]);
data/elog-3.1.3-1/src/elogd.c:9353:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ua, attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:9359:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s_%d", ua, j);
data/elog-3.1.3-1/src/elogd.c:9498:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(attrib[i], "- %s -", loc("keep original values"));
data/elog-3.1.3-1/src/elogd.c:9550:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(title, "%s", loc("Pending draft available"));
data/elog-3.1.3-1/src/elogd.c:9552:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(title, loc("%d pending drafts available"), n_draft);
data/elog-3.1.3-1/src/elogd.c:9566:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Draft entry created on %s by %s"), datetime, draft);
data/elog-3.1.3-1/src/elogd.c:9636:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file_name, str);
data/elog-3.1.3-1/src/elogd.c:9649:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file_name, str);
data/elog-3.1.3-1/src/elogd.c:9727:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(text, "%s %s", loc("Entry is currently edited by"), locked_by);
data/elog-3.1.3-1/src/elogd.c:9728:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "?cmd=%s&steal=1", loc("Edit"));
data/elog-3.1.3-1/src/elogd.c:9769:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Preset %s", attr_list[index]);
data/elog-3.1.3-1/src/elogd.c:9779:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(preset, str);
data/elog-3.1.3-1/src/elogd.c:9786:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(attrib[index], preset);
data/elog-3.1.3-1/src/elogd.c:9790:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Preset on first reply %s", attr_list[index]);
data/elog-3.1.3-1/src/elogd.c:9799:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(preset, str);
data/elog-3.1.3-1/src/elogd.c:9806:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(attrib[index], preset);
data/elog-3.1.3-1/src/elogd.c:9811:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Preset on reply %s", attr_list[index]);
data/elog-3.1.3-1/src/elogd.c:9820:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(preset, str);
data/elog-3.1.3-1/src/elogd.c:9827:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(attrib[index], preset);
data/elog-3.1.3-1/src/elogd.c:9831:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Preset on edit %s", attr_list[index]);
data/elog-3.1.3-1/src/elogd.c:9840:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(preset, str);
data/elog-3.1.3-1/src/elogd.c:9847:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(attrib[index], preset);
data/elog-3.1.3-1/src/elogd.c:9851:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Preset on duplicate %s", attr_list[index]);
data/elog-3.1.3-1/src/elogd.c:9860:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(preset, str);
data/elog-3.1.3-1/src/elogd.c:9867:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(attrib[index], preset);
data/elog-3.1.3-1/src/elogd.c:9872:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "p%s", attr_list[index]);
data/elog-3.1.3-1/src/elogd.c:9890:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Preset %s", attr_list[index]);
data/elog-3.1.3-1/src/elogd.c:9900:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(preset, str);
data/elog-3.1.3-1/src/elogd.c:9907:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(attrib[index], preset);
data/elog-3.1.3-1/src/elogd.c:9911:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Preset on reply %s", attr_list[index]);
data/elog-3.1.3-1/src/elogd.c:9920:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(preset, str);
data/elog-3.1.3-1/src/elogd.c:9927:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(attrib[index], preset);
data/elog-3.1.3-1/src/elogd.c:9931:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Preset on duplicate %s", attr_list[index]);
data/elog-3.1.3-1/src/elogd.c:9940:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(preset, str);
data/elog-3.1.3-1/src/elogd.c:9947:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(attrib[index], preset);
data/elog-3.1.3-1/src/elogd.c:9966:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Maximum number of replies (%d) exceeded"), MAX_REPLY_TO);
data/elog-3.1.3-1/src/elogd.c:9986:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Only user <b>%s</b> can edit this entry"), str2);
data/elog-3.1.3-1/src/elogd.c:10000:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Entry can only be edited %1.2lg hours after creation"), atof(str));
data/elog-3.1.3-1/src/elogd.c:10016:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(str, loc("on"));
data/elog-3.1.3-1/src/elogd.c:10018:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(str, rem_host);
data/elog-3.1.3-1/src/elogd.c:10042:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(page_title, "ELOG %s", lbs->name);
data/elog-3.1.3-1/src/elogd.c:10078:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ua, attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:10086:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s_%d", ua, j);
data/elog-3.1.3-1/src/elogd.c:10092:13: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Please select at least one '%s'"), attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:10105:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s_%d", ua, j);
data/elog-3.1.3-1/src/elogd.c:10111:13: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Please select at least one '%s'"), attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:10121:13: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Please select a '%s'"), attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:10129:13: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Please enter month for attribute '%s'"), attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:10135:13: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Please enter day for attribute '%s'"), attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:10141:13: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Please enter year for attribute '%s'"), attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:10149:16: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Please enter hour for attribute '%s'"), attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:10155:16: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Please enter minute for attribute '%s'"), attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:10161:16: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Please enter second for attribute '%s'"), attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:10170:13: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Please enter attribute '%s'"), attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:10184:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ua, attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:10196:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Please enter numeric value for '%s'"), attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:10213:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Please enter numeric value for year of attribute '%s'"), attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:10619:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(format, DEFAULT_TIME_FORMAT);
data/elog-3.1.3-1/src/elogd.c:10627:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(format, DEFAULT_TIME_FORMAT);
data/elog-3.1.3-1/src/elogd.c:10629:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(date, ctime(&now));
data/elog-3.1.3-1/src/elogd.c:10646:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Format %s", attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:10685:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ua, attr_list[index]);
data/elog-3.1.3-1/src/elogd.c:10688:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Format %s", attr_list[index]);
data/elog-3.1.3-1/src/elogd.c:10712:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(star, (attr_flags[index] & AF_REQUIRED) ? "<font color=red>*</font>" : "");
data/elog-3.1.3-1/src/elogd.c:10715:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Tooltip %s", attr_list[index]);
data/elog-3.1.3-1/src/elogd.c:10718:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(title, " title=\"%s\"", comment);
data/elog-3.1.3-1/src/elogd.c:10726:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Comment %s", attr_list[index]);
data/elog-3.1.3-1/src/elogd.c:10739:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Date format %s", attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:10742:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(format, DEFAULT_DATE_FORMAT);
data/elog-3.1.3-1/src/elogd.c:10754:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Time format %s", attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:10757:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(format, DEFAULT_TIME_FORMAT);
data/elog-3.1.3-1/src/elogd.c:10776:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s_%d", ua, i);
data/elog-3.1.3-1/src/elogd.c:10788:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s_%d", ua, i);
data/elog-3.1.3-1/src/elogd.c:10800:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s_%d", ua, i);
data/elog-3.1.3-1/src/elogd.c:10807:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s_%d", ua, i);
data/elog-3.1.3-1/src/elogd.c:10873:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "- %s -", loc("keep original values"));
data/elog-3.1.3-1/src/elogd.c:10920:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s_%d", ua, i);
data/elog-3.1.3-1/src/elogd.c:10976:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s_%d", ua, i);
data/elog-3.1.3-1/src/elogd.c:11016:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "- %s -", loc("keep original values"));
data/elog-3.1.3-1/src/elogd.c:11054:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "- %s -", loc("keep original values"));
data/elog-3.1.3-1/src/elogd.c:11057:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s_0", ua);
data/elog-3.1.3-1/src/elogd.c:11064:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s_1", ua);
data/elog-3.1.3-1/src/elogd.c:11071:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s_2", ua);
data/elog-3.1.3-1/src/elogd.c:11116:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "- %s -", loc("keep original values"));
data/elog-3.1.3-1/src/elogd.c:11119:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s_keep", ua);
data/elog-3.1.3-1/src/elogd.c:11132:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Tooltip %s", attr_options[index][i]);
data/elog-3.1.3-1/src/elogd.c:11135:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tooltip, " title=\"%s\"", comment);
data/elog-3.1.3-1/src/elogd.c:11137:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Tooltip %s %s", attr_list[index], attr_options[index][i]);
data/elog-3.1.3-1/src/elogd.c:11140:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tooltip, " title=\"%s\"", comment);
data/elog-3.1.3-1/src/elogd.c:11142:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s_%d", ua, i);
data/elog-3.1.3-1/src/elogd.c:11169:22: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Add %s"), attr_list[index]);
data/elog-3.1.3-1/src/elogd.c:11183:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Tooltip %s", attr_options[index][i]);
data/elog-3.1.3-1/src/elogd.c:11186:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tooltip, " title=\"%s\"", comment);
data/elog-3.1.3-1/src/elogd.c:11213:22: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Add %s"), attr_list[index]);
data/elog-3.1.3-1/src/elogd.c:11235:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Icon comment %s", attr_options[index][i]);
data/elog-3.1.3-1/src/elogd.c:11266:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "- %s -", loc("keep original values"));
data/elog-3.1.3-1/src/elogd.c:11294:22: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Add %s"), attr_list[index]);
data/elog-3.1.3-1/src/elogd.c:11703:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file_name, str);
data/elog-3.1.3-1/src/elogd.c:11933:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "im('att'+'%d','%s','%s','smaller');", index, thumb_name, att[index]);
data/elog-3.1.3-1/src/elogd.c:11935:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "im('att'+'%d','%s','%s','original');", index, thumb_name, att[index]);
data/elog-3.1.3-1/src/elogd.c:11937:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "im('att'+'%d','%s','%s','larger');", index, thumb_name, att[index]);
data/elog-3.1.3-1/src/elogd.c:11940:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "im('att'+'%d','%s','%s','rotleft');", index, thumb_name, att[index]);
data/elog-3.1.3-1/src/elogd.c:11942:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "im('att'+'%d','%s','%s','rotright');", index, thumb_name, att[index]);
data/elog-3.1.3-1/src/elogd.c:11953:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s -format '%%wx%%h' '%s[0]'", _identify_cmd, file_name);
data/elog-3.1.3-1/src/elogd.c:11955:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s -format '%%wx%%h' '%s'", _identify_cmd, file_name);
data/elog-3.1.3-1/src/elogd.c:11988:28: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ref, "%s/%s?thumb=1", str, file_enc);
data/elog-3.1.3-1/src/elogd.c:12005:34: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ref, "%s/%s?thumb=1", str, file_enc);
data/elog-3.1.3-1/src/elogd.c:12017:28: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file_enc, att[index] + 14);
data/elog-3.1.3-1/src/elogd.c:12019:28: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ref, "%s/%s", str, file_enc);
data/elog-3.1.3-1/src/elogd.c:12296:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(str, loc("regular expressions"));
data/elog-3.1.3-1/src/elogd.c:12422:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s_%d", attr_list[i], j);
data/elog-3.1.3-1/src/elogd.c:12437:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s_%d", attr_list[i], j);
data/elog-3.1.3-1/src/elogd.c:12458:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s_0", attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:12467:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s_1", attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:12476:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s_2", attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:12489:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(option, attr_options[i][j]);
data/elog-3.1.3-1/src/elogd.c:12493:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Icon comment %s", option);
data/elog-3.1.3-1/src/elogd.c:12497:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(comment, option);
data/elog-3.1.3-1/src/elogd.c:12508:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s_%d", attr_list[i], j);
data/elog-3.1.3-1/src/elogd.c:12535:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(whole_attr, "^%s$", str);
data/elog-3.1.3-1/src/elogd.c:12630:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(error, "Cannot read configuration file \"%s\": %s", config_file, strerror(errno));
data/elog-3.1.3-1/src/elogd.c:12679:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "ELOG %s", loc("Admin"));
data/elog-3.1.3-1/src/elogd.c:12699:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "global %s", lbs->top_group);
data/elog-3.1.3-1/src/elogd.c:12702:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(grp, "[global %s]", lbs->top_group);
data/elog-3.1.3-1/src/elogd.c:12703:16: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Change %s"), grp);
data/elog-3.1.3-1/src/elogd.c:12712:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Change %s"), "[global]");
data/elog-3.1.3-1/src/elogd.c:12723:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "[global %s]", top_group);
data/elog-3.1.3-1/src/elogd.c:12747:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(section, "global %s", top_group);
data/elog-3.1.3-1/src/elogd.c:12749:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(section, lbs->name);
data/elog-3.1.3-1/src/elogd.c:12862:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(error, loc("Cannot open file <b>%s</b>"), config_file);
data/elog-3.1.3-1/src/elogd.c:12864:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(error, strerror(errno));
data/elog-3.1.3-1/src/elogd.c:12886:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(p1, "[%s]\r\n", section);
data/elog-3.1.3-1/src/elogd.c:12887:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p1, buffer);
data/elog-3.1.3-1/src/elogd.c:12900:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(error, loc("Cannot write to <b>%s</b>"), config_file);
data/elog-3.1.3-1/src/elogd.c:12902:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(error, strerror(errno));
data/elog-3.1.3-1/src/elogd.c:12929:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Cannot open file <b>%s</b>"), config_file);
data/elog-3.1.3-1/src/elogd.c:12931:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(str, strerror(errno));
data/elog-3.1.3-1/src/elogd.c:12978:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(list[i], new_value);
data/elog-3.1.3-1/src/elogd.c:12982:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(list[j], list[j + 1]);
data/elog-3.1.3-1/src/elogd.c:12990:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(list[n++], new_value);
data/elog-3.1.3-1/src/elogd.c:12995:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p2, list[i]);
data/elog-3.1.3-1/src/elogd.c:13012:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Cannot write to <b>%s</b>"), config_file);
data/elog-3.1.3-1/src/elogd.c:13014:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(str, strerror(errno));
data/elog-3.1.3-1/src/elogd.c:13043:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(error, loc("Cannot open file <b>%s</b>"), config_file);
data/elog-3.1.3-1/src/elogd.c:13045:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(error, strerror(errno));
data/elog-3.1.3-1/src/elogd.c:13072:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(error, loc("Cannot write to <b>%s</b>"), config_file);
data/elog-3.1.3-1/src/elogd.c:13074:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(error, strerror(errno));
data/elog-3.1.3-1/src/elogd.c:13102:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Cannot open file <b>%s</b>"), config_file);
data/elog-3.1.3-1/src/elogd.c:13104:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(str, strerror(errno));
data/elog-3.1.3-1/src/elogd.c:13115:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(old_dir, "%s%s", lb_dir, lbs->name);
data/elog-3.1.3-1/src/elogd.c:13116:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(new_dir, "%s%s", lb_dir, new_name);
data/elog-3.1.3-1/src/elogd.c:13146:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(p1, "[%s]", new_name);
data/elog-3.1.3-1/src/elogd.c:13156:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Cannot write to <b>%s</b>"), config_file);
data/elog-3.1.3-1/src/elogd.c:13158:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(str, strerror(errno));
data/elog-3.1.3-1/src/elogd.c:13186:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Cannot open file <b>%s</b>"), config_file);
data/elog-3.1.3-1/src/elogd.c:13188:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(str, strerror(errno));
data/elog-3.1.3-1/src/elogd.c:13236:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p2, logbook);
data/elog-3.1.3-1/src/elogd.c:13249:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Cannot write to <b>%s</b>"), config_file);
data/elog-3.1.3-1/src/elogd.c:13251:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(str, strerror(errno));
data/elog-3.1.3-1/src/elogd.c:13281:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(error, loc("Cannot open file <b>%s</b>"), config_file);
data/elog-3.1.3-1/src/elogd.c:13283:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(error, strerror(errno));
data/elog-3.1.3-1/src/elogd.c:13293:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(error, loc("Cannot write to <b>%s</b>"), config_file);
data/elog-3.1.3-1/src/elogd.c:13295:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(error, strerror(errno));
data/elog-3.1.3-1/src/elogd.c:13331:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Please enter \"%s\""), loc("Login name"));
data/elog-3.1.3-1/src/elogd.c:13338:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Please enter \"%s\""), loc("Full name"));
data/elog-3.1.3-1/src/elogd.c:13397:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s \"%s\" %s", loc("Login name"), user_enc, loc("exists already"));
data/elog-3.1.3-1/src/elogd.c:13422:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "/list/user[name=%s]", user_enc);
data/elog-3.1.3-1/src/elogd.c:13505:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(url, referer);
data/elog-3.1.3-1/src/elogd.c:13509:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(url, "https://%s/", http_host);
data/elog-3.1.3-1/src/elogd.c:13511:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(url, "http://%s/", http_host);
data/elog-3.1.3-1/src/elogd.c:13514:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(url, "https://%s:%d/", http_host, elog_tcp_port);
data/elog-3.1.3-1/src/elogd.c:13516:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(url, "http://%s:%d/", http_host, elog_tcp_port);
data/elog-3.1.3-1/src/elogd.c:13537:13: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(subject, loc("Account activation for ELOG logbook \"%s\""), lbs->name);
data/elog-3.1.3-1/src/elogd.c:13539:13: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(subject, loc("Account activation for ELOG on host \"%s\""), host_name);
data/elog-3.1.3-1/src/elogd.c:13551:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mail_text + strlen(mail_text), "\r\n%s:\r\n\r\n",
data/elog-3.1.3-1/src/elogd.c:13555:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mail_text + strlen(mail_text), "%s : %s\r\n", loc("Logbook"), lbs->name);
data/elog-3.1.3-1/src/elogd.c:13557:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mail_text + strlen(mail_text), "%s : %s\r\n", loc("Host"), host_name);
data/elog-3.1.3-1/src/elogd.c:13560:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mail_text + strlen(mail_text), "%s : %s\r\n", loc("Login name"),
data/elog-3.1.3-1/src/elogd.c:13563:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mail_text + strlen(mail_text), "%s : %s\r\n", loc("Full name"),
data/elog-3.1.3-1/src/elogd.c:13566:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mail_text + strlen(mail_text), "%s : %s\r\n", loc("Email"),
data/elog-3.1.3-1/src/elogd.c:13569:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mail_text + strlen(mail_text), "\r\n%s:\r\n", loc("Activation URL"));
data/elog-3.1.3-1/src/elogd.c:13571:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mail_text + strlen(mail_text), "\r\nURL : %s", url);
data/elog-3.1.3-1/src/elogd.c:13574:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mail_text + strlen(mail_text), "?cmd=%s", loc("Activate"));
data/elog-3.1.3-1/src/elogd.c:13576:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mail_text + strlen(mail_text), "&code=%d&unm=%s\r\n", code, getparam("new_user_name"));
data/elog-3.1.3-1/src/elogd.c:13579:13: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Cannot send email notification to \"%s\""), getparam("new_user_email"));
data/elog-3.1.3-1/src/elogd.c:13610:25: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(subject, loc("Registration request for ELOG logbook \"%s\""), lbs->name);
data/elog-3.1.3-1/src/elogd.c:13612:25: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(subject, loc("Registration request for ELOG on host \"%s\""), host_name);
data/elog-3.1.3-1/src/elogd.c:13613:22: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("A new ELOG user wants to register on \"%s\""), host_name);
data/elog-3.1.3-1/src/elogd.c:13617:28: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(subject, loc("User \"%s\" registered on logbook \"%s\""),
data/elog-3.1.3-1/src/elogd.c:13620:28: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(subject, loc("User \"%s\" registered on host \"%s\""),
data/elog-3.1.3-1/src/elogd.c:13624:22: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("A new ELOG user has been registered on %s"), host_name);
data/elog-3.1.3-1/src/elogd.c:13630:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mail_text + strlen(mail_text), "\r\n%s:\r\n\r\n", str);
data/elog-3.1.3-1/src/elogd.c:13633:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mail_text + strlen(mail_text), "%s : %s\r\n", loc("Logbook"),
data/elog-3.1.3-1/src/elogd.c:13636:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mail_text + strlen(mail_text), "%s : %s\r\n", loc("Host"),
data/elog-3.1.3-1/src/elogd.c:13640:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mail_text + strlen(mail_text), "%s : %s\r\n", loc("Login name"),
data/elog-3.1.3-1/src/elogd.c:13643:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mail_text + strlen(mail_text), "%s : %s\r\n", loc("Full name"),
data/elog-3.1.3-1/src/elogd.c:13646:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mail_text + strlen(mail_text), "%s : %s\r\n", loc("Email"),
data/elog-3.1.3-1/src/elogd.c:13650:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mail_text + strlen(mail_text), "\r\n%s:\r\n",
data/elog-3.1.3-1/src/elogd.c:13653:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mail_text + strlen(mail_text), "\r\nURL : %s", url);
data/elog-3.1.3-1/src/elogd.c:13656:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mail_text + strlen(mail_text), "?cmd=%s&new_user_name=%s",
data/elog-3.1.3-1/src/elogd.c:13659:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mail_text + strlen(mail_text), "&code=%d&unm=%s\r\n", code, pl);
data/elog-3.1.3-1/src/elogd.c:13662:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mail_text + strlen(mail_text),
data/elog-3.1.3-1/src/elogd.c:13668:22: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Cannot send email notification to \"%s\""),
data/elog-3.1.3-1/src/elogd.c:13686:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "?cmd=%s", loc("Requested"));
data/elog-3.1.3-1/src/elogd.c:13702:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "../%s/", lbs->name_enc);
data/elog-3.1.3-1/src/elogd.c:13706:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str + strlen(str), "?cmd=%s&cfg_user=", loc("Config"));
data/elog-3.1.3-1/src/elogd.c:13709:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str + strlen(str), "?cmd=%s&cfg_user=", loc("Config"));
data/elog-3.1.3-1/src/elogd.c:13712:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str + strlen(str), "?cmd=%s", loc("Config"));
data/elog-3.1.3-1/src/elogd.c:13737:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "/list/user[name=%s]", user);
data/elog-3.1.3-1/src/elogd.c:13740:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("User \"%s\" not found in password file"), user);
data/elog-3.1.3-1/src/elogd.c:13750:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Cannot write to file <b>%s</b>"), file_name);
data/elog-3.1.3-1/src/elogd.c:13752:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(str, strerror(errno));
data/elog-3.1.3-1/src/elogd.c:13784:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(logbook, lbs->name);
data/elog-3.1.3-1/src/elogd.c:13789:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(user, isparam("unm") ? getparam("unm") : "");
data/elog-3.1.3-1/src/elogd.c:13791:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(user, getparam("cfg_user"));
data/elog-3.1.3-1/src/elogd.c:13809:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Really remove user \\\"%s\\\"?"), user);
data/elog-3.1.3-1/src/elogd.c:13924:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("User [%s] has been deleted"), user);
data/elog-3.1.3-1/src/elogd.c:14089:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(url, referer);
data/elog-3.1.3-1/src/elogd.c:14093:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(url, "https://%s/", http_host);
data/elog-3.1.3-1/src/elogd.c:14095:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(url, "http://%s/", http_host);
data/elog-3.1.3-1/src/elogd.c:14098:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(url, "https://%s:%d/", http_host, elog_tcp_port);
data/elog-3.1.3-1/src/elogd.c:14100:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(url, "http://%s:%d/", http_host, elog_tcp_port);
data/elog-3.1.3-1/src/elogd.c:14124:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mail_text + strlen(mail_text), " %s", http_host);
data/elog-3.1.3-1/src/elogd.c:14126:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(url + strlen(url), "?unm=%s", user_name);
data/elog-3.1.3-1/src/elogd.c:14127:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mail_text + strlen(mail_text), "%s %s.\r\n\r\n", loc("You can access it at"), url);
data/elog-3.1.3-1/src/elogd.c:14128:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mail_text + strlen(mail_text), "%s.\r\n",
data/elog-3.1.3-1/src/elogd.c:14132:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Cannot send email notification to \"%s\""), user_email);
data/elog-3.1.3-1/src/elogd.c:14156:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, getparam("login_name"));
data/elog-3.1.3-1/src/elogd.c:14166:16: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("No Email address registered with user name <i>\"%s\"</i>"), name);
data/elog-3.1.3-1/src/elogd.c:14186:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(url, referer);
data/elog-3.1.3-1/src/elogd.c:14190:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(url, "https://%s/", http_host);
data/elog-3.1.3-1/src/elogd.c:14192:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(url, "http://%s/", http_host);
data/elog-3.1.3-1/src/elogd.c:14195:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(url, "https://%s:%d/", http_host, elog_tcp_port);
data/elog-3.1.3-1/src/elogd.c:14197:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(url, "http://%s:%d/", http_host, elog_tcp_port);
data/elog-3.1.3-1/src/elogd.c:14210:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(redir, "?cmd=%s&oldpwd=%s", loc("Change password"), pwd);
data/elog-3.1.3-1/src/elogd.c:14214:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "?redir=%s&uname=%s&upassword=%s", str2, login_name, pwd);
data/elog-3.1.3-1/src/elogd.c:14220:16: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(subject, loc("Password recovery for ELOG %s"), lbs->name);
data/elog-3.1.3-1/src/elogd.c:14222:16: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(subject, loc("Password recovery for ELOG %s"), http_host);
data/elog-3.1.3-1/src/elogd.c:14229:13: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(mail_text + strlen(mail_text),
data/elog-3.1.3-1/src/elogd.c:14237:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mail_text + strlen(mail_text), "ELOG Version %s\r\n", VERSION);
data/elog-3.1.3-1/src/elogd.c:14259:16: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Error sending Email via <i>\"%s\"</i>"), smtp_host);
data/elog-3.1.3-1/src/elogd.c:14269:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Email address \"%s\" not registered"), name);
data/elog-3.1.3-1/src/elogd.c:14271:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("User name \"%s\" not registered"), name);
data/elog-3.1.3-1/src/elogd.c:14385:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Entry can only be deleted %1.2lg hours after creation"), atof(str));
data/elog-3.1.3-1/src/elogd.c:14413:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s = %d", loc("Error deleting message: status"), status);
data/elog-3.1.3-1/src/elogd.c:14467:13: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Only user <b>%s</b> can delete this entry"), str2);
data/elog-3.1.3-1/src/elogd.c:14590:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Are you sure to delete logbook \"%s\"?"), lbs->name);
data/elog-3.1.3-1/src/elogd.c:14614:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lbn, getparam("lbname"));
data/elog-3.1.3-1/src/elogd.c:14617:13: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Logbook \"%s\" exists already, please choose different name"), lbn);
data/elog-3.1.3-1/src/elogd.c:14625:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "../%s/?cmd=Config", getparam("lbname"));
data/elog-3.1.3-1/src/elogd.c:14631:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, loc("Rename logbook"));
data/elog-3.1.3-1/src/elogd.c:14664:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lbn, getparam("lbname"));
data/elog-3.1.3-1/src/elogd.c:14667:13: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Logbook \"%s\" exists already, please choose different name"), lbn);
data/elog-3.1.3-1/src/elogd.c:14676:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lbn, getparam("lbname"));
data/elog-3.1.3-1/src/elogd.c:14678:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "../%s/?cmd=Config", lbn);
data/elog-3.1.3-1/src/elogd.c:14775:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name, "%s%s%s", lbs->data_dir, lbs->el_index[index].subdir, lbs->el_index[index].file_name);
data/elog-3.1.3-1/src/elogd.c:14934:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, loc("text"));
data/elog-3.1.3-1/src/elogd.c:14935:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str2, loc("Column header '%s' must be present in CSV file"), str);
data/elog-3.1.3-1/src/elogd.c:15049:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sep, getparam("sep"));
data/elog-3.1.3-1/src/elogd.c:15069:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sep, i > n ? ";" : ",");
data/elog-3.1.3-1/src/elogd.c:15077:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("CSV import preview of %s"), csvfile);
data/elog-3.1.3-1/src/elogd.c:15265:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, loc("Invalid date format"));
data/elog-3.1.3-1/src/elogd.c:15317:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("%d entries successfully imported"), n_imported);
data/elog-3.1.3-1/src/elogd.c:15346:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("XML file does not contain %s element"), "<ELOG_LIST>");
data/elog-3.1.3-1/src/elogd.c:15354:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("XML file does not contain %s element"), "<MID>");
data/elog-3.1.3-1/src/elogd.c:15360:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("XML file does not contain %s element"), "<DATE>");
data/elog-3.1.3-1/src/elogd.c:15366:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("XML file does not contain %s element"), "<ENCODING>");
data/elog-3.1.3-1/src/elogd.c:15374:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("XML import preview of %s"), xmlfile);
data/elog-3.1.3-1/src/elogd.c:15406:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, loc("Date"));
data/elog-3.1.3-1/src/elogd.c:15408:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, loc("Text"));
data/elog-3.1.3-1/src/elogd.c:15613:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("%d entries successfully imported"), n_imported);
data/elog-3.1.3-1/src/elogd.c:15708:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(error_str, loc("Cannot connect to remote server \"%s\""), host);
data/elog-3.1.3-1/src/elogd.c:15725:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(error_str, loc("Incorrect remote ELOG server version %s"), str);
data/elog-3.1.3-1/src/elogd.c:15736:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(error_str, loc("Invalid user name \"%s\" or password for remote logbook"),
data/elog-3.1.3-1/src/elogd.c:15865:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(error_str, loc("Cannot read entry from local logbook"));
data/elog-3.1.3-1/src/elogd.c:15877:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(error_str, loc("Cannot connect to host %s, port %d"), remote_host_name, port);
data/elog-3.1.3-1/src/elogd.c:15911:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(content, boundary);
data/elog-3.1.3-1/src/elogd.c:15914:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(content + strlen(content),
data/elog-3.1.3-1/src/elogd.c:15918:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(content + strlen(content), "%s\r\nContent-Disposition: form-data; name=\"unm\"\r\n\r\n%s\r\n",
data/elog-3.1.3-1/src/elogd.c:15925:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(content + strlen(content), "%s\r\nContent-Disposition: form-data; name=\"upwd\"\r\n\r\n%s\r\n",
data/elog-3.1.3-1/src/elogd.c:15930:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(content + strlen(content),
data/elog-3.1.3-1/src/elogd.c:15935:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(content + strlen(content),
data/elog-3.1.3-1/src/elogd.c:15939:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(content + strlen(content), "%s\r\nContent-Disposition: form-data; name=\"%s\"\r\n\r\n%s\r\n",
data/elog-3.1.3-1/src/elogd.c:15942:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(content + strlen(content),
data/elog-3.1.3-1/src/elogd.c:15945:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(content + strlen(content),
data/elog-3.1.3-1/src/elogd.c:15948:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(content + strlen(content),
data/elog-3.1.3-1/src/elogd.c:15973:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(p, "Content-Disposition: form-data; name=\"attfile%d\"; filename=\"%s\"\r\n\r\n", i + 1,
data/elog-3.1.3-1/src/elogd.c:15981:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p, boundary);
data/elog-3.1.3-1/src/elogd.c:15996:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(request, subdir);
data/elog-3.1.3-1/src/elogd.c:16002:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(request + strlen(request), "Content-Type: multipart/form-data; boundary=%s\r\n", boundary);
data/elog-3.1.3-1/src/elogd.c:16003:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(request + strlen(request), "Host: %s\r\n", host_name);
data/elog-3.1.3-1/src/elogd.c:16008:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(request + strlen(request), "Cookie: wpwd=%s\r\n", getparam("wpwd"));
data/elog-3.1.3-1/src/elogd.c:16081:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(error_str, "Missing required attribute \"%s\"\n", str);
data/elog-3.1.3-1/src/elogd.c:16108:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str + strlen(str), "%d?cmd=%s", message_id, loc("Download"));
data/elog-3.1.3-1/src/elogd.c:16112:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(error_str, loc("Cannot receive \"%s\""), str);
data/elog-3.1.3-1/src/elogd.c:16120:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(error_str, loc("Cannot receive \"%s\""), str);
data/elog-3.1.3-1/src/elogd.c:16129:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(error_str, loc("Received wrong entry id \"%d\""), atoi(p + 8));
data/elog-3.1.3-1/src/elogd.c:16161:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(attachment[i], p2);
data/elog-3.1.3-1/src/elogd.c:16169:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(error_str, loc("Entry #%d is locked on remote server"), message_id);
data/elog-3.1.3-1/src/elogd.c:16208:16: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(error_str, loc("Cannot receive \"%s\""), str);
data/elog-3.1.3-1/src/elogd.c:16247:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(error_str, loc("Cannot connect to host %s, port %d"), remote_host_name, port);
data/elog-3.1.3-1/src/elogd.c:16263:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(content, boundary);
data/elog-3.1.3-1/src/elogd.c:16267:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(content + strlen(content), "%s\r\nContent-Disposition: form-data; name=\"unm\"\r\n\r\n%s\r\n",
data/elog-3.1.3-1/src/elogd.c:16274:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(content + strlen(content), "%s\r\nContent-Disposition: form-data; name=\"upwd\"\r\n\r\n%s\r\n",
data/elog-3.1.3-1/src/elogd.c:16278:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(content + strlen(content),
data/elog-3.1.3-1/src/elogd.c:16289:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(request, subdir);
data/elog-3.1.3-1/src/elogd.c:16295:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(request + strlen(request), "Content-Type: multipart/form-data; boundary=%s\r\n", boundary);
data/elog-3.1.3-1/src/elogd.c:16296:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(request + strlen(request), "Host: %s\r\n", host_name);
data/elog-3.1.3-1/src/elogd.c:16301:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(request + strlen(request), "Cookie: wpwd=%s\r\n", getparam("wpwd"));
data/elog-3.1.3-1/src/elogd.c:16360:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(error_str, "Missing required attribute \"%s\"\n", str);
data/elog-3.1.3-1/src/elogd.c:16384:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(error_str, "Cannot contact elogd server at http://%s", str);
data/elog-3.1.3-1/src/elogd.c:16406:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(error_str, "Incorrect remote ELOG server version %s, must be 2.5.4 or later", str);
data/elog-3.1.3-1/src/elogd.c:16418:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(error_str, "Received invalid response from elogd server at http%s://%s", ssl ? "s" : "",
data/elog-3.1.3-1/src/elogd.c:16438:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(error_str, "Received invalid response from elogd server at http%s://%s", ssl ? "s" : "",
data/elog-3.1.3-1/src/elogd.c:16450:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(error_str, loc("Cannot receive \"%s\""), str);
data/elog-3.1.3-1/src/elogd.c:16476:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Cannot open file <b>%s</b>"), config_file);
data/elog-3.1.3-1/src/elogd.c:16478:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(str, strerror(errno));
data/elog-3.1.3-1/src/elogd.c:16514:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(p1, "Mirror server = %s\r\n", url);
data/elog-3.1.3-1/src/elogd.c:16540:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Cannot write to <b>%s</b>"), config_file);
data/elog-3.1.3-1/src/elogd.c:16542:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(str, strerror(errno));
data/elog-3.1.3-1/src/elogd.c:16574:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(error_str, "Cannot contact elogd server at http://%s", str);
data/elog-3.1.3-1/src/elogd.c:16591:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(error_str, "Incorrect remote ELOG server version %s, must be 2.5.4 or later", str);
data/elog-3.1.3-1/src/elogd.c:16601:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(error_str, "Received invalid response from elogd server at http://%s", str);
data/elog-3.1.3-1/src/elogd.c:16610:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(error_str, "Received invalid response from elogd server at http://%s", str);
data/elog-3.1.3-1/src/elogd.c:16617:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(error_str, loc("Cannot receive \"%s\""), str);
data/elog-3.1.3-1/src/elogd.c:16653:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(error_str, loc("Cannot open file <b>%s</b>"), str);
data/elog-3.1.3-1/src/elogd.c:16655:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(error_str, strerror(errno));
data/elog-3.1.3-1/src/elogd.c:16665:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(error_str, loc("Cannot write to <b>%s</b>"), str);
data/elog-3.1.3-1/src/elogd.c:16667:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(error_str, strerror(errno));
data/elog-3.1.3-1/src/elogd.c:16814:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "MIRROR: %s", str);
data/elog-3.1.3-1/src/elogd.c:16844:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(loc_ref, "<a href=\"../%s/\">%s</a>", lbs->name_enc, lbs->name);
data/elog-3.1.3-1/src/elogd.c:16846:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(loc_ref, "<a href=\"%s/\">%s</a>", lbs->name_enc, lbs->name);
data/elog-3.1.3-1/src/elogd.c:16848:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(loc_ref, "<a href=\".\">%s</a>", lbs->name);
data/elog-3.1.3-1/src/elogd.c:16850:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Synchronizing logbook %s with server \"%s\""), loc_ref, list[index]);
data/elog-3.1.3-1/src/elogd.c:16995:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s. ", loc("Configuration has been changed locally and remotely"));
data/elog-3.1.3-1/src/elogd.c:16996:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(str, loc("Please merge manually to resolve conflict"));
data/elog-3.1.3-1/src/elogd.c:17007:13: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Logbook \"%s\" does not exist on remote server"), lbs->name);
data/elog-3.1.3-1/src/elogd.c:17031:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "ID%d:\t%s", message_id,
data/elog-3.1.3-1/src/elogd.c:17084:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s: %s", loc("Error sending local entry"), error_str);
data/elog-3.1.3-1/src/elogd.c:17086:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "ID%d:\t%s", message_id, loc("Local entry submitted"));
data/elog-3.1.3-1/src/elogd.c:17091:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "ID%d:\t%s", message_id, loc("Local entry should be submitted"));
data/elog-3.1.3-1/src/elogd.c:17124:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s: %s", loc("Error receiving message"), error_str);
data/elog-3.1.3-1/src/elogd.c:17133:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "ID%d:\t%s", message_id, loc("Remote entry received"));
data/elog-3.1.3-1/src/elogd.c:17141:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "ID%d:\t%s", message_id, loc("Remote entry should be received"));
data/elog-3.1.3-1/src/elogd.c:17168:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(loc_ref, "<a href=\"../%s/%d\">%s</a>", lbs->name_enc, message_id, loc("local"));
data/elog-3.1.3-1/src/elogd.c:17170:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(loc_ref, "<a href=\"%s/%d\">%s</a>", lbs->name_enc, message_id, loc("local"));
data/elog-3.1.3-1/src/elogd.c:17172:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(loc_ref, "<a href=\"%d\">%s</a>", message_id, loc("local"));
data/elog-3.1.3-1/src/elogd.c:17174:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(rem_ref, "<a href=\"http://%s%d\">%s</a>", str, message_id, loc("remote"));
data/elog-3.1.3-1/src/elogd.c:17176:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "ID%d:\t%s. ", message_id, loc("Entry has been changed locally and remotely"));
data/elog-3.1.3-1/src/elogd.c:17177:19: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str + strlen(str), loc("Please delete %s or %s entry to resolve conflict"),
data/elog-3.1.3-1/src/elogd.c:17221:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s: %s", loc("Error sending local message"), error_str);
data/elog-3.1.3-1/src/elogd.c:17223:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "ID%d:\t%s", message_id, loc("Local entry submitted"));
data/elog-3.1.3-1/src/elogd.c:17229:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "ID%d:\t%s", message_id, loc("Local entry should be submitted"));
data/elog-3.1.3-1/src/elogd.c:17243:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(loc_ref, "<a href=\"../%s/%d\">%s</a>", lbs->name_enc, message_id, loc("local"));
data/elog-3.1.3-1/src/elogd.c:17245:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(loc_ref, "<a href=\"%s/%d\">%s</a>", lbs->name_enc, message_id,
data/elog-3.1.3-1/src/elogd.c:17248:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(loc_ref, "<a href=\"%d\">%s</a>", message_id, loc("Local entry"));
data/elog-3.1.3-1/src/elogd.c:17250:19: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("%s should be deleted"), loc_ref);
data/elog-3.1.3-1/src/elogd.c:17257:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "ID%d:\t%s", message_id, loc("Entry should be deleted locally"));
data/elog-3.1.3-1/src/elogd.c:17268:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "ID%d:\t%s", message_id, loc("Entry deleted locally"));
data/elog-3.1.3-1/src/elogd.c:17284:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "ID%d:\t%s", message_id, loc("Entry deleted locally"));
data/elog-3.1.3-1/src/elogd.c:17290:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "ID%d:\t%s", message_id, loc("Entry should be deleted locally"));
data/elog-3.1.3-1/src/elogd.c:17316:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s: %s", loc("Error sending local entry"), error_str);
data/elog-3.1.3-1/src/elogd.c:17321:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "ID%d:\t%s", message_id, loc("Local entry submitted"));
data/elog-3.1.3-1/src/elogd.c:17324:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "ID%d:\t%s", message_id, loc("Local entry should be submitted"));
data/elog-3.1.3-1/src/elogd.c:17369:16: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str + strlen(str), loc("Changed local entry ID to %d"), max_id + 1);
data/elog-3.1.3-1/src/elogd.c:17376:16: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str + strlen(str), loc("Local entry ID should be changed to %d"), max_id + 1);
data/elog-3.1.3-1/src/elogd.c:17423:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Error receiving message: %s", error_str);
data/elog-3.1.3-1/src/elogd.c:17430:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "ID%d:\t%s", message_id, loc("Remote entry received"));
data/elog-3.1.3-1/src/elogd.c:17434:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "ID%d:\t%s", message_id, loc("Remote entry should be received"));
data/elog-3.1.3-1/src/elogd.c:17461:28: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Error receiving message: %s", error_str);
data/elog-3.1.3-1/src/elogd.c:17477:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "ID%d:\t%s", message_id, loc("Remote entry should be received"));
data/elog-3.1.3-1/src/elogd.c:17490:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(rem_ref, "<a href=\"http://%s%d\">%s</a>", str, message_id,
data/elog-3.1.3-1/src/elogd.c:17493:25: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("%s should be deleted"), rem_ref);
data/elog-3.1.3-1/src/elogd.c:17499:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "ID%d:\t%s", message_id, loc("Entry should be deleted remotely"));
data/elog-3.1.3-1/src/elogd.c:17509:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%d?cmd=%s&confirm=%s", message_id, loc("Delete"), loc("Yes"));
data/elog-3.1.3-1/src/elogd.c:17529:28: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "ID%d:\t%s", message_id, loc("Entry should be deleted remotely"));
data/elog-3.1.3-1/src/elogd.c:17679:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ref + strlen(ref), "../%s/%d", lbs->name_enc, message_id);
data/elog-3.1.3-1/src/elogd.c:17728:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Style %s \"\"", attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:17730:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Style %s %s", attr_list[i], attrib[i]);
data/elog-3.1.3-1/src/elogd.c:17732:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s\" style=\"%s", rowstyle, display);
data/elog-3.1.3-1/src/elogd.c:17743:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s %s", loc("Entry is currently edited by"), locked_by);
data/elog-3.1.3-1/src/elogd.c:17773:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(attr_icon, attrib[i]);
data/elog-3.1.3-1/src/elogd.c:17830:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ref, "../%s/%s/%s", lbs->name, str, attachment[i] + 14);
data/elog-3.1.3-1/src/elogd.c:17875:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s %s", loc("Entry is currently edited by"), locked_by);
data/elog-3.1.3-1/src/elogd.c:17937:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(format, DEFAULT_TIME_FORMAT);
data/elog-3.1.3-1/src/elogd.c:17963:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Cell Style %s %s", attr_list[i], attrib[i]);
data/elog-3.1.3-1/src/elogd.c:17965:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s\" style=\"%s", rowstyle, display);
data/elog-3.1.3-1/src/elogd.c:17994:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Date format %s", attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:17997:28: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(format, DEFAULT_DATE_FORMAT);
data/elog-3.1.3-1/src/elogd.c:18017:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Time format %s", attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:18020:28: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(format, DEFAULT_TIME_FORMAT);
data/elog-3.1.3-1/src/elogd.c:18035:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Icon comment %s", attrib[i]);
data/elog-3.1.3-1/src/elogd.c:18038:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(comment, attrib[i]);
data/elog-3.1.3-1/src/elogd.c:18068:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Date format %s", attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:18071:28: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(format, DEFAULT_DATE_FORMAT);
data/elog-3.1.3-1/src/elogd.c:18090:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Time format %s", attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:18093:28: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(format, DEFAULT_TIME_FORMAT);
data/elog-3.1.3-1/src/elogd.c:18113:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Icon comment %s", attrib[i]);
data/elog-3.1.3-1/src/elogd.c:18116:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(comment, attrib[i]);
data/elog-3.1.3-1/src/elogd.c:18131:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "List Change %s", attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:18145:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(display, attrib[i]);
data/elog-3.1.3-1/src/elogd.c:18190:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ref, "../%s/%s/%s", lbs->name, str, attachment[i] + 14);
data/elog-3.1.3-1/src/elogd.c:18312:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ref, "../%s/%s/%s", lbs->name, str, attachment[i] + 14);
data/elog-3.1.3-1/src/elogd.c:18370:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ref, "../%s/%s/%s", lbs->name, str, attachment[index] + 14);
data/elog-3.1.3-1/src/elogd.c:18723:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Deny %s", command);
data/elog-3.1.3-1/src/elogd.c:18747:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Allow %s", command);
data/elog-3.1.3-1/src/elogd.c:18807:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Change [global %s]", lbs->top_group);
data/elog-3.1.3-1/src/elogd.c:18808:19: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(menu_str, str);
data/elog-3.1.3-1/src/elogd.c:18839:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(menu_str, menu_item[i]);
data/elog-3.1.3-1/src/elogd.c:18856:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Change [global %s]", lbs->top_group);
data/elog-3.1.3-1/src/elogd.c:18857:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(menu_str, str);
data/elog-3.1.3-1/src/elogd.c:19115:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file_name, str);
data/elog-3.1.3-1/src/elogd.c:19189:13: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Select %s"), list[index]);
data/elog-3.1.3-1/src/elogd.c:19231:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "-- %s --", list[index]);
data/elog-3.1.3-1/src/elogd.c:19255:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "-- %s --", loc("Text"));
data/elog-3.1.3-1/src/elogd.c:19261:22: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Enter %s"), list[index]);
data/elog-3.1.3-1/src/elogd.c:19265:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "-- %s --", list[index]);
data/elog-3.1.3-1/src/elogd.c:19274:16: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Select %s"), list[index]);
data/elog-3.1.3-1/src/elogd.c:19283:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Icon comment %s", attr_options[attr_index][j]);
data/elog-3.1.3-1/src/elogd.c:19288:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(comment, attr_options[attr_index][j]);
data/elog-3.1.3-1/src/elogd.c:19301:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(option_whole, "^%s$", option);
data/elog-3.1.3-1/src/elogd.c:19513:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pm, "m%s", index);
data/elog-3.1.3-1/src/elogd.c:19514:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(py, "y%s", index);
data/elog-3.1.3-1/src/elogd.c:19515:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pd, "d%s", index);
data/elog-3.1.3-1/src/elogd.c:19516:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ph, "h%s", index);
data/elog-3.1.3-1/src/elogd.c:19517:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(pn, "n%s", index);
data/elog-3.1.3-1/src/elogd.c:19518:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ps, "c%s", index);
data/elog-3.1.3-1/src/elogd.c:19534:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Error: Year %s out of range", getparam(py));
data/elog-3.1.3-1/src/elogd.c:19770:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(charset, DEFAULT_HTTP_CHARSET);
data/elog-3.1.3-1/src/elogd.c:19799:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(url, "https://%s", host_name);
data/elog-3.1.3-1/src/elogd.c:19801:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(url, "http://%s", host_name);
data/elog-3.1.3-1/src/elogd.c:19938:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt1, pt);
data/elog-3.1.3-1/src/elogd.c:19973:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pt1, pt);
data/elog-3.1.3-1/src/elogd.c:20044:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(param, pt1);
data/elog-3.1.3-1/src/elogd.c:20050:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s%%3D", param);
data/elog-3.1.3-1/src/elogd.c:20066:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(param, pt1);
data/elog-3.1.3-1/src/elogd.c:20073:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s%%3D", param);
data/elog-3.1.3-1/src/elogd.c:20142:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ref, "-- %s --", attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:20155:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ref, "-- %s --", loc("Text"));
data/elog-3.1.3-1/src/elogd.c:20226:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mode_cookie, "elmode=%s", mode);
data/elog-3.1.3-1/src/elogd.c:20456:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s_%d", attr_list[i], j);
data/elog-3.1.3-1/src/elogd.c:20466:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s_%d", attr_list[i], j);
data/elog-3.1.3-1/src/elogd.c:20504:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(line, loc("Error in regular expression \"%s\""), str);
data/elog-3.1.3-1/src/elogd.c:20537:13: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(line, loc("Error in regular expression \"%s\""), str);
data/elog-3.1.3-1/src/elogd.c:20576:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Icon comment %s", attrib[i]);
data/elog-3.1.3-1/src/elogd.c:20587:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s_%d", attr_list[i], j);
data/elog-3.1.3-1/src/elogd.c:20623:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s_%d", attr_list[i], j);
data/elog-3.1.3-1/src/elogd.c:20918:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "ELOG %s", lbs->name);
data/elog-3.1.3-1/src/elogd.c:20968:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(charset, DEFAULT_HTTP_CHARSET);
data/elog-3.1.3-1/src/elogd.c:20990:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(str, loc("Last day"));
data/elog-3.1.3-1/src/elogd.c:20992:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str + strlen(str), loc("Last %d days"), past_n);
data/elog-3.1.3-1/src/elogd.c:20994:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str + strlen(str), loc("Last %d hours"), -past_n);
data/elog-3.1.3-1/src/elogd.c:20996:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str + strlen(str), loc("Last %d entries"), last_n);
data/elog-3.1.3-1/src/elogd.c:21000:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str + strlen(str), loc("Page %d of %d"), page_n, (n_msg - 1) / n_page + 1);
data/elog-3.1.3-1/src/elogd.c:21061:22: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Last %d days"), past_n * 2);
data/elog-3.1.3-1/src/elogd.c:21069:22: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Last %d entries"), last_n * 2);
data/elog-3.1.3-1/src/elogd.c:21164:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s_%d", attr_list[i], j);
data/elog-3.1.3-1/src/elogd.c:21206:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(format, DEFAULT_TIME_FORMAT);
data/elog-3.1.3-1/src/elogd.c:21227:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(format, DEFAULT_TIME_FORMAT);
data/elog-3.1.3-1/src/elogd.c:21249:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(format, DEFAULT_DATE_FORMAT);
data/elog-3.1.3-1/src/elogd.c:21251:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(format, DEFAULT_TIME_FORMAT);
data/elog-3.1.3-1/src/elogd.c:21261:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(format, DEFAULT_DATE_FORMAT);
data/elog-3.1.3-1/src/elogd.c:21263:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(format, DEFAULT_TIME_FORMAT);
data/elog-3.1.3-1/src/elogd.c:21278:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(iattr, "%s_%d", attr_list[i], j);
data/elog-3.1.3-1/src/elogd.c:21283:25: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Icon comment %s", getparam(iattr));
data/elog-3.1.3-1/src/elogd.c:21308:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Icon comment %s", getparam(attr_list[i]));
data/elog-3.1.3-1/src/elogd.c:21339:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(iattr, "%s_%d", attr_list[i], j);
data/elog-3.1.3-1/src/elogd.c:21365:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Icon comment %s", getparam(attr_list[i]));
data/elog-3.1.3-1/src/elogd.c:21465:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(list, str);
data/elog-3.1.3-1/src/elogd.c:21488:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(disp_attr[i + 1], disp_attr[i]);
data/elog-3.1.3-1/src/elogd.c:21489:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(disp_attr[0], loc("Logbook"));
data/elog-3.1.3-1/src/elogd.c:21496:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(disp_attr[0], loc("Logbook"));
data/elog-3.1.3-1/src/elogd.c:21497:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(disp_attr[1], loc("ID"));
data/elog-3.1.3-1/src/elogd.c:21498:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(disp_attr[2], loc("Date"));
data/elog-3.1.3-1/src/elogd.c:21504:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(disp_attr[0], loc("ID"));
data/elog-3.1.3-1/src/elogd.c:21505:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(disp_attr[1], loc("Date"));
data/elog-3.1.3-1/src/elogd.c:21550:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ref, "?rsort=%s", str);
data/elog-3.1.3-1/src/elogd.c:21552:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ref, "?sort=%s", str);
data/elog-3.1.3-1/src/elogd.c:21561:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(img, "<img align=top src=\"up.png\" alt=\"%s\" title=\"%s\">", loc("up"), loc("up"));
data/elog-3.1.3-1/src/elogd.c:21563:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(img, "<img align=top src=\"down.png\" alt=\"%s\" title=\"%s\">", loc("down"),
data/elog-3.1.3-1/src/elogd.c:21566:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Tooltip %s", disp_attr[i]);
data/elog-3.1.3-1/src/elogd.c:21568:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "title=\"%s\"", comment);
data/elog-3.1.3-1/src/elogd.c:21631:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Date format %s", attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:21634:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(format, DEFAULT_DATE_FORMAT);
data/elog-3.1.3-1/src/elogd.c:21646:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Time format %s", attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:21649:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(format, DEFAULT_TIME_FORMAT);
data/elog-3.1.3-1/src/elogd.c:21716:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(iattr, attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:21726:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Date format %s", attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:21729:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(format, DEFAULT_DATE_FORMAT);
data/elog-3.1.3-1/src/elogd.c:21741:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Time format %s", attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:21744:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(format, DEFAULT_TIME_FORMAT);
data/elog-3.1.3-1/src/elogd.c:21937:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(disp_attr[0], loc("ID"));
data/elog-3.1.3-1/src/elogd.c:21938:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(disp_attr[1], loc("Date"));
data/elog-3.1.3-1/src/elogd.c:22062:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mail_text + length, str);
data/elog-3.1.3-1/src/elogd.c:22089:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(charset, DEFAULT_HTTP_CHARSET);
data/elog-3.1.3-1/src/elogd.c:22094:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mail_text + strlen(mail_text), "Content-Type: text/plain; charset=%s; format=flowed\r\n",
data/elog-3.1.3-1/src/elogd.c:22132:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mail_text + strlen(mail_text), "%s : %s\r\n", loc("Logbook"), lbs->name);
data/elog-3.1.3-1/src/elogd.c:22162:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str2, "Icon comment %s", attrib[i]);
data/elog-3.1.3-1/src/elogd.c:22167:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Date format %s", attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:22170:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(format, DEFAULT_DATE_FORMAT);
data/elog-3.1.3-1/src/elogd.c:22181:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Time format %s", attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:22184:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(format, DEFAULT_TIME_FORMAT);
data/elog-3.1.3-1/src/elogd.c:22196:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(comment, attrib[i]);
data/elog-3.1.3-1/src/elogd.c:22199:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(comment, atoi(attrib[i]) ? "1" : "0");
data/elog-3.1.3-1/src/elogd.c:22206:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str + 20, ": %s\r\n", comment);
data/elog-3.1.3-1/src/elogd.c:22208:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str + k + 1, ": %s\r\n", comment);
data/elog-3.1.3-1/src/elogd.c:22210:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(mail_text + strlen(mail_text), str);
data/elog-3.1.3-1/src/elogd.c:22215:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mail_text + strlen(mail_text), "\r\n%s URL : %s\r\n", loc("Logbook"), url);
data/elog-3.1.3-1/src/elogd.c:22219:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mail_text + strlen(mail_text), "\r\n%s %d : %s (%s/%d)\r\n", loc("Attachment"),
data/elog-3.1.3-1/src/elogd.c:22225:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mail_text + strlen(mail_text), "\r\n=================================\r\n\r\n%s",
data/elog-3.1.3-1/src/elogd.c:22247:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(charset, DEFAULT_HTTP_CHARSET);
data/elog-3.1.3-1/src/elogd.c:22297:13: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(mail_text + strlen(mail_text), loc("A old entry has been updated on %s"), host_name);
data/elog-3.1.3-1/src/elogd.c:22299:13: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(mail_text + strlen(mail_text), loc("A new entry has been submitted on %s"), host_name);
data/elog-3.1.3-1/src/elogd.c:22310:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mail_text + strlen(mail_text), "<tr><td bgcolor=\"#CCCCFF\">%s</td>", loc("Logbook"));
data/elog-3.1.3-1/src/elogd.c:22311:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mail_text + strlen(mail_text), "<td bgcolor=\"#DDEEBB\">%s</td></tr>\r\n", lbs->name);
data/elog-3.1.3-1/src/elogd.c:22342:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str2, "Icon comment %s", attrib[i]);
data/elog-3.1.3-1/src/elogd.c:22347:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Date format %s", attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:22350:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(format, DEFAULT_DATE_FORMAT);
data/elog-3.1.3-1/src/elogd.c:22361:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Time format %s", attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:22364:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(format, DEFAULT_TIME_FORMAT);
data/elog-3.1.3-1/src/elogd.c:22376:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(comment, attrib[i]);
data/elog-3.1.3-1/src/elogd.c:22379:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(comment, atoi(attrib[i]) ? "1" : "0");
data/elog-3.1.3-1/src/elogd.c:22385:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mail_text + strlen(mail_text), "<tr><td bgcolor=\"#CCCCFF\">%s</td>", attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:22386:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mail_text + strlen(mail_text), "<td bgcolor=\"#DDEEBB\">%s</td></tr>\r\n", comment);
data/elog-3.1.3-1/src/elogd.c:22391:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mail_text + strlen(mail_text),
data/elog-3.1.3-1/src/elogd.c:22393:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mail_text + strlen(mail_text), "<a href=\"%s\">%s</a></td></tr>\r\n", url, url);
data/elog-3.1.3-1/src/elogd.c:22398:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mail_text + strlen(mail_text),
data/elog-3.1.3-1/src/elogd.c:22400:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mail_text + strlen(mail_text), "<a href=\"%s/%d\">%s</a></td></tr>\r\n", url, i + 1,
data/elog-3.1.3-1/src/elogd.c:22410:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mail_text + strlen(mail_text), "\r\n<HR>\r\n%s", getparam("text"));
data/elog-3.1.3-1/src/elogd.c:22418:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mail_text + strlen(mail_text), "\r\n=================================\r\n\r\n%s",
data/elog-3.1.3-1/src/elogd.c:22444:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(charset, DEFAULT_HTTP_CHARSET);
data/elog-3.1.3-1/src/elogd.c:22552:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(url, "%s%d", str, message_id);
data/elog-3.1.3-1/src/elogd.c:22598:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Error sending Email via <i>\"%s\"</i>"), smtp_host);
data/elog-3.1.3-1/src/elogd.c:22604:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mail_param, "?error=%s", str);
data/elog-3.1.3-1/src/elogd.c:22606:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Error sending Email via <i>\"%s\"</i>"), smtp_host);
data/elog-3.1.3-1/src/elogd.c:22610:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mail_param, "?error=%s", str);
data/elog-3.1.3-1/src/elogd.c:22634:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mail_param + strlen(mail_param), "mail%d=%s", i, str);
data/elog-3.1.3-1/src/elogd.c:22639:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%d%%20%s", n, loc("recipients"));
data/elog-3.1.3-1/src/elogd.c:22640:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mail_param + strlen(mail_param), "mail0=%s", str);
data/elog-3.1.3-1/src/elogd.c:22682:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, lbs->data_dir);
data/elog-3.1.3-1/src/elogd.c:22686:13: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(p, str);
data/elog-3.1.3-1/src/elogd.c:22694:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "SHELL \"%s\"", shell_cmd);
data/elog-3.1.3-1/src/elogd.c:22711:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Cannot open file <b>%s</b>"), config_file);
data/elog-3.1.3-1/src/elogd.c:22713:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(str, strerror(errno));
data/elog-3.1.3-1/src/elogd.c:22734:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Options %s", attrname);
data/elog-3.1.3-1/src/elogd.c:22737:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "MOptions %s", attrname);
data/elog-3.1.3-1/src/elogd.c:22741:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "ROptions %s", attrname);
data/elog-3.1.3-1/src/elogd.c:22763:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(p3, ", %s", av_encoded);
data/elog-3.1.3-1/src/elogd.c:22772:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Cannot write to <b>%s</b>"), config_file);
data/elog-3.1.3-1/src/elogd.c:22774:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(str, strerror(errno));
data/elog-3.1.3-1/src/elogd.c:22801:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Cannot open file <b>%s</b>"), config_file);
data/elog-3.1.3-1/src/elogd.c:22803:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(str, strerror(errno));
data/elog-3.1.3-1/src/elogd.c:22822:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("No 'Attributes' option present in %s"), config_file);
data/elog-3.1.3-1/src/elogd.c:22845:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(p3, "%s, ", attributes[i]);
data/elog-3.1.3-1/src/elogd.c:22848:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(p3, "%s", attributes[i]);
data/elog-3.1.3-1/src/elogd.c:22858:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Cannot write to <b>%s</b>"), config_file);
data/elog-3.1.3-1/src/elogd.c:22860:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(str, strerror(errno));
data/elog-3.1.3-1/src/elogd.c:22938:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str1, "- %s -", loc("keep original text"));
data/elog-3.1.3-1/src/elogd.c:22939:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str2, "<p>- %s -</p>", loc("keep original text"));
data/elog-3.1.3-1/src/elogd.c:22994:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ua, attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:23030:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s_%d", ua, j);
data/elog-3.1.3-1/src/elogd.c:23052:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(error + strlen(error), loc("Error: Attribute <b>%s</b> not supplied"), attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:23054:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(error + strlen(error), loc("Please go back and enter the <b>%s</b> field"), attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:23065:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ua, attr_list[index]);
data/elog-3.1.3-1/src/elogd.c:23073:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str2, "- %s -", loc("keep original values"));
data/elog-3.1.3-1/src/elogd.c:23075:16: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(error, loc("Error: Attribute <b>%s</b> must be numeric"), attr_list[index]);
data/elog-3.1.3-1/src/elogd.c:23083:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ua, attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:23093:16: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(error, loc("Error: Value <b>%s</b> not allowed for boolean attributes"), str);
data/elog-3.1.3-1/src/elogd.c:23121:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(error, loc("Maximum number of attribute options exceeded"));
data/elog-3.1.3-1/src/elogd.c:23123:22: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(error, loc("Please increase MAX_N_LIST in elogd.c and recompile"));
data/elog-3.1.3-1/src/elogd.c:23133:19: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(error, loc("Error: Attribute option <b>%s</b> not existing"), encoded);
data/elog-3.1.3-1/src/elogd.c:23170:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(att_file[i], isparam(str) ? getparam(str) : "");
data/elog-3.1.3-1/src/elogd.c:23176:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ua, attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:23191:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s_%d", ua, j);
data/elog-3.1.3-1/src/elogd.c:23322:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Subst %s", attr_list[index]);
data/elog-3.1.3-1/src/elogd.c:23335:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(subst_str, str);
data/elog-3.1.3-1/src/elogd.c:23337:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(attrib[index], subst_str);
data/elog-3.1.3-1/src/elogd.c:23345:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Subst on edit %s", attr_list[index]);
data/elog-3.1.3-1/src/elogd.c:23365:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(attrib[index], str2 + 4);
data/elog-3.1.3-1/src/elogd.c:23367:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(attrib[index], str2);
data/elog-3.1.3-1/src/elogd.c:23375:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Subst on reply %s", attr_list[index]);
data/elog-3.1.3-1/src/elogd.c:23383:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(attrib[index], str2);
data/elog-3.1.3-1/src/elogd.c:23390:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "- %s -", loc("keep original values"));
data/elog-3.1.3-1/src/elogd.c:23439:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(in_reply_to, isparam("reply_to") ? getparam("reply_to") : "");
data/elog-3.1.3-1/src/elogd.c:23464:16: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("New entry cannot be written to directory \"%s\""), lbs->data_dir);
data/elog-3.1.3-1/src/elogd.c:23466:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(str,
data/elog-3.1.3-1/src/elogd.c:23481:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("New entry cannot be written to directory \"%s\""), lbs->data_dir);
data/elog-3.1.3-1/src/elogd.c:23483:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(str, loc("Please check that it exists and elogd has write access and disk is not full"));
data/elog-3.1.3-1/src/elogd.c:23557:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ua, attr_list[index]);
data/elog-3.1.3-1/src/elogd.c:23563:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str + strlen(str), "\"%s\"", attr_list[index]);
data/elog-3.1.3-1/src/elogd.c:23569:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str2, "%s_%d", ua, mindex);
data/elog-3.1.3-1/src/elogd.c:23608:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(mail_to, &mail_list[i * NAME_LENGTH]);
data/elog-3.1.3-1/src/elogd.c:23615:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(rcpt_to, &mail_list[i * NAME_LENGTH]);
data/elog-3.1.3-1/src/elogd.c:23638:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "\"%s\" <%s>,", full_name, user_email);
data/elog-3.1.3-1/src/elogd.c:23643:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(mail_to, str);
data/elog-3.1.3-1/src/elogd.c:23645:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s,", user_email);
data/elog-3.1.3-1/src/elogd.c:23650:16: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(rcpt_to, str);
data/elog-3.1.3-1/src/elogd.c:23684:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(rcpt_to, &rcpt_list[i * NAME_LENGTH]);
data/elog-3.1.3-1/src/elogd.c:23690:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(mail_to, &mail_list[i * NAME_LENGTH]);
data/elog-3.1.3-1/src/elogd.c:23737:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file_name, str);
data/elog-3.1.3-1/src/elogd.c:23749:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%d%s", message_id, mail_param);
data/elog-3.1.3-1/src/elogd.c:23766:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(att_file[i], isparam(str) ? getparam(str) : "");
data/elog-3.1.3-1/src/elogd.c:23819:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("New entry cannot be written to directory \"%s\""), lbs->data_dir);
data/elog-3.1.3-1/src/elogd.c:23821:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(str, loc("Please check that it exists and elogd has write access"));
data/elog-3.1.3-1/src/elogd.c:23880:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Entry %s cannot be read from logbook \"%s\""), msg_str, lbs->name);
data/elog-3.1.3-1/src/elogd.c:23899:16: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Entry %s cannot be read from logbook \"%s\""), msg_str, lbs->name);
data/elog-3.1.3-1/src/elogd.c:24003:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "?lb=%s\"", lbs->name_enc);
data/elog-3.1.3-1/src/elogd.c:24004:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str2, "?lb=%s\"", dest_logbook);
data/elog-3.1.3-1/src/elogd.c:24007:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "?lb=%s&", lbs->name_enc);
data/elog-3.1.3-1/src/elogd.c:24008:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str2, "?lb=%s&", dest_logbook);
data/elog-3.1.3-1/src/elogd.c:24044:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("New entry cannot be written to directory \"%s\""), lbs_dest->data_dir);
data/elog-3.1.3-1/src/elogd.c:24046:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(str, loc("Please check that it exists and elogd has write access"));
data/elog-3.1.3-1/src/elogd.c:24127:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "cid:att%d@%s", i, domain);
data/elog-3.1.3-1/src/elogd.c:24148:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(thumb_size, " -thumbnail '%s'", str);
data/elog-3.1.3-1/src/elogd.c:24272:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s -format '%%wx%%h %%c' '%s'", _identify_cmd, thumb_name);
data/elog-3.1.3-1/src/elogd.c:24305:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s '%s' -rotate %d -thumbnail %d -set comment ' %d' '%s'", _convert_cmd, file_name, new_rot,
data/elog-3.1.3-1/src/elogd.c:24311:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s '%s' -rotate %d -thumbnail %d -set comment ' %d' '%s'", _convert_cmd, file_name, new_rot,
data/elog-3.1.3-1/src/elogd.c:24317:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s '%s' '%s'", _convert_cmd, file_name, thumb_name);
data/elog-3.1.3-1/src/elogd.c:24322:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s '%s' -rotate %d -thumbnail %d -set comment ' %d' '%s'", _convert_cmd, file_name, cur_rot,
data/elog-3.1.3-1/src/elogd.c:24328:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "%s '%s' -rotate %d -thumbnail %d -set comment ' %d' '%s'", _convert_cmd, file_name, cur_rot,
data/elog-3.1.3-1/src/elogd.c:24377:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file_name, str);
data/elog-3.1.3-1/src/elogd.c:24410:10: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(menu_str, menu_item[i]);
data/elog-3.1.3-1/src/elogd.c:24465:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(lattr, "l%s", attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:24487:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(lattr, "l%s", attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:24490:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str + strlen(str), "?%s=1", lattr);
data/elog-3.1.3-1/src/elogd.c:24492:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str + strlen(str), "&%s=1", lattr);
data/elog-3.1.3-1/src/elogd.c:24506:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s: <b>%s</b>", loc("Invalid URL"), str2);
data/elog-3.1.3-1/src/elogd.c:24625:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cmd, menu_item[i]);
data/elog-3.1.3-1/src/elogd.c:24694:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file_name, str);
data/elog-3.1.3-1/src/elogd.c:24735:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(lattr, "l%s", attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:24741:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, " %s <i>\"%s = %s\"</i>", loc("with"), attr_list[i], getparam(attr_list[i]));
data/elog-3.1.3-1/src/elogd.c:24789:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s %s", loc("Entry is currently edited by"), locked_by);
data/elog-3.1.3-1/src/elogd.c:24840:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(format, DEFAULT_TIME_FORMAT);
data/elog-3.1.3-1/src/elogd.c:24858:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ref + strlen(ref), "%s", orig_tag);
data/elog-3.1.3-1/src/elogd.c:24871:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ref + strlen(ref), "%s", p);
data/elog-3.1.3-1/src/elogd.c:24892:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Format %s", attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:24940:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Format %s", attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:24960:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(lattr, "l%s", attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:24963:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Tooltip %s", attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:24990:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Icon comment %s", attrib[i]);
data/elog-3.1.3-1/src/elogd.c:25021:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Date format %s", attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:25024:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(format, DEFAULT_DATE_FORMAT);
data/elog-3.1.3-1/src/elogd.c:25038:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Time format %s", attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:25041:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(format, DEFAULT_TIME_FORMAT);
data/elog-3.1.3-1/src/elogd.c:25056:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Change %s", attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:25070:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(display, attrib[i]);
data/elog-3.1.3-1/src/elogd.c:25195:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file_enc, attachment[index] + 14);
data/elog-3.1.3-1/src/elogd.c:25199:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ref, "cid:att%d@%s", index, domain);
data/elog-3.1.3-1/src/elogd.c:25201:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ref, "%s/%s", str, file_enc);
data/elog-3.1.3-1/src/elogd.c:25243:22: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(format, DEFAULT_TIME_FORMAT);
data/elog-3.1.3-1/src/elogd.c:25615:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Cannot open file \"%s\"", file_name);
data/elog-3.1.3-1/src/elogd.c:25635:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Cannot access password file \"%s\"", file_name);
data/elog-3.1.3-1/src/elogd.c:25644:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Cannot access write protected password file \"%s\"", file_name);
data/elog-3.1.3-1/src/elogd.c:25655:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Cannot convert password file \"%s\"", file_name);
data/elog-3.1.3-1/src/elogd.c:25731:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(orig_topgroup, getcfg_topgroup());
data/elog-3.1.3-1/src/elogd.c:25789:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "/list/user[name=%s]", user);
data/elog-3.1.3-1/src/elogd.c:25793:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "/list/user[email=%s]", email);
data/elog-3.1.3-1/src/elogd.c:25891:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(orig_topgroup, getcfg_topgroup());
data/elog-3.1.3-1/src/elogd.c:25916:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "/list/user[name=%s]", user);
data/elog-3.1.3-1/src/elogd.c:25944:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, ctime(&now));
data/elog-3.1.3-1/src/elogd.c:25979:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(orig_topgroup, getcfg_topgroup());
data/elog-3.1.3-1/src/elogd.c:26004:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "/list/user[name=%s]", user);
data/elog-3.1.3-1/src/elogd.c:26039:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(orig_topgroup, getcfg_topgroup());
data/elog-3.1.3-1/src/elogd.c:26059:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "/list/user[name=%s]", user);
data/elog-3.1.3-1/src/elogd.c:26236:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "ELOG %s", loc("Login"));
data/elog-3.1.3-1/src/elogd.c:26263:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("User \"%s\" has no access to this logbook"), getparam("unm"));
data/elog-3.1.3-1/src/elogd.c:26400:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Cannot open file <b>%s</b>"), pwd_file);
data/elog-3.1.3-1/src/elogd.c:26583:19: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str + strlen(str), " %s $author", loc("by"));
data/elog-3.1.3-1/src/elogd.c:26798:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(password, last_password);
data/elog-3.1.3-1/src/elogd.c:26822:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "../%s/", lbs->name_enc);
data/elog-3.1.3-1/src/elogd.c:27014:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, loc("Maximum allowed file size is"));
data/elog-3.1.3-1/src/elogd.c:27061:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file_enc, att + 14);
data/elog-3.1.3-1/src/elogd.c:27063:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ref, "%s/%s?lb=%s", str, file_enc, lbs->name_enc);
data/elog-3.1.3-1/src/elogd.c:27064:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ref_thumb, "%s/%s?lb=%s&thumb=1", str, file_enc, lbs->name_enc);
data/elog-3.1.3-1/src/elogd.c:27125:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(charset, DEFAULT_HTTP_CHARSET);
data/elog-3.1.3-1/src/elogd.c:27211:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dec_path, path);
data/elog-3.1.3-1/src/elogd.c:27213:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(enc_path, dec_path);
data/elog-3.1.3-1/src/elogd.c:27245:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(logbook_enc, experiment);
data/elog-3.1.3-1/src/elogd.c:27246:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(logbook, experiment);
data/elog-3.1.3-1/src/elogd.c:27256:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Error: logbook \"%s\" not defined in %s", logbook_enc, CFGFILE);
data/elog-3.1.3-1/src/elogd.c:27262:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(logbook_enc, lbook);
data/elog-3.1.3-1/src/elogd.c:27263:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(logbook, lbook);
data/elog-3.1.3-1/src/elogd.c:27270:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Top group %s", logbook);
data/elog-3.1.3-1/src/elogd.c:27312:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s <b><%s></b>", full_name, user_email);
data/elog-3.1.3-1/src/elogd.c:27313:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str2, loc("Activation notice has been sent to %s"), str);
data/elog-3.1.3-1/src/elogd.c:27348:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "LOGIN user \"%s\" (attempt) for logbook selection page", uname);
data/elog-3.1.3-1/src/elogd.c:27376:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "LOGIN user \"%s\" (success)", uname);
data/elog-3.1.3-1/src/elogd.c:27430:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(logbook, lb_list[0].name);
data/elog-3.1.3-1/src/elogd.c:27431:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(logbook_enc, logbook);
data/elog-3.1.3-1/src/elogd.c:27485:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "LOGIN user \"%s\" (attempt)", uname);
data/elog-3.1.3-1/src/elogd.c:27525:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "LOGIN user \"%s\" (success)", uname);
data/elog-3.1.3-1/src/elogd.c:27563:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s: <b>%s</b>", loc("Invalid URL"), str2);
data/elog-3.1.3-1/src/elogd.c:27576:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "ACTIVATE user \"%s\" (success)", uname);
data/elog-3.1.3-1/src/elogd.c:27583:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "?cmd=%s¬ice=%s. %s", loc("Config"), loc("Your account has been activated"),
data/elog-3.1.3-1/src/elogd.c:27640:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s?cmd=%s", path, command);
data/elog-3.1.3-1/src/elogd.c:27645:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s?cmd=%s", path, command);
data/elog-3.1.3-1/src/elogd.c:27660:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "../%s/%s", logbook_enc, edit_id);
data/elog-3.1.3-1/src/elogd.c:27662:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "../%s/", logbook_enc);
data/elog-3.1.3-1/src/elogd.c:27676:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s = %d", loc("Error deleting message: status"), status);
data/elog-3.1.3-1/src/elogd.c:27694:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "../%s/%s", logbook_enc, edit_id);
data/elog-3.1.3-1/src/elogd.c:27696:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "../%s/", logbook_enc);
data/elog-3.1.3-1/src/elogd.c:27719:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "../%s/%s", logbook_enc, path);
data/elog-3.1.3-1/src/elogd.c:27870:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(command, loc("First"));
data/elog-3.1.3-1/src/elogd.c:27872:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(command, loc("Previous"));
data/elog-3.1.3-1/src/elogd.c:27874:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(command, loc("Next"));
data/elog-3.1.3-1/src/elogd.c:27876:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(command, loc("Last"));
data/elog-3.1.3-1/src/elogd.c:27886:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Error: Command \"<b>%s</b>\" is not allowed for user \"<b>%s</b>\""), str2, str3);
data/elog-3.1.3-1/src/elogd.c:27900:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Error: Command \"<b>%s</b>\" not allowed"), str2);
data/elog-3.1.3-1/src/elogd.c:27923:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Cannot find file \"%s\"", file_name);
data/elog-3.1.3-1/src/elogd.c:28080:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "../%s/?cmd=%s", lbs->name_enc, loc("Find"));
data/elog-3.1.3-1/src/elogd.c:28091:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s: <b>%s</b>", loc("Invalid URL"), str2);
data/elog-3.1.3-1/src/elogd.c:28125:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Change %s"), "[global]");
data/elog-3.1.3-1/src/elogd.c:28131:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str2, "[global %s]", lbs->top_group);
data/elog-3.1.3-1/src/elogd.c:28132:4: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Change %s"), str2);
data/elog-3.1.3-1/src/elogd.c:28152:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "?cmd=%s", loc("Change config file"));
data/elog-3.1.3-1/src/elogd.c:28154:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "?cmd=%s", loc("Config"));
data/elog-3.1.3-1/src/elogd.c:28179:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s \"%s\" %s", loc("Login name"), getparam("new_user_name"),
data/elog-3.1.3-1/src/elogd.c:28216:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "../%s/", lbs->name_enc);
data/elog-3.1.3-1/src/elogd.c:28220:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str + strlen(str), "?cmd=%s&cfg_user=", loc("Config"));
data/elog-3.1.3-1/src/elogd.c:28223:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str + strlen(str), "?cmd=%s&cfg_user=", loc("Config"));
data/elog-3.1.3-1/src/elogd.c:28226:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str + strlen(str), "?cmd=%s", loc("Config"));
data/elog-3.1.3-1/src/elogd.c:28239:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s <b><%s></b>", full_name, user_email);
data/elog-3.1.3-1/src/elogd.c:28240:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str2, loc("Activation notice has been sent to %s"), str);
data/elog-3.1.3-1/src/elogd.c:28290:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, loc("CSV Import"));
data/elog-3.1.3-1/src/elogd.c:28292:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str1, "?cmd=%s", str);
data/elog-3.1.3-1/src/elogd.c:28294:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, loc("XML Import"));
data/elog-3.1.3-1/src/elogd.c:28296:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str2, "?cmd=%s", str);
data/elog-3.1.3-1/src/elogd.c:28351:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file_name, str);
data/elog-3.1.3-1/src/elogd.c:28529:22: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Error: Filename \"%s\" contains invalid character", str2);
data/elog-3.1.3-1/src/elogd.c:28565:25: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Cannot retrieve file from URL \"%s\""), str2);
data/elog-3.1.3-1/src/elogd.c:28585:28: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("File not found at URL \"%s\""), str2);
data/elog-3.1.3-1/src/elogd.c:28597:22: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str, loc("Attachment file <b>\"%s\"</b> empty or not found"), str2);
data/elog-3.1.3-1/src/elogd.c:28843:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(remote_host[i_conn], phe->h_name);
data/elog-3.1.3-1/src/elogd.c:28845:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(remote_host[i_conn], (char *) inet_ntoa(rem_addr));
data/elog-3.1.3-1/src/elogd.c:28847:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(remote_host[i_conn], (char *) inet_ntoa(rem_addr));
data/elog-3.1.3-1/src/elogd.c:28849:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(rem_host, remote_host[i_conn]);
data/elog-3.1.3-1/src/elogd.c:28894:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s: <b>%s</b>", loc("Invalid URL"), str2);
data/elog-3.1.3-1/src/elogd.c:28909:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s: <b>%s</b>", loc("Invalid URL"), str2);
data/elog-3.1.3-1/src/elogd.c:28930:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(logbook_enc, logbook);
data/elog-3.1.3-1/src/elogd.c:28937:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s/", logbook_enc);
data/elog-3.1.3-1/src/elogd.c:28947:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(url, "%s", logbook_enc);
data/elog-3.1.3-1/src/elogd.c:28953:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s: <b>%s</b>", loc("Invalid URL"), str2);
data/elog-3.1.3-1/src/elogd.c:28966:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s: <b>%s</b>", loc("Invalid URL"), str2);
data/elog-3.1.3-1/src/elogd.c:29009:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s: <b>%s</b>", loc("Invalid URL"), str2);
data/elog-3.1.3-1/src/elogd.c:29040:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Top group %s", logbook);
data/elog-3.1.3-1/src/elogd.c:29043:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Error: logbook \"%s\" not defined in %s", logbook_enc, CFGFILE);
data/elog-3.1.3-1/src/elogd.c:29076:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(rem_host_ip, (char *) inet_ntoa(rem_addr));
data/elog-3.1.3-1/src/elogd.c:29099:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, rem_host_ip);
data/elog-3.1.3-1/src/elogd.c:29116:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(rem_host_ip, (char *) inet_ntoa(rem_addr));
data/elog-3.1.3-1/src/elogd.c:29139:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, rem_host_ip);
data/elog-3.1.3-1/src/elogd.c:29163:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(format, DEFAULT_TIME_FORMAT);
data/elog-3.1.3-1/src/elogd.c:29226:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Unknown request:<p>%s", str2);
data/elog-3.1.3-1/src/elogd.c:29403:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cron[i++], p);
data/elog-3.1.3-1/src/elogd.c:29639:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(host_name, phe->h_name);
data/elog-3.1.3-1/src/elogd.c:29660:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, git_revision());
data/elog-3.1.3-1/src/elogd.c:29685:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pidfile, PIDFILE);
data/elog-3.1.3-1/src/elogd.c:29702:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Error creating pid file \"%s\"", pidfile);
data/elog-3.1.3-1/src/elogd.c:29709:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Error writing to pid file \"%s\"", pidfile);
data/elog-3.1.3-1/src/elogd.c:29789:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s -version", _convert_cmd);
data/elog-3.1.3-1/src/elogd.c:29795:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s -version", _convert_cmd);
data/elog-3.1.3-1/src/elogd.c:29802:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s -version", _convert_cmd);
data/elog-3.1.3-1/src/elogd.c:29809:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s -version", _convert_cmd);
data/elog-3.1.3-1/src/elogd.c:29957:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(remote_host[i_conn], phe->h_name);
data/elog-3.1.3-1/src/elogd.c:29959:19: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(remote_host[i_conn], (char *) inet_ntoa(rem_addr));
data/elog-3.1.3-1/src/elogd.c:29961:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(remote_host[i_conn], (char *) inet_ntoa(rem_addr));
data/elog-3.1.3-1/src/elogd.c:29963:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(rem_host, remote_host[i_conn]);
data/elog-3.1.3-1/src/elogd.c:29986:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(rem_host, remote_host[i_conn]);
data/elog-3.1.3-1/src/elogd.c:30129:28: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str,
data/elog-3.1.3-1/src/elogd.c:30133:28: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(str,
data/elog-3.1.3-1/src/elogd.c:30457:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "[%s]\n%s = %s\n", logbook, name, pwd);
data/elog-3.1.3-1/src/elogd.c:30472:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "[%s]", logbook);
data/elog-3.1.3-1/src/elogd.c:30486:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s = %s\n", name, pwd);
data/elog-3.1.3-1/src/elogd.c:30511:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "%s = %s\n", name, pwd);
data/elog-3.1.3-1/src/elogd.c:30524:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "\n[%s]\n%s = %s\n\n", logbook, name, pwd);
data/elog-3.1.3-1/src/elogd.c:30545:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "Cannot remove pidfile \"%s\"\n", pidfile);
data/elog-3.1.3-1/src/elogd.c:30598:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dir, path);
data/elog-3.1.3-1/src/elogd.c:30602:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmd, "\"%s\" -D -c \"%s%s\"", path, dir, CFGFILE);
data/elog-3.1.3-1/src/elogd.c:30843:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(config_file, CONFIG_PATH);
data/elog-3.1.3-1/src/elogd.c:30968:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, argv[0]);
data/elog-3.1.3-1/src/elogd.c:31035:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(resource_dir, config_file);
data/elog-3.1.3-1/src/elogd.c:31047:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(logbook_dir, config_file);
data/elog-3.1.3-1/src/elogd.h:69:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/elog-3.1.3-1/src/elogd.h:69:18: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/elog-3.1.3-1/src/locext.c:113:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p2, p2 + 1);
data/elog-3.1.3-1/src/locext.c:116:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "\n%s =", str);
data/elog-3.1.3-1/src/locext.c:136:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "%s = \r\n", str);
data/elog-3.1.3-1/src/locext.c:178:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, line + i);
data/elog-3.1.3-1/src/locext.c:180:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(line + i, str);
data/elog-3.1.3-1/src/locext.c:183:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "loc(\"%s\")", line);
data/elog-3.1.3-1/src/locext.c:191:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(p2, p);
data/elog-3.1.3-1/src/mxml.c:102:27: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((format (printf, format_idx, arg_idx)))
data/elog-3.1.3-1/src/mxml.c:104:27: [4] (buffer) scanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
__attribute__((format (scanf, format_idx, arg_idx)))
data/elog-3.1.3-1/src/mxml.c:182:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(writer->buffer + writer->buffer_len, line);
data/elog-3.1.3-1/src/mxml.c:216:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, ctime(&now));
data/elog-3.1.3-1/src/mxml.c:218:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "<!-- created by MXML on %s -->\n", str);
data/elog-3.1.3-1/src/mxml.c:257:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "Unable to open file \"%s\": ", file_name);
data/elog-3.1.3-1/src/mxml.c:267:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, ctime(&now));
data/elog-3.1.3-1/src/mxml.c:269:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "<!-- created by MXML on %s -->\n", str);
data/elog-3.1.3-1/src/mxml.c:435:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(writer->stack[writer->level], name_enc);
data/elog-3.1.3-1/src/mxml.c:510:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name_enc, name);
data/elog-3.1.3-1/src/mxml.c:512:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(val_enc, value);
data/elog-3.1.3-1/src/mxml.c:515:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, " %s=\"%s\"", name_enc, val_enc);
data/elog-3.1.3-1/src/mxml.c:545:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(_data_enc, data);
data/elog-3.1.3-1/src/mxml.c:717:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pnode->value, value);
data/elog-3.1.3-1/src/mxml.c:837:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pnode->attribute_value[pnode->n_attributes], attrib_value);
data/elog-3.1.3-1/src/mxml.c:1148:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pnode->value, value);
data/elog-3.1.3-1/src/mxml.c:1215:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pnode->attribute_value[i], attrib_value);
data/elog-3.1.3-1/src/mxml.c:1270:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pnode->attribute_name+j*MXML_NAME_LENGTH, pnode->attribute_name+(j+1)*MXML_NAME_LENGTH);
data/elog-3.1.3-1/src/mxml.c:1298:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str, "XML read error in file \"%s\", line %d: ", file_name, line_number);
data/elog-3.1.3-1/src/mxml.c:1306:4: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(str, (char *) format, argptr);
data/elog-3.1.3-1/src/mxml.c:1678:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(directoryname, file_name);
data/elog-3.1.3-1/src/mxml.c:1688:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer, *buf);
data/elog-3.1.3-1/src/mxml.c:1891:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(entity_reference_name[nentity], replacement);
data/elog-3.1.3-1/src/mxml.c:1899:16: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(entity_value[nentity], replacement);
data/elog-3.1.3-1/src/mxml.c:1930:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename, entity_reference_name[i]);
data/elog-3.1.3-1/src/mxml.c:1932:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(filename, "%s%c%s", directoryname, DIR_SEPARATOR, entity_reference_name[i]);
data/elog-3.1.3-1/src/mxml.c:2049:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(line, "Unable to open file \"%s\": ", file_name);
data/elog-3.1.3-1/src/mxml.c:2295:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(str, path);
data/elog-3.1.3-1/src/mxml.c:2309:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, name);
data/elog-3.1.3-1/src/regex.c:470:36: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define DEBUG_PRINT1(x) if (debug) printf (x)
data/elog-3.1.3-1/src/regex.c:471:41: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define DEBUG_PRINT2(x1, x2) if (debug) printf (x1, x2)
data/elog-3.1.3-1/src/regex.c:472:45: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define DEBUG_PRINT3(x1, x2, x3) if (debug) printf (x1, x2, x3)
data/elog-3.1.3-1/src/regex.c:473:49: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define DEBUG_PRINT4(x1, x2, x3, x4) if (debug) printf (x1, x2, x3, x4)
data/elog-3.1.3-1/src/regex.c:4671:10: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(errbuf, msg);
data/elog-3.1.3-1/src/elog.c:771:4: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand((unsigned) time(NULL));
data/elog-3.1.3-1/src/elogd.c:871:9: [3] (shell) CreateProcess:
This causes a new process to execute and is difficult to use safely
(CWE-78). Specify the application path in the first argument, NOT as part
of the second, or embedded spaces could allow an attacker to force a
different program to run.
if (!CreateProcess(NULL, buffer, /* command line */
data/elog-3.1.3-1/src/elogd.c:871:9: [3] (shell) CreateProcess:
This causes a new process to execute and is difficult to use safely
(CWE-78). Specify the application path in the first argument, NOT as part
of the second, or embedded spaces could allow an attacker to force a
different program to run.
if (!CreateProcess(NULL, buffer, /* command line */
data/elog-3.1.3-1/src/elogd.c:30831:4: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand((unsigned) time(NULL));
data/elog-3.1.3-1/src/auth.c:40:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ldap_login_attr[64];
data/elog-3.1.3-1/src/auth.c:41:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ldap_userbase[256];
data/elog-3.1.3-1/src/auth.c:42:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ldap_bindDN[512];
data/elog-3.1.3-1/src/auth.c:56:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *princ_name, str[256], realm[256];
data/elog-3.1.3-1/src/auth.c:98:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(error_str, "<b>Kerberos error %d:</b><br>", error);
data/elog-3.1.3-1/src/auth.c:113:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *princ_name, str[256], realm[256];
data/elog-3.1.3-1/src/auth.c:201:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[512], ldap_server[256];
data/elog-3.1.3-1/src/auth.c:253:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[512];
data/elog-3.1.3-1/src/auth.c:296:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[512], filter[512];
data/elog-3.1.3-1/src/auth.c:300:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lbs_str[256], user_str[256], user_enc[256], fullname[256], usergn[128], usersn[128], useremail[256];
data/elog-3.1.3-1/src/auth.c:429:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char upwd[256], enc_pwd[256];
data/elog-3.1.3-1/src/auth.c:440:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256], file_name[256], enc_pwd[256];
data/elog-3.1.3-1/src/auth.c:468:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256];
data/elog-3.1.3-1/src/auth.c:497:73: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (getcfg(lbs->name, "LDAP register", str, sizeof(str)) && atoi(str) > 0)
data/elog-3.1.3-1/src/auth.c:518:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256];
data/elog-3.1.3-1/src/crypt.c:59:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[128]; /* NB: always correctly aligned for uint32_t. */
data/elog-3.1.3-1/src/crypt.c:73:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char fillbuf[64] = { 0x80, 0 /* , 0, 0, ... */ };
data/elog-3.1.3-1/src/crypt.c:230:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ctx->buffer[bytes], fillbuf, pad);
data/elog-3.1.3-1/src/crypt.c:255:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ctx->buffer[left_over], buffer, add);
data/elog-3.1.3-1/src/crypt.c:263:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ctx->buffer, &ctx->buffer[(left_over + add) & ~63], ctx->buflen);
data/elog-3.1.3-1/src/crypt.c:281:34: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
sha256_process_block(memcpy(ctx->buffer, buffer, 64), 64, ctx);
data/elog-3.1.3-1/src/crypt.c:295:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ctx->buffer[left_over], buffer, len);
data/elog-3.1.3-1/src/crypt.c:300:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ctx->buffer, &ctx->buffer[64], left_over);
data/elog-3.1.3-1/src/crypt.c:324:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char b64t[64] = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
data/elog-3.1.3-1/src/crypt.c:330:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char alt_result[32];
data/elog-3.1.3-1/src/crypt.c:331:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char temp_result[32];
data/elog-3.1.3-1/src/crypt.c:333:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char alt_result[32]
data/elog-3.1.3-1/src/crypt.c:335:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char temp_result[32]
data/elog-3.1.3-1/src/crypt.c:375:26: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
key = copied_key = memcpy(tmp + __alignof__(uint32_t)
data/elog-3.1.3-1/src/crypt.c:381:28: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
salt = copied_salt = memcpy(tmp + __alignof__(uint32_t)
data/elog-3.1.3-1/src/crypt.c:443:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cp, temp_result, 32);
data/elog-3.1.3-1/src/crypt.c:446:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cp, temp_result, cnt);
data/elog-3.1.3-1/src/crypt.c:461:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cp, temp_result, 32);
data/elog-3.1.3-1/src/crypt.c:464:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(cp, temp_result, cnt);
data/elog-3.1.3-1/src/elconv.c:104:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attr_list[MAX_N_ATTR][NAME_LENGTH];
data/elog-3.1.3-1/src/elconv.c:105:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data_dir[256];
data/elog-3.1.3-1/src/elconv.c:109:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char v1_tag[16];
data/elog-3.1.3-1/src/elconv.c:111:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char in_reply_to[16];
data/elog-3.1.3-1/src/elconv.c:112:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply[16];
data/elog-3.1.3-1/src/elconv.c:245:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[255];
data/elog-3.1.3-1/src/elconv.c:281:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256], file_name[256], dir[256];
data/elog-3.1.3-1/src/elconv.c:294:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
direction = atoi(tag_dir);
data/elog-3.1.3-1/src/elconv.c:317:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
offset = atoi(strchr(str, '.') + 1);
data/elog-3.1.3-1/src/elconv.c:326:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
lfh = open(file_name, O_RDWR | O_BINARY, 0644);
data/elog-3.1.3-1/src/elconv.c:341:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tag, "%02d%02d%02d.0", tms->tm_year % 100, tms->tm_mon + 1, tms->tm_mday);
data/elog-3.1.3-1/src/elconv.c:377:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
d = atoi(file_list + i * MAX_PATH_LENGTH);
data/elog-3.1.3-1/src/elconv.c:389:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
lfh = open(file_name, O_RDWR | O_BINARY, 0644);
data/elog-3.1.3-1/src/elconv.c:394:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tag, "%06d.0", min % 1000000);
data/elog-3.1.3-1/src/elconv.c:411:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
d = atoi(file_list + i * MAX_PATH_LENGTH);
data/elog-3.1.3-1/src/elconv.c:420:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
lfh = open(file_name, O_RDWR | O_BINARY, 0644);
data/elog-3.1.3-1/src/elconv.c:427:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tag, "%06d.%d", (int) (max % 1000000), (int) (TELL(lfh)));
data/elog-3.1.3-1/src/elconv.c:442:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%02d%02d%02d.0", tms->tm_year % 100, tms->tm_mon + 1, tms->tm_mday);
data/elog-3.1.3-1/src/elconv.c:472:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
size = atoi(str + 7);
data/elog-3.1.3-1/src/elconv.c:480:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(strchr(tag, '.') + 1, "%d", (int) (TELL(lfh)));
data/elog-3.1.3-1/src/elconv.c:496:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
size = atoi(str + 9);
data/elog-3.1.3-1/src/elconv.c:513:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%02d%02d%02d.0", tms->tm_year % 100, tms->tm_mon + 1, tms->tm_mday);
data/elog-3.1.3-1/src/elconv.c:536:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(strchr(tag, '.') + 1, "%d", (int) (TELL(lfh)));
data/elog-3.1.3-1/src/elconv.c:549:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
INT el_submit(char attr_name[MAX_N_ATTR][NAME_LENGTH],
data/elog-3.1.3-1/src/elconv.c:550:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attr_value[MAX_N_ATTR][NAME_LENGTH],
data/elog-3.1.3-1/src/elconv.c:551:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int n_attr, char *text, char *reply_to, char *encoding,
data/elog-3.1.3-1/src/elconv.c:551:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int n_attr, char *text, char *reply_to, char *encoding,
data/elog-3.1.3-1/src/elconv.c:551:55: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int n_attr, char *text, char *reply_to, char *encoding,
data/elog-3.1.3-1/src/elconv.c:552:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char afilename[MAX_ATTACHMENTS][256],
data/elog-3.1.3-1/src/elconv.c:553:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buffer[MAX_ATTACHMENTS], INT buffer_size[MAX_ATTACHMENTS], char *tag)
data/elog-3.1.3-1/src/elconv.c:586:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[256], afile_name[MAX_ATTACHMENTS][256], dir[256],
data/elog-3.1.3-1/src/elconv.c:590:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[TEXT_SIZE + 100], *p;
data/elog-3.1.3-1/src/elconv.c:631:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(file_name, O_CREAT | O_RDWR | O_BINARY, 0644);
data/elog-3.1.3-1/src/elconv.c:653:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
offset = atoi(strchr(str, '.') + 1);
data/elog-3.1.3-1/src/elconv.c:657:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(file_name, O_CREAT | O_RDWR | O_BINARY, 0644);
data/elog-3.1.3-1/src/elconv.c:663:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
size = atoi(str + 9);
data/elog-3.1.3-1/src/elconv.c:692:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(file_name, O_CREAT | O_RDWR | O_BINARY, 0644);
data/elog-3.1.3-1/src/elconv.c:757:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(message + strlen(message), "========================================\n");
data/elog-3.1.3-1/src/elconv.c:761:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(start_str, "$Start$: %6d\n", size);
data/elog-3.1.3-1/src/elconv.c:762:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(end_str, "$End$: %6d\n\f", size);
data/elog-3.1.3-1/src/elconv.c:767:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tag, "%02d%02d%02d.%d", tms->tm_year % 100, tms->tm_mon + 1, tms->tm_mday, (int) (TELL(fh)));
data/elog-3.1.3-1/src/elconv.c:769:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(start_str, "$Start$: %6d\n", size);
data/elog-3.1.3-1/src/elconv.c:770:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(end_str, "$End$: %6d\n\f", size);
data/elog-3.1.3-1/src/elconv.c:805:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(str) == 0) {
data/elog-3.1.3-1/src/elconv.c:851:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256];
data/elog-3.1.3-1/src/elconv.c:859:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(tag, "-1");
data/elog-3.1.3-1/src/elconv.c:873:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
size = atoi(str + 9);
data/elog-3.1.3-1/src/elconv.c:895:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[256], tag[256], str[256], last_file[256];
data/elog-3.1.3-1/src/elconv.c:896:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[TEXT_SIZE + 1000];
data/elog-3.1.3-1/src/elconv.c:956:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tag, "+1");
data/elog-3.1.3-1/src/elconv.c:992:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(file_name, O_CREAT | O_RDWR | O_BINARY, 0644);
data/elog-3.1.3-1/src/elconv.c:1002:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "$@MID@$: %d\n", message_id);
data/elog-3.1.3-1/src/elconv.c:1006:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(thread_list[message_id - 1].reply) > 0) {
data/elog-3.1.3-1/src/elconv.c:1013:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "Reply to: %d\n", thread_list[i].message_id);
data/elog-3.1.3-1/src/elconv.c:1018:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(thread_list[message_id - 1].in_reply_to) > 0) {
data/elog-3.1.3-1/src/elconv.c:1025:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "In reply to: %d\n", thread_list[i].message_id);
data/elog-3.1.3-1/src/elconv.c:1041:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tag, "+1");
data/elog-3.1.3-1/src/elog.c:72:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[TEXT_SIZE], old_text[TEXT_SIZE], new_text[TEXT_SIZE];
data/elog-3.1.3-1/src/elog.c:172:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char str[NAME_LENGTH];
data/elog-3.1.3-1/src/elog.c:178:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf((char *) pd, "%%%02X", *p);
data/elog-3.1.3-1/src/elog.c:280:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *) &(bind_addr.sin_addr), phe->h_addr, phe->h_length);
data/elog-3.1.3-1/src/elog.c:330:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char request[100000], response[100000], *content;
data/elog-3.1.3-1/src/elog.c:332:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
INT retrieve_elog(char *host, int port, char *subdir, int ssl, char *experiment,
data/elog-3.1.3-1/src/elog.c:332:41: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
INT retrieve_elog(char *host, int port, char *subdir, int ssl, char *experiment,
data/elog-3.1.3-1/src/elog.c:332:64: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
INT retrieve_elog(char *host, int port, char *subdir, int ssl, char *experiment,
data/elog-3.1.3-1/src/elog.c:333:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *uname, char *upwd, int message_id,
data/elog-3.1.3-1/src/elog.c:333:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *uname, char *upwd, int message_id,
data/elog-3.1.3-1/src/elog.c:334:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attrib_name[MAX_N_ATTR][NAME_LENGTH], char attrib[MAX_N_ATTR][NAME_LENGTH], char *text)
data/elog-3.1.3-1/src/elog.c:334:62: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attrib_name[MAX_N_ATTR][NAME_LENGTH], char attrib[MAX_N_ATTR][NAME_LENGTH], char *text)
data/elog-3.1.3-1/src/elog.c:359:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256], encrypted_passwd[256], *ph, *ps;
data/elog-3.1.3-1/src/elog.c:380:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(request, "GET /");
data/elog-3.1.3-1/src/elog.c:389:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(request, " HTTP/1.0\r\n");
data/elog-3.1.3-1/src/elog.c:391:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(request + strlen(request), "User-Agent: ELOG\r\n");
data/elog-3.1.3-1/src/elog.c:397:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(request + strlen(request), "Cookie: ");
data/elog-3.1.3-1/src/elog.c:405:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(request + strlen(request), "Cookie: ");
data/elog-3.1.3-1/src/elog.c:414:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(request, "\r\n");
data/elog-3.1.3-1/src/elog.c:416:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(request, "\r\n");
data/elog-3.1.3-1/src/elog.c:552:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
INT submit_elog(char *host, int port, int ssl, char *subdir, char *experiment,
data/elog-3.1.3-1/src/elog.c:552:48: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
INT submit_elog(char *host, int port, int ssl, char *subdir, char *experiment,
data/elog-3.1.3-1/src/elog.c:552:62: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
INT submit_elog(char *host, int port, int ssl, char *subdir, char *experiment,
data/elog-3.1.3-1/src/elog.c:553:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *uname, char *upwd,
data/elog-3.1.3-1/src/elog.c:553:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *uname, char *upwd,
data/elog-3.1.3-1/src/elog.c:560:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attrib_name[MAX_N_ATTR][NAME_LENGTH],
data/elog-3.1.3-1/src/elog.c:561:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attrib[MAX_N_ATTR][NAME_LENGTH],
data/elog-3.1.3-1/src/elog.c:563:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *text, char afilename[MAX_ATTACHMENTS][256],
data/elog-3.1.3-1/src/elog.c:563:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *text, char afilename[MAX_ATTACHMENTS][256],
data/elog-3.1.3-1/src/elog.c:564:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buffer[MAX_ATTACHMENTS], INT buffer_size[MAX_ATTACHMENTS])
data/elog-3.1.3-1/src/elog.c:597:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host_name[256], boundary[80], str[80], encrypted_passwd[256], *p, *old_encoding;
data/elog-3.1.3-1/src/elog.c:598:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char old_attrib_name[MAX_N_ATTR+1][NAME_LENGTH], old_attrib[MAX_N_ATTR+1][NAME_LENGTH];
data/elog-3.1.3-1/src/elog.c:772:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(boundary, "---------------------------%04X%04X%04X", rand(), rand(), rand());
data/elog-3.1.3-1/src/elog.c:774:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(content, "\r\nContent-Disposition: form-data; name=\"cmd\"\r\n\r\nSubmit\r\n");
data/elog-3.1.3-1/src/elog.c:841:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, buffer[i], buffer_size[i]);
data/elog-3.1.3-1/src/elog.c:844:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(p, "\r\n");
data/elog-3.1.3-1/src/elog.c:851:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(request, "POST /");
data/elog-3.1.3-1/src/elog.c:859:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(request, " HTTP/1.0\r\n");
data/elog-3.1.3-1/src/elog.c:867:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(request + strlen(request), "User-Agent: ELOG\r\n");
data/elog-3.1.3-1/src/elog.c:868:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(request + strlen(request), "Content-Length: %d\r\n", content_length);
data/elog-3.1.3-1/src/elog.c:870:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(request, "\r\n");
data/elog-3.1.3-1/src/elog.c:1000:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[1000], uname[80], upwd[80];
data/elog-3.1.3-1/src/elog.c:1001:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host_name[256], logbook[32], textfile[256], subdir[256];
data/elog-3.1.3-1/src/elog.c:1002:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buffer[MAX_ATTACHMENTS], attachment[MAX_ATTACHMENTS][256];
data/elog-3.1.3-1/src/elog.c:1006:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attr_name[MAX_N_ATTR][NAME_LENGTH], attrib[MAX_N_ATTR][NAME_LENGTH];
data/elog-3.1.3-1/src/elog.c:1038:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = atoi(argv[++i]);
data/elog-3.1.3-1/src/elog.c:1060:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
reply = atoi(argv[++i]);
data/elog-3.1.3-1/src/elog.c:1062:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
edit = atoi(argv[++i]);
data/elog-3.1.3-1/src/elog.c:1067:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
download = atoi(argv[++i]);
data/elog-3.1.3-1/src/elog.c:1069:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
encoding = atoi(argv[++i]);
data/elog-3.1.3-1/src/elog.c:1142:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(textfile, O_RDONLY | O_BINARY);
data/elog-3.1.3-1/src/elog.c:1191:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(attachment[i], O_RDONLY | O_BINARY);
data/elog-3.1.3-1/src/elog.c:1200:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
buffer[i] = (char *)malloc(att_size[i] + 1);
data/elog-3.1.3-1/src/elogd.c:54:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header_buffer[20000];
data/elog-3.1.3-1/src/elogd.c:56:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host_name[256];
data/elog-3.1.3-1/src/elogd.c:57:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char referer[256];
data/elog-3.1.3-1/src/elogd.c:58:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char browser[256];
data/elog-3.1.3-1/src/elogd.c:59:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char config_file[256];
data/elog-3.1.3-1/src/elogd.c:60:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char resource_dir[256];
data/elog-3.1.3-1/src/elogd.c:61:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char logbook_dir[256];
data/elog-3.1.3-1/src/elogd.c:62:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char listen_interface[256];
data/elog-3.1.3-1/src/elogd.c:63:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char theme_name[80];
data/elog-3.1.3-1/src/elogd.c:64:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char http_host[256];
data/elog-3.1.3-1/src/elogd.c:65:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char http_user[256];
data/elog-3.1.3-1/src/elogd.c:67:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char _param[MAX_PARAM][NAME_LENGTH];
data/elog-3.1.3-1/src/elogd.c:68:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char _value[MAX_PARAM][NAME_LENGTH];
data/elog-3.1.3-1/src/elogd.c:69:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char _mtext[TEXT_SIZE];
data/elog-3.1.3-1/src/elogd.c:70:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char _cmdline[CMD_SIZE];
data/elog-3.1.3-1/src/elogd.c:75:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rem_host[256];
data/elog-3.1.3-1/src/elogd.c:76:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rem_host_ip[256];
data/elog-3.1.3-1/src/elogd.c:97:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type_list[MAX_N_LIST][NAME_LENGTH] = { "Routine", "Other" };
data/elog-3.1.3-1/src/elogd.c:99:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char category_list[MAX_N_LIST][NAME_LENGTH] = { "General", "Other",
data/elog-3.1.3-1/src/elogd.c:102:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char author_list[MAX_N_LIST][NAME_LENGTH] = { "" };
data/elog-3.1.3-1/src/elogd.c:104:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attr_list[MAX_N_ATTR][NAME_LENGTH];
data/elog-3.1.3-1/src/elogd.c:105:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attr_options[MAX_N_ATTR][MAX_N_LIST][NAME_LENGTH];
data/elog-3.1.3-1/src/elogd.c:117:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ext[32];
data/elog-3.1.3-1/src/elogd.c:118:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[80];
data/elog-3.1.3-1/src/elogd.c:187:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char language[32];
data/elog-3.1.3-1/src/elogd.c:188:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char abbrev[32];
data/elog-3.1.3-1/src/elogd.c:212:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char _convert_cmd[256];
data/elog-3.1.3-1/src/elogd.c:213:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char _identify_cmd[256];
data/elog-3.1.3-1/src/elogd.c:222:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pidfile[256]; /* Pidfile name */
data/elog-3.1.3-1/src/elogd.c:412:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/elog-3.1.3-1/src/elogd.c:563:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ap, &args, sizeof(va_list));
data/elog-3.1.3-1/src/elogd.c:811:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[10000];
data/elog-3.1.3-1/src/elogd.c:939:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[1024];
data/elog-3.1.3-1/src/elogd.c:951:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open("/tmp/elog-shell", O_RDONLY);
data/elog-3.1.3-1/src/elogd.c:1024:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[2 * NAME_LENGTH], str[2 * NAME_LENGTH], uattr[2 * NAME_LENGTH], *ps, *pt, *p, result[10000];
data/elog-3.1.3-1/src/elogd.c:1034:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pt, ps, j);
data/elog-3.1.3-1/src/elogd.c:1085:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pt, ps, j);
data/elog-3.1.3-1/src/elogd.c:1148:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, subst, strlen(subst));
data/elog-3.1.3-1/src/elogd.c:1150:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, subst, strlen(subst));
data/elog-3.1.3-1/src/elogd.c:1172:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *pD, str[3];
data/elog-3.1.3-1/src/elogd.c:1207:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char str[NAME_LENGTH];
data/elog-3.1.3-1/src/elogd.c:1213:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf((char *) pd, "%%%02X", *p);
data/elog-3.1.3-1/src/elogd.c:1233:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char str[NAME_LENGTH];
data/elog-3.1.3-1/src/elogd.c:1239:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf((char *) pd, "%%%02X", *p);
data/elog-3.1.3-1/src/elogd.c:1261:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char str[NAME_LENGTH];
data/elog-3.1.3-1/src/elogd.c:1420:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[64]; // input buffer
data/elog-3.1.3-1/src/elogd.c:1467:65: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void MD5_checksum(const void *pdata, unsigned int len, unsigned char digest[16])
data/elog-3.1.3-1/src/elogd.c:1470:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bits[8];
data/elog-3.1.3-1/src/elogd.c:1474:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char PADDING[64] = { 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
data/elog-3.1.3-1/src/elogd.c:1526:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pctx->buffer[index], pin, partlen);
data/elog-3.1.3-1/src/elogd.c:1537:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pctx->buffer[index], &pin[i], len - i);
data/elog-3.1.3-1/src/elogd.c:1543:53: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void _MD5_transform(unsigned int state[4], unsigned char block[64])
data/elog-3.1.3-1/src/elogd.c:1667:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(file_name, O_RDONLY);
data/elog-3.1.3-1/src/elogd.c:1918:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256];
data/elog-3.1.3-1/src/elogd.c:1959:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sid + i * 4, "%04X", rand() % 0x10000);
data/elog-3.1.3-1/src/elogd.c:2014:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256], charset[256], subject_enc[5000];
data/elog-3.1.3-1/src/elogd.c:2015:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[80], str[256];
data/elog-3.1.3-1/src/elogd.c:2043:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "timezone: %d, offset: %d\n", (int) my_timezone(), (int) offset);
data/elog-3.1.3-1/src/elogd.c:2055:64: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (getcfg(lbs->name, "Omit Email to", str, sizeof(str)) && atoi(str) == 1)
data/elog-3.1.3-1/src/elogd.c:2116:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(multipart_boundary, "------------%04X%04X%04X", rand(), rand(), rand());
data/elog-3.1.3-1/src/elogd.c:2124:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(multipart_boundary, "------------%04X%04X%04X", rand(), rand(), rand());
data/elog-3.1.3-1/src/elogd.c:2141:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(str) != expected) {
data/elog-3.1.3-1/src/elogd.c:2158:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char list[MAX_N_EMAIL][NAME_LENGTH], buffer[10000], decoded[256];
data/elog-3.1.3-1/src/elogd.c:2187:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *) &(bind_addr.sin_addr), phe->h_addr, phe->h_length);
data/elog-3.1.3-1/src/elogd.c:2257:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(str) != 334) {
data/elog-3.1.3-1/src/elogd.c:2274:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "\r\n");
data/elog-3.1.3-1/src/elogd.c:2291:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "\r\n");
data/elog-3.1.3-1/src/elogd.c:2425:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((char *) &(bind_addr.sin_addr), phe->h_addr, phe->h_length);
data/elog-3.1.3-1/src/elogd.c:2473:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256];
data/elog-3.1.3-1/src/elogd.c:2505:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*port = atoi(strchr(str, ':') + 1);
data/elog-3.1.3-1/src/elogd.c:2527:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[1000], unm[256], upwd[256], host[256], subdir[256], param[256];
data/elog-3.1.3-1/src/elogd.c:2538:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char last_host[256];
data/elog-3.1.3-1/src/elogd.c:2604:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "\r\n");
data/elog-3.1.3-1/src/elogd.c:2677:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open("/dev/null", O_RDWR, 0);
data/elog-3.1.3-1/src/elogd.c:2679:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open("/dev/null", O_WRONLY, 0);
data/elog-3.1.3-1/src/elogd.c:2718:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char _topgroup[256];
data/elog-3.1.3-1/src/elogd.c:2719:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char _condition[256];
data/elog-3.1.3-1/src/elogd.c:2762:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256];
data/elog-3.1.3-1/src/elogd.c:2782:41: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void evaluate_conditions(LOGBOOK * lbs, char attrib[MAX_N_ATTR][NAME_LENGTH])
data/elog-3.1.3-1/src/elogd.c:2784:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char condition[256], str[256];
data/elog-3.1.3-1/src/elogd.c:2822:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *p, pcond[256], clist[10][NAME_LENGTH], plist[10][NAME_LENGTH], alist[10][NAME_LENGTH];
data/elog-3.1.3-1/src/elogd.c:2911:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(file_name, O_RDONLY | O_BINARY);
data/elog-3.1.3-1/src/elogd.c:3030:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uparam[256];
data/elog-3.1.3-1/src/elogd.c:3086:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256];
data/elog-3.1.3-1/src/elogd.c:3211:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256];
data/elog-3.1.3-1/src/elogd.c:3233:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char language[256], file_name[256], *p;
data/elog-3.1.3-1/src/elogd.c:3270:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(file_name, O_RDONLY | O_BINARY);
data/elog-3.1.3-1/src/elogd.c:3341:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char language[256];
data/elog-3.1.3-1/src/elogd.c:3342:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char result[256];
data/elog-3.1.3-1/src/elogd.c:3403:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char name[32];
data/elog-3.1.3-1/src/elogd.c:3433:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tms.tm_mday = atoi(date + 5);
data/elog-3.1.3-1/src/elogd.c:3434:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tms.tm_hour = atoi(date + 17);
data/elog-3.1.3-1/src/elogd.c:3435:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tms.tm_min = atoi(date + 20);
data/elog-3.1.3-1/src/elogd.c:3436:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tms.tm_sec = atoi(date + 23);
data/elog-3.1.3-1/src/elogd.c:3437:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tms.tm_year = atoi(date + 12) - 1900;
data/elog-3.1.3-1/src/elogd.c:3446:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
date_zone = atoi(date + 26);
data/elog-3.1.3-1/src/elogd.c:3467:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tms.tm_mday = atoi(date + 8);
data/elog-3.1.3-1/src/elogd.c:3468:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tms.tm_hour = atoi(date + 11);
data/elog-3.1.3-1/src/elogd.c:3469:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tms.tm_min = atoi(date + 14);
data/elog-3.1.3-1/src/elogd.c:3470:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tms.tm_sec = atoi(date + 17);
data/elog-3.1.3-1/src/elogd.c:3471:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tms.tm_year = atoi(date + 20) - 1900;
data/elog-3.1.3-1/src/elogd.c:3495:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char smtp_host[80];
data/elog-3.1.3-1/src/elogd.c:3506:41: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void retrieve_email_from(LOGBOOK * lbs, char *ret, char *ret_name, char attrib[MAX_N_ATTR][NAME_LENGTH])
data/elog-3.1.3-1/src/elogd.c:3506:52: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void retrieve_email_from(LOGBOOK * lbs, char *ret, char *ret_name, char attrib[MAX_N_ATTR][NAME_LENGTH])
data/elog-3.1.3-1/src/elogd.c:3506:68: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void retrieve_email_from(LOGBOOK * lbs, char *ret, char *ret_name, char attrib[MAX_N_ATTR][NAME_LENGTH])
data/elog-3.1.3-1/src/elogd.c:3508:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char email_from[256], email_from_name[256], str[256], *p, login_name[256],
data/elog-3.1.3-1/src/elogd.c:3621:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[80];
data/elog-3.1.3-1/src/elogd.c:3629:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%d", atoi(str));
data/elog-3.1.3-1/src/elogd.c:3629:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sprintf(str, "%d", atoi(str));
data/elog-3.1.3-1/src/elogd.c:3655:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *p, str[NAME_LENGTH], tmp[NAME_LENGTH];
data/elog-3.1.3-1/src/elogd.c:3787:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[255];
data/elog-3.1.3-1/src/elogd.c:3832:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fn[MAX_PATH_LENGTH], path[MAX_PATH_LENGTH];
data/elog-3.1.3-1/src/elogd.c:3850:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(subdir, "20%02d", year);
data/elog-3.1.3-1/src/elogd.c:3852:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(subdir, "19%02d", year);
data/elog-3.1.3-1/src/elogd.c:3863:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char old_path[MAX_PATH_LENGTH], new_path[MAX_PATH_LENGTH],
data/elog-3.1.3-1/src/elogd.c:3939:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256], date[256], *buffer, *p, *pn, in_reply_to[80];
data/elog-3.1.3-1/src/elogd.c:3942:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(file_name, O_RDONLY | O_BINARY, 0644);
data/elog-3.1.3-1/src/elogd.c:3988:58: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lbs->el_index[*lbs->n_el_index].message_id = atoi(p + 8);
data/elog-3.1.3-1/src/elogd.c:3990:59: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lbs->el_index[*lbs->n_el_index].in_reply_to = atoi(in_reply_to);
data/elog-3.1.3-1/src/elogd.c:4031:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[MAX_PATH_LENGTH];
data/elog-3.1.3-1/src/elogd.c:4084:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *file_list, error_str[256], base_dir[256], *buffer;
data/elog-3.1.3-1/src/elogd.c:4087:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[16];
data/elog-3.1.3-1/src/elogd.c:4165:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256], data_dir[256], logbook[256], cwd[256], *p;
data/elog-3.1.3-1/src/elogd.c:4448:48: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int el_retrieve(LOGBOOK * lbs, int message_id, char *date, char attr_list[MAX_N_ATTR][NAME_LENGTH],
data/elog-3.1.3-1/src/elogd.c:4448:60: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int el_retrieve(LOGBOOK * lbs, int message_id, char *date, char attr_list[MAX_N_ATTR][NAME_LENGTH],
data/elog-3.1.3-1/src/elogd.c:4449:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attrib[MAX_N_ATTR][NAME_LENGTH], int n_attr, char *text, int *textsize,
data/elog-3.1.3-1/src/elogd.c:4449:67: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attrib[MAX_N_ATTR][NAME_LENGTH], int n_attr, char *text, int *textsize,
data/elog-3.1.3-1/src/elogd.c:4450:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *in_reply_to, char *reply_to, char attachment[MAX_ATTACHMENTS][MAX_PATH_LENGTH],
data/elog-3.1.3-1/src/elogd.c:4450:36: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *in_reply_to, char *reply_to, char attachment[MAX_ATTACHMENTS][MAX_PATH_LENGTH],
data/elog-3.1.3-1/src/elogd.c:4450:52: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *in_reply_to, char *reply_to, char attachment[MAX_ATTACHMENTS][MAX_PATH_LENGTH],
data/elog-3.1.3-1/src/elogd.c:4486:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[NAME_LENGTH], file_name[256], *p;
data/elog-3.1.3-1/src/elogd.c:4487:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *message, attachment_all[64 * MAX_ATTACHMENTS];
data/elog-3.1.3-1/src/elogd.c:4504:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(file_name, O_RDONLY | O_BINARY, 0644);
data/elog-3.1.3-1/src/elogd.c:4534:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(message + 8) != message_id) {
data/elog-3.1.3-1/src/elogd.c:4645:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[MAX_PATH_LENGTH], ext_file_name[MAX_PATH_LENGTH + 100], str[MAX_PATH_LENGTH], *p, subdir[MAX_PATH_LENGTH];
data/elog-3.1.3-1/src/elogd.c:4668:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tms, localtime(&now), sizeof(struct tm));
data/elog-3.1.3-1/src/elogd.c:4693:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(str, O_CREAT | O_RDWR | O_BINARY, 0644);
data/elog-3.1.3-1/src/elogd.c:4713:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[MAX_PATH_LENGTH], subdir[MAX_PATH_LENGTH];
data/elog-3.1.3-1/src/elogd.c:4726:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str + strlen(str), "-%d.png", i);
data/elog-3.1.3-1/src/elogd.c:4737:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str + strlen(str), "-%d.png", i);
data/elog-3.1.3-1/src/elogd.c:4748:66: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int el_retrieve_attachment(LOGBOOK * lbs, int message_id, int n, char name[MAX_PATH_LENGTH])
data/elog-3.1.3-1/src/elogd.c:4751:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[256], *p;
data/elog-3.1.3-1/src/elogd.c:4752:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[TEXT_SIZE + 1000], attachment_all[64 * MAX_ATTACHMENTS];
data/elog-3.1.3-1/src/elogd.c:4765:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(file_name, O_RDONLY | O_BINARY, 0644);
data/elog-3.1.3-1/src/elogd.c:4789:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(message + 8) != message_id)
data/elog-3.1.3-1/src/elogd.c:4823:58: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int el_submit(LOGBOOK * lbs, int message_id, BOOL bedit, char *date, char attr_name[MAX_N_ATTR][NAME_LENGTH],
data/elog-3.1.3-1/src/elogd.c:4823:70: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int el_submit(LOGBOOK * lbs, int message_id, BOOL bedit, char *date, char attr_name[MAX_N_ATTR][NAME_LENGTH],
data/elog-3.1.3-1/src/elogd.c:4824:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attr_value[MAX_N_ATTR][NAME_LENGTH], int n_attr, char *text, char *in_reply_to,
data/elog-3.1.3-1/src/elogd.c:4824:69: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attr_value[MAX_N_ATTR][NAME_LENGTH], int n_attr, char *text, char *in_reply_to,
data/elog-3.1.3-1/src/elogd.c:4824:81: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attr_value[MAX_N_ATTR][NAME_LENGTH], int n_attr, char *text, char *in_reply_to,
data/elog-3.1.3-1/src/elogd.c:4825:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *reply_to, char *encoding, char afilename[MAX_ATTACHMENTS][256], BOOL mark_original,
data/elog-3.1.3-1/src/elogd.c:4825:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *reply_to, char *encoding, char afilename[MAX_ATTACHMENTS][256], BOOL mark_original,
data/elog-3.1.3-1/src/elogd.c:4825:47: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *reply_to, char *encoding, char afilename[MAX_ATTACHMENTS][256], BOOL mark_original,
data/elog-3.1.3-1/src/elogd.c:4859:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[256], dir[256], str[NAME_LENGTH], date1[256], attrib[MAX_N_ATTR][NAME_LENGTH],
data/elog-3.1.3-1/src/elogd.c:4862:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attachment_all[64 * MAX_ATTACHMENTS], subdir[MAX_PATH_LENGTH];
data/elog-3.1.3-1/src/elogd.c:4895:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(file_name, O_CREAT | O_RDWR | O_BINARY, 0644);
data/elog-3.1.3-1/src/elogd.c:4920:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(message + 8) != message_id) {
data/elog-3.1.3-1/src/elogd.c:4996:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(file_name, "%c%c%02d%c%ca.log", date1[14], date1[15], i + 1, date1[5], date1[6]);
data/elog-3.1.3-1/src/elogd.c:5010:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(str, O_CREAT | O_RDWR | O_BINARY, 0644);
data/elog-3.1.3-1/src/elogd.c:5038:42: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
lbs->el_index[index].in_reply_to = atoi(in_reply_to1);
data/elog-3.1.3-1/src/elogd.c:5059:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(message, "$@MID@$: %d\n", message_id);
data/elog-3.1.3-1/src/elogd.c:5071:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(message + strlen(message), "Attachment: ");
data/elog-3.1.3-1/src/elogd.c:5087:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(message + strlen(message), "========================================\n");
data/elog-3.1.3-1/src/elogd.c:5133:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
reply_id = atoi(in_reply_to);
data/elog-3.1.3-1/src/elogd.c:5135:53: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (mark_original && in_reply_to[0] && !bedit && atoi(in_reply_to) > 0) {
data/elog-3.1.3-1/src/elogd.c:5136:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char date[80], attr[MAX_N_ATTR][NAME_LENGTH], enc[80], att[MAX_ATTACHMENTS][256],
data/elog-3.1.3-1/src/elogd.c:5145:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(reply_to, ", ");
data/elog-3.1.3-1/src/elogd.c:5146:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(reply_to + strlen(reply_to), "%d", message_id);
data/elog-3.1.3-1/src/elogd.c:5161:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char date[80], attr[MAX_N_ATTR][NAME_LENGTH], enc[80], in_reply_to[80], reply_to[MAX_REPLY_TO * 10],
data/elog-3.1.3-1/src/elogd.c:5189:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(p) == remove_id)
data/elog-3.1.3-1/src/elogd.c:5206:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attachment[MAX_ATTACHMENTS][MAX_PATH_LENGTH], BOOL delete_bw_ref,
data/elog-3.1.3-1/src/elogd.c:5230:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[MAX_PATH_LENGTH], file_name[MAX_PATH_LENGTH], reply_to[MAX_REPLY_TO * 10], in_reply_to[256];
data/elog-3.1.3-1/src/elogd.c:5232:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *message, attachment_all[64 * MAX_ATTACHMENTS];
data/elog-3.1.3-1/src/elogd.c:5233:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attrib[MAX_N_ATTR][NAME_LENGTH];
data/elog-3.1.3-1/src/elogd.c:5243:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(file_name, O_RDWR | O_BINARY, 0644);
data/elog-3.1.3-1/src/elogd.c:5258:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "DELETE entry #%d", message_id);
data/elog-3.1.3-1/src/elogd.c:5275:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(message + 8) != message_id) {
data/elog-3.1.3-1/src/elogd.c:5358:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&lbs->el_index[i], &lbs->el_index[i + 1], sizeof(EL_INDEX));
data/elog-3.1.3-1/src/elogd.c:5379:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(p))
data/elog-3.1.3-1/src/elogd.c:5380:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
el_delete_message(lbs, atoi(p), TRUE, NULL, FALSE, TRUE);
data/elog-3.1.3-1/src/elogd.c:5393:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(p))
data/elog-3.1.3-1/src/elogd.c:5394:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
remove_reference(lbs, atoi(p), message_id, TRUE);
data/elog-3.1.3-1/src/elogd.c:5417:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char date[80], *attrib, *text, in_reply_to[80], reply_to[MAX_REPLY_TO * 10], encoding[80],
data/elog-3.1.3-1/src/elogd.c:5419:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char list[MAX_N_ATTR][NAME_LENGTH], list1[MAX_N_ATTR][NAME_LENGTH];
data/elog-3.1.3-1/src/elogd.c:5426:47: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
el_retrieve(lbs, new_id, date, attr_list, (char (*)[1500]) attrib, lbs->n_attr, NULL, 0, in_reply_to,
data/elog-3.1.3-1/src/elogd.c:5427:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
reply_to, (char (*)[256]) att_file, encoding, locked_by, draft);
data/elog-3.1.3-1/src/elogd.c:5433:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
el_retrieve(lbs, atoi(list[i]), date, attr_list, (char (*)[1500]) attrib, lbs->n_attr, text, &size,
data/elog-3.1.3-1/src/elogd.c:5433:57: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
el_retrieve(lbs, atoi(list[i]), date, attr_list, (char (*)[1500]) attrib, lbs->n_attr, text, &size,
data/elog-3.1.3-1/src/elogd.c:5434:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
in_reply_to, reply_to, (char (*)[256]) att_file, encoding, locked_by, draft);
data/elog-3.1.3-1/src/elogd.c:5440:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(list1[i1]) == old_id)
data/elog-3.1.3-1/src/elogd.c:5441:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(reply_to + strlen(reply_to), "%d", new_id);
data/elog-3.1.3-1/src/elogd.c:5446:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(reply_to, ", ");
data/elog-3.1.3-1/src/elogd.c:5449:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
el_submit(lbs, atoi(list[i]), TRUE, date, attr_list, (char (*)[1500]) attrib, lbs->n_attr, text,
data/elog-3.1.3-1/src/elogd.c:5449:61: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
el_submit(lbs, atoi(list[i]), TRUE, date, attr_list, (char (*)[1500]) attrib, lbs->n_attr, text,
data/elog-3.1.3-1/src/elogd.c:5450:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
in_reply_to, reply_to, encoding, (char (*)[256]) att_file, TRUE, locked_by, draft);
data/elog-3.1.3-1/src/elogd.c:5453:47: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
el_retrieve(lbs, new_id, date, attr_list, (char (*)[1500]) attrib, lbs->n_attr, NULL, 0, in_reply_to,
data/elog-3.1.3-1/src/elogd.c:5454:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
reply_to, (char (*)[256]) att_file, encoding, locked_by, draft);
data/elog-3.1.3-1/src/elogd.c:5460:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
el_retrieve(lbs, atoi(list[i]), date, attr_list, (char (*)[1500]) attrib, lbs->n_attr, text, &size,
data/elog-3.1.3-1/src/elogd.c:5460:57: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
el_retrieve(lbs, atoi(list[i]), date, attr_list, (char (*)[1500]) attrib, lbs->n_attr, text, &size,
data/elog-3.1.3-1/src/elogd.c:5461:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
in_reply_to, reply_to, (char (*)[256]) att_file, encoding, locked_by, draft);
data/elog-3.1.3-1/src/elogd.c:5467:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(list1[i1]) == old_id)
data/elog-3.1.3-1/src/elogd.c:5468:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(in_reply_to + strlen(in_reply_to), "%d", new_id);
data/elog-3.1.3-1/src/elogd.c:5473:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(in_reply_to, ", ");
data/elog-3.1.3-1/src/elogd.c:5476:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
el_submit(lbs, atoi(list[i]), TRUE, date, attr_list, (char (*)[1500]) attrib, lbs->n_attr, text,
data/elog-3.1.3-1/src/elogd.c:5476:61: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
el_submit(lbs, atoi(list[i]), TRUE, date, attr_list, (char (*)[1500]) attrib, lbs->n_attr, text,
data/elog-3.1.3-1/src/elogd.c:5477:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
in_reply_to, reply_to, encoding, (char (*)[256]) att_file, TRUE, locked_by, draft);
data/elog-3.1.3-1/src/elogd.c:5492:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char date[80], attrib[MAX_N_ATTR][NAME_LENGTH], *text, in_reply_to[80], reply_to[MAX_REPLY_TO * 10],
data/elog-3.1.3-1/src/elogd.c:5494:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char list[MAX_N_ATTR][NAME_LENGTH], str[256];
data/elog-3.1.3-1/src/elogd.c:5495:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char att_file[MAX_ATTACHMENTS][256];
data/elog-3.1.3-1/src/elogd.c:5517:67: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (getcfg(lbs->name, "Resubmit replies", str, sizeof(str)) && atoi(str) == 1) {
data/elog-3.1.3-1/src/elogd.c:5521:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
el_move_message_thread(lbs, atoi(list[i]));
data/elog-3.1.3-1/src/elogd.c:5533:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char date[80], attrib[MAX_N_ATTR][NAME_LENGTH], *text, in_reply_to[80], reply_to[MAX_REPLY_TO * 10],
data/elog-3.1.3-1/src/elogd.c:5568:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char date[80], attrib[MAX_N_ATTR][NAME_LENGTH], text[TEXT_SIZE], in_reply_to[80],
data/elog-3.1.3-1/src/elogd.c:5570:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char att_file[MAX_ATTACHMENTS][256];
data/elog-3.1.3-1/src/elogd.c:5590:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char date[80], attrib[MAX_N_ATTR][NAME_LENGTH], text[TEXT_SIZE], in_reply_to[80],
data/elog-3.1.3-1/src/elogd.c:5592:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char att_file[MAX_ATTACHMENTS][256];
data/elog-3.1.3-1/src/elogd.c:5610:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[MAX_PATH_LENGTH];
data/elog-3.1.3-1/src/elogd.c:5611:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[MAX_PATH_LENGTH], unm[256];
data/elog-3.1.3-1/src/elogd.c:5614:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[10000];
data/elog-3.1.3-1/src/elogd.c:5629:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(file_name, O_RDWR | O_BINARY | O_CREAT | O_APPEND, 0644);
data/elog-3.1.3-1/src/elogd.c:5735:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[80];
data/elog-3.1.3-1/src/elogd.c:5737:65: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return (getcfg(lbs->name, "Allow HTML", str, sizeof(str)) && atoi(str) == 1);
data/elog-3.1.3-1/src/elogd.c:5780:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(file_name, O_RDONLY | O_BINARY);
data/elog-3.1.3-1/src/elogd.c:5819:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(file_name, O_RDONLY | O_BINARY);
data/elog-3.1.3-1/src/elogd.c:5915:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *p, *pn, *pa, old[256], link[256], base_url[256], domain[256];
data/elog-3.1.3-1/src/elogd.c:5925:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
index = atoi(pn);
data/elog-3.1.3-1/src/elogd.c:5966:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256], base_url[256];
data/elog-3.1.3-1/src/elogd.c:5982:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(base_url, "../");
data/elog-3.1.3-1/src/elogd.c:6021:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *p, *pd, link[1000], link_text[1000];
data/elog-3.1.3-1/src/elogd.c:6120:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(return_buffer + j, "</a>");
data/elog-3.1.3-1/src/elogd.c:6130:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(return_buffer + j, "<br>");
data/elog-3.1.3-1/src/elogd.c:6136:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(return_buffer, "&");
data/elog-3.1.3-1/src/elogd.c:6140:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(return_buffer, "<");
data/elog-3.1.3-1/src/elogd.c:6144:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(return_buffer, ">");
data/elog-3.1.3-1/src/elogd.c:6187:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[2];
data/elog-3.1.3-1/src/elogd.c:6325:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *p, *pd, link[1000], link_text[1000], tmp[1000], attrib[1000], hattrib[1000], value[1000],
data/elog-3.1.3-1/src/elogd.c:6343:65: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (getcfg(lbs->name, "Enable smileys", tmp, sizeof(tmp)) && atoi(tmp) == 0)
data/elog-3.1.3-1/src/elogd.c:6416:22: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(base_url, "../");
data/elog-3.1.3-1/src/elogd.c:6450:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(return_buffer + j, "</a>");
data/elog-3.1.3-1/src/elogd.c:6594:34: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(param, "attachment%d", atoi(attrib + 6) - 1);
data/elog-3.1.3-1/src/elogd.c:6594:65: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sprintf(param, "attachment%d", atoi(attrib + 6) - 1);
data/elog-3.1.3-1/src/elogd.c:6645:22: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(subst, "</ol>");
data/elog-3.1.3-1/src/elogd.c:6647:22: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(subst, "</ul>");
data/elog-3.1.3-1/src/elogd.c:6729:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(return_buffer + j, "<br />");
data/elog-3.1.3-1/src/elogd.c:6736:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(return_buffer, "<br />\r\n");
data/elog-3.1.3-1/src/elogd.c:6739:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(return_buffer, "\r\n");
data/elog-3.1.3-1/src/elogd.c:6746:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(return_buffer, "&");
data/elog-3.1.3-1/src/elogd.c:6750:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(return_buffer, "<");
data/elog-3.1.3-1/src/elogd.c:6754:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(return_buffer, ">");
data/elog-3.1.3-1/src/elogd.c:6791:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[10000];
data/elog-3.1.3-1/src/elogd.c:6836:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[10000];
data/elog-3.1.3-1/src/elogd.c:6840:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str,
data/elog-3.1.3-1/src/elogd.c:6853:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str,
data/elog-3.1.3-1/src/elogd.c:6871:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "Error: Parameter name too big (%lu bytes).\n", (unsigned long) strlen(param));
data/elog-3.1.3-1/src/elogd.c:6888:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "Error: Too many parameters (> %d). Cannot perform operation.\n", MAX_PARAM);
data/elog-3.1.3-1/src/elogd.c:6971:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *p, str2[256];
data/elog-3.1.3-1/src/elogd.c:6997:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *p, *ph, str2[256];
data/elog-3.1.3-1/src/elogd.c:7037:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(base_url, "https://");
data/elog-3.1.3-1/src/elogd.c:7039:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(base_url, "http://");
data/elog-3.1.3-1/src/elogd.c:7065:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[NAME_LENGTH], group[NAME_LENGTH], list[NAME_LENGTH], *p, rel_path[NAME_LENGTH];
data/elog-3.1.3-1/src/elogd.c:7075:68: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (getcfg(lbs->name, "Relative redirect", str, sizeof(str)) && atoi(str) == 1) {
data/elog-3.1.3-1/src/elogd.c:7150:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str + strlen(str), ":%d", elog_tcp_port);
data/elog-3.1.3-1/src/elogd.c:7195:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str + strlen(str), ":%d", elog_tcp_port);
data/elog-3.1.3-1/src/elogd.c:7238:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[NAME_LENGTH];
data/elog-3.1.3-1/src/elogd.c:7259:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lb_name[256], str[NAME_LENGTH], format[80];
data/elog-3.1.3-1/src/elogd.c:7267:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(lb_name, "global");
data/elog-3.1.3-1/src/elogd.c:7307:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(format, "%A, %d-%b-%y %H:%M:%S GMT");
data/elog-3.1.3-1/src/elogd.c:7424:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char list[10000], str[NAME_LENGTH], str2[NAME_LENGTH], type[NAME_LENGTH],
data/elog-3.1.3-1/src/elogd.c:7479:70: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (n_options && getcfg(logbook, str2, str, sizeof(str)) && atoi(str) == 1) {
data/elog-3.1.3-1/src/elogd.c:7552:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(attr_list, attr_list_default, sizeof(attr_list_default));
data/elog-3.1.3-1/src/elogd.c:7553:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(attr_options, attr_options_default, sizeof(attr_options_default));
data/elog-3.1.3-1/src/elogd.c:7554:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(attr_flags, attr_flags_default, sizeof(attr_flags_default));
data/elog-3.1.3-1/src/elogd.c:7565:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256];
data/elog-3.1.3-1/src/elogd.c:7615:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char css[1000], css_base[1000], str[1000], media[1000];
data/elog-3.1.3-1/src/elogd.c:7616:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char css_list[MAX_N_LIST][NAME_LENGTH];
data/elog-3.1.3-1/src/elogd.c:7729:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[1000];
data/elog-3.1.3-1/src/elogd.c:7797:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[1000], grpname[256], grpmembers[1000];
data/elog-3.1.3-1/src/elogd.c:7799:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grplist[MAX_N_LIST][NAME_LENGTH];
data/elog-3.1.3-1/src/elogd.c:7954:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[1000], grpname[256], grpmembers[1000];
data/elog-3.1.3-1/src/elogd.c:7955:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grplist[MAX_N_LIST][NAME_LENGTH];
data/elog-3.1.3-1/src/elogd.c:7990:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[1000], grpname[256], grpmembers[1000];
data/elog-3.1.3-1/src/elogd.c:7991:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char grplist[MAX_N_LIST][NAME_LENGTH];
data/elog-3.1.3-1/src/elogd.c:8025:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[NAME_LENGTH], ref[256], sclass[32], comment[256], full_name[256], url[256], logbook[256];
data/elog-3.1.3-1/src/elogd.c:8028:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char slist[20][NAME_LENGTH], svalue[20][NAME_LENGTH];
data/elog-3.1.3-1/src/elogd.c:8049:77: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!printable && (!getcfg(logbook, "logbook tabs", str, sizeof(str)) || atoi(str) == 1)) {
data/elog-3.1.3-1/src/elogd.c:8071:79: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (getcfg(pnode->member[i]->name, "Hidden", str, sizeof(str)) && atoi(str) == 1)
data/elog-3.1.3-1/src/elogd.c:8097:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(sclass, "sltab");
data/elog-3.1.3-1/src/elogd.c:8100:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(sclass, "sgtab");
data/elog-3.1.3-1/src/elogd.c:8104:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(sclass, "ltab");
data/elog-3.1.3-1/src/elogd.c:8107:19: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(sclass, "gtab");
data/elog-3.1.3-1/src/elogd.c:8200:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[NAME_LENGTH];
data/elog-3.1.3-1/src/elogd.c:8205:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[256], *buf;
data/elog-3.1.3-1/src/elogd.c:8215:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(file_name, "rb");
data/elog-3.1.3-1/src/elogd.c:8236:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[NAME_LENGTH], slist[20][NAME_LENGTH], svalue[20][NAME_LENGTH];
data/elog-3.1.3-1/src/elogd.c:8243:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[256], *buf;
data/elog-3.1.3-1/src/elogd.c:8254:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(file_name, "rb");
data/elog-3.1.3-1/src/elogd.c:8288:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[NAME_LENGTH], slist[20][NAME_LENGTH], svalue[20][NAME_LENGTH];
data/elog-3.1.3-1/src/elogd.c:8293:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[256], *buf;
data/elog-3.1.3-1/src/elogd.c:8304:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(file_name, "rb");
data/elog-3.1.3-1/src/elogd.c:8342:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256];
data/elog-3.1.3-1/src/elogd.c:8410:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256], lb_name[256], exp[80];
data/elog-3.1.3-1/src/elogd.c:8423:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(lb_name, "global");
data/elog-3.1.3-1/src/elogd.c:8429:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(exp, "744"); /* one month by default = 31*24 */
data/elog-3.1.3-1/src/elogd.c:8479:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(file_name, O_RDONLY | O_BINARY);
data/elog-3.1.3-1/src/elogd.c:8492:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[MAX_PATH_LENGTH], dir[MAX_PATH_LENGTH], charset[80];
data/elog-3.1.3-1/src/elogd.c:8495:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(file_name, O_RDONLY | O_BINARY);
data/elog-3.1.3-1/src/elogd.c:8556:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char encodedname[256];
data/elog-3.1.3-1/src/elogd.c:8705:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(b, "<br>\n");
data/elog-3.1.3-1/src/elogd.c:8710:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(b, "<");
data/elog-3.1.3-1/src/elogd.c:8715:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(b, ">");
data/elog-3.1.3-1/src/elogd.c:8720:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(b, "&");
data/elog-3.1.3-1/src/elogd.c:8725:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(b, """);
data/elog-3.1.3-1/src/elogd.c:8730:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(b + strlen(b), "%c", text[i]);
data/elog-3.1.3-1/src/elogd.c:8741:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[NAME_LENGTH], format[256], full_name[256], user_email[256];
data/elog-3.1.3-1/src/elogd.c:8753:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
t = (time_t) atoi(attrib[i]);
data/elog-3.1.3-1/src/elogd.c:8766:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
t = (time_t) atoi(attrib[i]);
data/elog-3.1.3-1/src/elogd.c:8784:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(list[i], "remote_host");
data/elog-3.1.3-1/src/elogd.c:8788:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(list[i], "host");
data/elog-3.1.3-1/src/elogd.c:8792:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(list[i], "http_user");
data/elog-3.1.3-1/src/elogd.c:8796:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(list[i], "short_name");
data/elog-3.1.3-1/src/elogd.c:8806:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(list[i], "long_name");
data/elog-3.1.3-1/src/elogd.c:8811:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(list[i], "user_email");
data/elog-3.1.3-1/src/elogd.c:8812:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(value[i], "mailto:");
data/elog-3.1.3-1/src/elogd.c:8818:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(list[i], "logbook");
data/elog-3.1.3-1/src/elogd.c:8822:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(list[i], "elogbook");
data/elog-3.1.3-1/src/elogd.c:8827:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(list[i], "date");
data/elog-3.1.3-1/src/elogd.c:8837:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%d", (int) t);
data/elog-3.1.3-1/src/elogd.c:8841:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(list[i], "utcdate");
data/elog-3.1.3-1/src/elogd.c:8850:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%d", (int) t);
data/elog-3.1.3-1/src/elogd.c:8854:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(list[i], "version");
data/elog-3.1.3-1/src/elogd.c:8857:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(list[i], "revision");
data/elog-3.1.3-1/src/elogd.c:8874:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[80], str[256];
data/elog-3.1.3-1/src/elogd.c:8880:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%d", (int) ltime);
data/elog-3.1.3-1/src/elogd.c:8898:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256];
data/elog-3.1.3-1/src/elogd.c:8919:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256], config[256], old_pwd[256], new_pwd[256], new_pwd2[256], user[256], auth[32], error_str[256];
data/elog-3.1.3-1/src/elogd.c:8952:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
wrong_pwd = atoi(getparam("fail"));
data/elog-3.1.3-1/src/elogd.c:9077:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *p, attrib[MAX_N_ATTR][NAME_LENGTH], att[MAX_ATTACHMENTS][256], draft[256];
data/elog-3.1.3-1/src/elogd.c:9112:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(retstr + loc, "%0*d", len, 1);
data/elog-3.1.3-1/src/elogd.c:9124:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(attrib[index] + loc) > old_index)
data/elog-3.1.3-1/src/elogd.c:9125:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
old_index = atoi(attrib[index] + loc);
data/elog-3.1.3-1/src/elogd.c:9132:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(retstr + loc, "%0*d", len, old_index + 1);
data/elog-3.1.3-1/src/elogd.c:9137:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
BOOL is_author(LOGBOOK * lbs, char attrib[MAX_N_ATTR][NAME_LENGTH], char *owner)
data/elog-3.1.3-1/src/elogd.c:9139:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[NAME_LENGTH], preset[NAME_LENGTH], full_name[NAME_LENGTH];
data/elog-3.1.3-1/src/elogd.c:9184:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
BOOL get_author(LOGBOOK * lbs, char attrib[MAX_N_ATTR][NAME_LENGTH], char *author)
data/elog-3.1.3-1/src/elogd.c:9186:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[NAME_LENGTH], preset[NAME_LENGTH];
data/elog-3.1.3-1/src/elogd.c:9345:36: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void attrib_from_param(int n_attr, char attrib[MAX_N_ATTR][NAME_LENGTH])
data/elog-3.1.3-1/src/elogd.c:9348:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[NAME_LENGTH], ua[NAME_LENGTH];
data/elog-3.1.3-1/src/elogd.c:9376:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "y%d", i);
data/elog-3.1.3-1/src/elogd.c:9377:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
year = atoi(isparam(str) ? getparam(str) : "");
data/elog-3.1.3-1/src/elogd.c:9381:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "m%d", i);
data/elog-3.1.3-1/src/elogd.c:9382:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
month = atoi(isparam(str) ? getparam(str) : "");
data/elog-3.1.3-1/src/elogd.c:9384:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "d%d", i);
data/elog-3.1.3-1/src/elogd.c:9385:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
day = atoi(isparam(str) ? getparam(str) : "");
data/elog-3.1.3-1/src/elogd.c:9395:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(attrib[i], "%d", (int) ltime);
data/elog-3.1.3-1/src/elogd.c:9405:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "y%d", i);
data/elog-3.1.3-1/src/elogd.c:9406:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
year = atoi(isparam(str) ? getparam(str) : "");
data/elog-3.1.3-1/src/elogd.c:9410:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "m%d", i);
data/elog-3.1.3-1/src/elogd.c:9411:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
month = atoi(isparam(str) ? getparam(str) : "");
data/elog-3.1.3-1/src/elogd.c:9413:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "d%d", i);
data/elog-3.1.3-1/src/elogd.c:9414:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
day = atoi(isparam(str) ? getparam(str) : "");
data/elog-3.1.3-1/src/elogd.c:9416:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "h%d", i);
data/elog-3.1.3-1/src/elogd.c:9417:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
hour = atoi(isparam(str) ? getparam(str) : "");
data/elog-3.1.3-1/src/elogd.c:9419:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "n%d", i);
data/elog-3.1.3-1/src/elogd.c:9420:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
min = atoi(isparam(str) ? getparam(str) : "");
data/elog-3.1.3-1/src/elogd.c:9422:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "c%d", i);
data/elog-3.1.3-1/src/elogd.c:9423:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sec = atoi(isparam(str) ? getparam(str) : "");
data/elog-3.1.3-1/src/elogd.c:9436:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(attrib[i], "%d", (int) ltime);
data/elog-3.1.3-1/src/elogd.c:9479:56: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void compare_attributes(LOGBOOK * lbs, int message_id, char attrib[MAX_N_ATTR][NAME_LENGTH], int *n)
data/elog-3.1.3-1/src/elogd.c:9482:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply_to[MAX_REPLY_TO * 10], *attr, *list;
data/elog-3.1.3-1/src/elogd.c:9486:60: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
status = el_retrieve(lbs, message_id, NULL, attr_list, (char (*)[NAME_LENGTH]) attr, lbs->n_attr,
data/elog-3.1.3-1/src/elogd.c:9494:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(attrib, attr, sizeof(MAX_N_ATTR * NAME_LENGTH));
data/elog-3.1.3-1/src/elogd.c:9507:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
n_reply = strbreak(reply_to, (char (*)[NAME_LENGTH]) list, MAX_N_ATTR, ",", FALSE);
data/elog-3.1.3-1/src/elogd.c:9509:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
compare_attributes(lbs, atoi(list + i * NAME_LENGTH), attrib, n);
data/elog-3.1.3-1/src/elogd.c:9523:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[1000], draft[256], title[256], datetime[256], attrib[MAX_N_ATTR][NAME_LENGTH];
data/elog-3.1.3-1/src/elogd.c:9596:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[2 * NAME_LENGTH], str2[NAME_LENGTH], preset[2 * NAME_LENGTH], *p, *pend, star[80],
data/elog-3.1.3-1/src/elogd.c:9607:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fl[8][NAME_LENGTH];
data/elog-3.1.3-1/src/elogd.c:9680:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "attachment%d", i);
data/elog-3.1.3-1/src/elogd.c:9687:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "attachment%d", i);
data/elog-3.1.3-1/src/elogd.c:9698:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(encoding, "plain");
data/elog-3.1.3-1/src/elogd.c:9716:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
for (i = n = 0; i < atoi(getparam("nsel")); i++) {
data/elog-3.1.3-1/src/elogd.c:9717:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "s%d", i);
data/elog-3.1.3-1/src/elogd.c:9719:40: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
compare_attributes(lbs, atoi(getparam(str)), attrib, &n);
data/elog-3.1.3-1/src/elogd.c:9724:73: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (message_id && getcfg(lbs->name, "Use Lock", str, sizeof(str)) && atoi(str) == 1 && locked_by[0]
data/elog-3.1.3-1/src/elogd.c:9726:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%d", message_id);
data/elog-3.1.3-1/src/elogd.c:9735:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
allowed_encoding = atoi(str);
data/elog-3.1.3-1/src/elogd.c:9750:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
enc_selected = atoi(str);
data/elog-3.1.3-1/src/elogd.c:9762:69: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
show_text = !getcfg(lbs->name, "Show text", str, sizeof(str)) || atoi(str) == 1;
data/elog-3.1.3-1/src/elogd.c:9974:76: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (breply && getcfg(lbs->name, "Allow branching", str, sizeof(str)) && atoi(str) == 0) {
data/elog-3.1.3-1/src/elogd.c:9983:73: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (bedit && getcfg(lbs->name, "Restrict edit", str, sizeof(str)) && atoi(str) == 1) {
data/elog-3.1.3-1/src/elogd.c:10009:62: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (getcfg(lbs->name, "Use Lock", str, sizeof(str)) && atoi(str) == 1) {
data/elog-3.1.3-1/src/elogd.c:10038:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
i = build_subst_list(lbs, (char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue, NULL, TRUE);
data/elog-3.1.3-1/src/elogd.c:10038:65: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
i = build_subst_list(lbs, (char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue, NULL, TRUE);
data/elog-3.1.3-1/src/elogd.c:10039:54: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
strsubst_list(page_title, sizeof(page_title), (char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue, i);
data/elog-3.1.3-1/src/elogd.c:10039:85: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
strsubst_list(page_title, sizeof(page_title), (char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue, i);
data/elog-3.1.3-1/src/elogd.c:10052:40: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (isparam("entry_modified") && atoi(getparam("entry_modified")) == 1) {
data/elog-3.1.3-1/src/elogd.c:10305:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
autosave = atoi(str);
data/elog-3.1.3-1/src/elogd.c:10309:62: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (getcfg(lbs->name, "Save drafts", str, sizeof(str)) && atoi(str) == 0)
data/elog-3.1.3-1/src/elogd.c:10475:69: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
show_text = !getcfg(lbs->name, "Show text", str, sizeof(str)) || atoi(str) == 1;
data/elog-3.1.3-1/src/elogd.c:10476:68: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
fixed_text = getcfg(lbs->name, "Fix text", str, sizeof(str)) && atoi(str) == 1 && bedit && message_id;
data/elog-3.1.3-1/src/elogd.c:10502:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(script_onload, "document.form1.Text.focus();");
data/elog-3.1.3-1/src/elogd.c:10504:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(script_onload, "i=document.getElementById('fid');if(i)i.focus();");
data/elog-3.1.3-1/src/elogd.c:10509:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(script_onload, "elKeyInit();init_resize();");
data/elog-3.1.3-1/src/elogd.c:10510:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(script_onfocus, "elKeyInit();");
data/elog-3.1.3-1/src/elogd.c:10512:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(script_onload, "elKeyInit();");
data/elog-3.1.3-1/src/elogd.c:10513:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(script_onfocus, "elKeyInit();");
data/elog-3.1.3-1/src/elogd.c:10517:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(script_onload, "init_resize();");
data/elog-3.1.3-1/src/elogd.c:10519:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(script_onload, "checkText();dndInit();");
data/elog-3.1.3-1/src/elogd.c:10522:59: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (getcfg(lbs->name, "Use Lock", str, sizeof(str)) && atoi(str) == 1)
data/elog-3.1.3-1/src/elogd.c:10523:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(script_onunload, "unload();");
data/elog-3.1.3-1/src/elogd.c:10559:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (isparam("entry_modified") && atoi(getparam("entry_modified")) == 1)
data/elog-3.1.3-1/src/elogd.c:10578:63: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!getcfg(lbs->name, "Save drafts", str, sizeof(str)) || atoi(str) == 1)
data/elog-3.1.3-1/src/elogd.c:10582:61: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!getcfg(lbs->name, "Show text", str, sizeof(str)) || atoi(str) == 1)
data/elog-3.1.3-1/src/elogd.c:10586:76: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (message_id && (!getcfg(lbs->name, "Show text", str, sizeof(str)) || atoi(str) == 1))
data/elog-3.1.3-1/src/elogd.c:10590:63: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!getcfg(lbs->name, "Save drafts", str, sizeof(str)) || atoi(str) == 1)
data/elog-3.1.3-1/src/elogd.c:10650:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
format_flags[i] = atoi(fl[0]);
data/elog-3.1.3-1/src/elogd.c:10674:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fid, "id=\"fid\" ");
data/elog-3.1.3-1/src/elogd.c:10681:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(class_name, "attribname");
data/elog-3.1.3-1/src/elogd.c:10682:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(class_value, "attribvalue");
data/elog-3.1.3-1/src/elogd.c:10695:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (n > 3 && atoi(fl[3]) > 0)
data/elog-3.1.3-1/src/elogd.c:10696:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
input_size = atoi(fl[3]);
data/elog-3.1.3-1/src/elogd.c:10697:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (n > 4 && atoi(fl[4]) > 0)
data/elog-3.1.3-1/src/elogd.c:10698:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
input_maxlen = atoi(fl[4]);
data/elog-3.1.3-1/src/elogd.c:10744:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ltime = atoi(attrib[index]);
data/elog-3.1.3-1/src/elogd.c:10759:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ltime = atoi(attrib[index]);
data/elog-3.1.3-1/src/elogd.c:10823:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ltime = atoi(attrib[index]);
data/elog-3.1.3-1/src/elogd.c:10834:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%d", index);
data/elog-3.1.3-1/src/elogd.c:10843:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ltime = atoi(attrib[index]);
data/elog-3.1.3-1/src/elogd.c:10857:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%d", index);
data/elog-3.1.3-1/src/elogd.c:11081:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
else if (atoi(attrib[index]) == 1)
data/elog-3.1.3-1/src/elogd.c:11091:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "extend_%d", index);
data/elog-3.1.3-1/src/elogd.c:11355:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "window.open('upload.html', '',");
data/elog-3.1.3-1/src/elogd.c:11382:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "Arial, Comic Sans MS, Courier New, Tahoma, Times New Roman, Verdana");
data/elog-3.1.3-1/src/elogd.c:11458:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
width = atoi(str);
data/elog-3.1.3-1/src/elogd.c:11487:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
height = atoi(str);
data/elog-3.1.3-1/src/elogd.c:11503:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
for (i = 0; i < atoi(getparam("nsel")); i++) {
data/elog-3.1.3-1/src/elogd.c:11504:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "s%d", i);
data/elog-3.1.3-1/src/elogd.c:11566:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mid, "%d", message_id);
data/elog-3.1.3-1/src/elogd.c:11574:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(strstr(str, "\\n"), "\r\n", 2);
data/elog-3.1.3-1/src/elogd.c:11586:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(strstr(str, "\\n"), "\r\n", 2);
data/elog-3.1.3-1/src/elogd.c:11595:75: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!getcfg(lbs->name, "Quote on reply", str, sizeof(str)) || atoi(str) > 0) {
data/elog-3.1.3-1/src/elogd.c:11598:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mid, "%d", message_id);
data/elog-3.1.3-1/src/elogd.c:11604:22: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(strstr(str, "\\n"), "\r\n", 2);
data/elog-3.1.3-1/src/elogd.c:11612:22: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(reply_string, "> ");
data/elog-3.1.3-1/src/elogd.c:11687:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mid, "%d", message_id);
data/elog-3.1.3-1/src/elogd.c:11692:22: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(strstr(str, "\\n"), "\r\n", 2);
data/elog-3.1.3-1/src/elogd.c:11710:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(file_name, O_RDONLY | O_BINARY);
data/elog-3.1.3-1/src/elogd.c:11724:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(strstr(str, "\\n"), "\r\n", 2);
data/elog-3.1.3-1/src/elogd.c:11808:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(str) == 0) {
data/elog-3.1.3-1/src/elogd.c:11811:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
} else if (atoi(str) == 1) {
data/elog-3.1.3-1/src/elogd.c:11814:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
} else if (atoi(str) == 2) {
data/elog-3.1.3-1/src/elogd.c:11816:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
} else if (atoi(str) == 3) {
data/elog-3.1.3-1/src/elogd.c:11823:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(str) == 0) {
data/elog-3.1.3-1/src/elogd.c:11827:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
} else if (atoi(str) == 1) {
data/elog-3.1.3-1/src/elogd.c:11842:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(str) == 0) {
data/elog-3.1.3-1/src/elogd.c:11846:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
} else if (atoi(str) == 1) {
data/elog-3.1.3-1/src/elogd.c:11862:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(str) == 0) {
data/elog-3.1.3-1/src/elogd.c:11866:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
} else if (atoi(str) == 1) {
data/elog-3.1.3-1/src/elogd.c:11888:70: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!getcfg(lbs->name, "Enable attachments", str, sizeof(str)) || atoi(str) > 0) {
data/elog-3.1.3-1/src/elogd.c:11894:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "attachment%d", index);
data/elog-3.1.3-1/src/elogd.c:11919:85: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (getcfg(lbs->name, "Preview attachments", str, sizeof(str)) && atoi(str) == 0)
data/elog-3.1.3-1/src/elogd.c:11945:22: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "deleteAtt('%d')", index);
data/elog-3.1.3-1/src/elogd.c:11962:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(str) > 0)
data/elog-3.1.3-1/src/elogd.c:12030:32: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(file_name, "rt");
data/elog-3.1.3-1/src/elogd.c:12033:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
max_n_lines = atoi(str);
data/elog-3.1.3-1/src/elogd.c:12113:63: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!getcfg(lbs->name, "Save drafts", str, sizeof(str)) || atoi(str) == 1)
data/elog-3.1.3-1/src/elogd.c:12117:61: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!getcfg(lbs->name, "Show text", str, sizeof(str)) || atoi(str) == 1)
data/elog-3.1.3-1/src/elogd.c:12121:63: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!getcfg(lbs->name, "Save drafts", str, sizeof(str)) || atoi(str) == 1)
data/elog-3.1.3-1/src/elogd.c:12148:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[NAME_LENGTH], mode[NAME_LENGTH], comment[NAME_LENGTH], option[NAME_LENGTH], login_name[256],
data/elog-3.1.3-1/src/elogd.c:12187:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(mode, "Full");
data/elog-3.1.3-1/src/elogd.c:12189:61: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!getcfg(lbs->name, "Show text", str, sizeof(str)) || atoi(str) == 1) {
data/elog-3.1.3-1/src/elogd.c:12260:63: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (getcfg(lbs->name, "Reverse sort", str, sizeof(str)) && atoi(str) == 1)
data/elog-3.1.3-1/src/elogd.c:12276:74: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!getcfg(lbs->name, "Search all logbooks", str, sizeof(str)) || atoi(str) == 1 || atoi(str) == 2) {
data/elog-3.1.3-1/src/elogd.c:12276:92: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!getcfg(lbs->name, "Search all logbooks", str, sizeof(str)) || atoi(str) == 1 || atoi(str) == 2) {
data/elog-3.1.3-1/src/elogd.c:12278:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(str) == 2)
data/elog-3.1.3-1/src/elogd.c:12288:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "20");
data/elog-3.1.3-1/src/elogd.c:12295:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "<a href=\"http://dmoz.org/Computers/Programming/Languages/Regular_Expressions/\">");
data/elog-3.1.3-1/src/elogd.c:12297:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "</a>");
data/elog-3.1.3-1/src/elogd.c:12310:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "ya");
data/elog-3.1.3-1/src/elogd.c:12312:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
year = atoi(getparam(str));
data/elog-3.1.3-1/src/elogd.c:12313:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "ma");
data/elog-3.1.3-1/src/elogd.c:12315:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
month = atoi(getparam(str));
data/elog-3.1.3-1/src/elogd.c:12316:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "da");
data/elog-3.1.3-1/src/elogd.c:12318:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
day = atoi(getparam(str));
data/elog-3.1.3-1/src/elogd.c:12326:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(str);
data/elog-3.1.3-1/src/elogd.c:12349:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "yb");
data/elog-3.1.3-1/src/elogd.c:12351:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
year = atoi(getparam(str));
data/elog-3.1.3-1/src/elogd.c:12352:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "mb");
data/elog-3.1.3-1/src/elogd.c:12354:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
month = atoi(getparam(str));
data/elog-3.1.3-1/src/elogd.c:12355:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "db");
data/elog-3.1.3-1/src/elogd.c:12357:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
day = atoi(getparam(str));
data/elog-3.1.3-1/src/elogd.c:12375:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "y%da", i);
data/elog-3.1.3-1/src/elogd.c:12377:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
year = atoi(getparam(str));
data/elog-3.1.3-1/src/elogd.c:12378:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "m%da", i);
data/elog-3.1.3-1/src/elogd.c:12380:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
month = atoi(getparam(str));
data/elog-3.1.3-1/src/elogd.c:12381:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "d%da", i);
data/elog-3.1.3-1/src/elogd.c:12383:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
day = atoi(getparam(str));
data/elog-3.1.3-1/src/elogd.c:12385:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%da", i);
data/elog-3.1.3-1/src/elogd.c:12396:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "y%db", i);
data/elog-3.1.3-1/src/elogd.c:12398:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
year = atoi(getparam(str));
data/elog-3.1.3-1/src/elogd.c:12399:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "m%db", i);
data/elog-3.1.3-1/src/elogd.c:12401:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
month = atoi(getparam(str));
data/elog-3.1.3-1/src/elogd.c:12402:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "d%db", i);
data/elog-3.1.3-1/src/elogd.c:12404:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
day = atoi(getparam(str));
data/elog-3.1.3-1/src/elogd.c:12406:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%db", i);
data/elog-3.1.3-1/src/elogd.c:12454:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
flag = atoi(getparam(attr_list[i]));
data/elog-3.1.3-1/src/elogd.c:12560:72: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (getcfg(lbs->name, "Case sensitive search", str, sizeof(str)) && atoi(str))
data/elog-3.1.3-1/src/elogd.c:12576:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *pstr, str[80];
data/elog-3.1.3-1/src/elogd.c:12628:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(config_file, O_RDONLY | O_BINARY);
data/elog-3.1.3-1/src/elogd.c:12674:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buffer, error_str[256];
data/elog-3.1.3-1/src/elogd.c:12675:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char section[NAME_LENGTH], str[NAME_LENGTH], grp[NAME_LENGTH];
data/elog-3.1.3-1/src/elogd.c:12720:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "[global]");
data/elog-3.1.3-1/src/elogd.c:12745:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(section, "global");
data/elog-3.1.3-1/src/elogd.c:12761:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cols = atoi(str);
data/elog-3.1.3-1/src/elogd.c:12762:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
rows = atoi(strchr(str, ',') + 1);
data/elog-3.1.3-1/src/elogd.c:12860:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(config_file, O_RDWR | O_BINARY, 644);
data/elog-3.1.3-1/src/elogd.c:12863:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(error, ": ");
data/elog-3.1.3-1/src/elogd.c:12888:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(p1, "\r\n\r\n");
data/elog-3.1.3-1/src/elogd.c:12901:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(error, ": ");
data/elog-3.1.3-1/src/elogd.c:12924:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[NAME_LENGTH], *buf, *buf2, *p1, *p2, *p3;
data/elog-3.1.3-1/src/elogd.c:12925:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char list[MAX_N_LIST][NAME_LENGTH], line[NAME_LENGTH];
data/elog-3.1.3-1/src/elogd.c:12927:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(config_file, O_RDWR | O_BINARY, 644);
data/elog-3.1.3-1/src/elogd.c:12930:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, ": ");
data/elog-3.1.3-1/src/elogd.c:12997:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(p2, ", ");
data/elog-3.1.3-1/src/elogd.c:13013:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, ": ");
data/elog-3.1.3-1/src/elogd.c:13041:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(config_file, O_RDWR | O_BINARY, 644);
data/elog-3.1.3-1/src/elogd.c:13044:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(error, ": ");
data/elog-3.1.3-1/src/elogd.c:13073:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(error, ": ");
data/elog-3.1.3-1/src/elogd.c:13098:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256], lb_dir[256], old_dir[256], new_dir[256];
data/elog-3.1.3-1/src/elogd.c:13100:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(config_file, O_RDWR | O_BINARY, 644);
data/elog-3.1.3-1/src/elogd.c:13103:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, ": ");
data/elog-3.1.3-1/src/elogd.c:13157:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, ": ");
data/elog-3.1.3-1/src/elogd.c:13182:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buf, *p1, *p2, str[256];
data/elog-3.1.3-1/src/elogd.c:13184:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(config_file, O_RDWR | O_BINARY, 644);
data/elog-3.1.3-1/src/elogd.c:13187:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, ": ");
data/elog-3.1.3-1/src/elogd.c:13235:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(p2, "\r\n\r\n[");
data/elog-3.1.3-1/src/elogd.c:13237:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(p2, "]\r\n");
data/elog-3.1.3-1/src/elogd.c:13250:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, ": ");
data/elog-3.1.3-1/src/elogd.c:13279:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(config_file, O_RDWR | O_BINARY | O_CREAT, 0644);
data/elog-3.1.3-1/src/elogd.c:13282:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(error, ": ");
data/elog-3.1.3-1/src/elogd.c:13294:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(error, ": ");
data/elog-3.1.3-1/src/elogd.c:13314:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[256], str[256], *pl, user_enc[256], new_pwd[80], new_pwd2[80], smtp_host[256],
data/elog-3.1.3-1/src/elogd.c:13377:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
self_register = atoi(str);
data/elog-3.1.3-1/src/elogd.c:13455:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%d", code);
data/elog-3.1.3-1/src/elogd.c:13486:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "sub_lb%d", i);
data/elog-3.1.3-1/src/elogd.c:13487:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (isparam(str) && getparam(str) && atoi(getparam(str)))
data/elog-3.1.3-1/src/elogd.c:13729:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[256], str[1000], str2[1000];
data/elog-3.1.3-1/src/elogd.c:13751:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, ": ");
data/elog-3.1.3-1/src/elogd.c:13779:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256], user[80], password[80], full_name[256], user_email[256], logbook[256], auth[32], **user_list;
data/elog-3.1.3-1/src/elogd.c:13786:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(logbook, "global");
data/elog-3.1.3-1/src/elogd.c:13795:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (isparam("sort_email") && atoi(getparam("sort_email")) > 0)
data/elog-3.1.3-1/src/elogd.c:13966:90: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!getcfg(lb_list[i].name, "Suppress email to users", str, sizeof(str)) || atoi(str) == 0)
data/elog-3.1.3-1/src/elogd.c:13989:93: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!getcfg(lb_list[i].name, "Suppress email to users", str, sizeof(str)) || atoi(str) == 0) {
data/elog-3.1.3-1/src/elogd.c:14035:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
|| atoi(str) == 1)
data/elog-3.1.3-1/src/elogd.c:14056:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256], str2[256], smtp_host[256], url[256], mail_text[2000],
data/elog-3.1.3-1/src/elogd.c:14077:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
self_register = atoi(str);
data/elog-3.1.3-1/src/elogd.c:14125:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mail_text + strlen(mail_text), ".\r\n\r\n");
data/elog-3.1.3-1/src/elogd.c:14149:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[1000], str2[1000], login_name[256], full_name[256], user_email[256], name[256], pwd[256],
data/elog-3.1.3-1/src/elogd.c:14311:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256];
data/elog-3.1.3-1/src/elogd.c:14375:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256], str2[256], in_reply_to[80], reply_to[MAX_REPLY_TO * 10], owner[256];
data/elog-3.1.3-1/src/elogd.c:14376:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attrib[MAX_N_ATTR][NAME_LENGTH], mode[80];
data/elog-3.1.3-1/src/elogd.c:14394:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%d", message_id);
data/elog-3.1.3-1/src/elogd.c:14418:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(str) == 0)
data/elog-3.1.3-1/src/elogd.c:14419:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%d", el_search_message(lbs, EL_LAST, 0, TRUE));
data/elog-3.1.3-1/src/elogd.c:14420:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(str) == 0)
data/elog-3.1.3-1/src/elogd.c:14428:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
for (i = 0; i < atoi(getparam("nsel")); i++) {
data/elog-3.1.3-1/src/elogd.c:14429:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "s%d", i);
data/elog-3.1.3-1/src/elogd.c:14432:57: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
status = el_delete_message(lbs, atoi(getparam(str)), TRUE, NULL, TRUE, TRUE);
data/elog-3.1.3-1/src/elogd.c:14434:57: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
status = el_delete_message(lbs, atoi(getparam(str)), TRUE, NULL, TRUE, FALSE);
data/elog-3.1.3-1/src/elogd.c:14446:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
nsel = isparam("nsel") ? atoi(getparam("nsel")) : 0;
data/elog-3.1.3-1/src/elogd.c:14448:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "s%d", i);
data/elog-3.1.3-1/src/elogd.c:14459:67: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (getcfg(lbs->name, "Restrict edit", str, sizeof(str)) && atoi(str) == 1) {
data/elog-3.1.3-1/src/elogd.c:14475:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%d", message_id);
data/elog-3.1.3-1/src/elogd.c:14500:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
for (i = 0; i < atoi(getparam("nsel")); i++) {
data/elog-3.1.3-1/src/elogd.c:14501:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "s%d", i);
data/elog-3.1.3-1/src/elogd.c:14508:51: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
el_retrieve(lbs, isparam(str) ? atoi(getparam(str)) : 0,
data/elog-3.1.3-1/src/elogd.c:14557:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256];
data/elog-3.1.3-1/src/elogd.c:14581:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "Delete logbook");
data/elog-3.1.3-1/src/elogd.c:14609:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256], lbn[256];
data/elog-3.1.3-1/src/elogd.c:14658:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256], lbn[256];
data/elog-3.1.3-1/src/elogd.c:14726:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[256], error_str[256];
data/elog-3.1.3-1/src/elogd.c:14728:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[TEXT_SIZE + 1000], *p, *buffer;
data/elog-3.1.3-1/src/elogd.c:14745:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
message_id = atoi(path);
data/elog-3.1.3-1/src/elogd.c:14776:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(file_name, O_RDWR | O_BINARY, 0644);
data/elog-3.1.3-1/src/elogd.c:14822:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_str[256];
data/elog-3.1.3-1/src/elogd.c:14824:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[TEXT_SIZE + 1000], *buffer;
data/elog-3.1.3-1/src/elogd.c:14858:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256], str2[256];
data/elog-3.1.3-1/src/elogd.c:15031:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256], date[80], sep[80];
data/elog-3.1.3-1/src/elogd.c:15123:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
n = strbreak(line, (char (*)[NAME_LENGTH]) list, MAX_N_ATTR, sep, FALSE);
data/elog-3.1.3-1/src/elogd.c:15131:43: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (first && isparam("filltext") && atoi(getparam("filltext"))) {
data/elog-3.1.3-1/src/elogd.c:15150:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(list + i * NAME_LENGTH, "%d", (int) ltime);
data/elog-3.1.3-1/src/elogd.c:15159:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(list + i * NAME_LENGTH, "%d", (int) ltime);
data/elog-3.1.3-1/src/elogd.c:15282:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char (*)[NAME_LENGTH]) (list + attr_offset * NAME_LENGTH), n_attr, "", "", "", "plain",
data/elog-3.1.3-1/src/elogd.c:15295:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char (*)[NAME_LENGTH]) (list + attr_offset * NAME_LENGTH), n_attr, line, "", "", "plain",
data/elog-3.1.3-1/src/elogd.c:15325:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[NAME_LENGTH], date[80], error[256], encoding[256], *list, *p, in_reply_to[80],
data/elog-3.1.3-1/src/elogd.c:15404:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "ID");
data/elog-3.1.3-1/src/elogd.c:15511:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
message_id = atoi(mxml_get_value(mxml_find_node(entry, "MID")));
data/elog-3.1.3-1/src/elogd.c:15532:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(list + i * NAME_LENGTH, "%d", (int) ltime);
data/elog-3.1.3-1/src/elogd.c:15541:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(list + i * NAME_LENGTH, "%d", (int) ltime);
data/elog-3.1.3-1/src/elogd.c:15549:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(encoding, "plain");
data/elog-3.1.3-1/src/elogd.c:15597:57: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(lbs, message_id, bedit, date, attr_list, (char (*)[NAME_LENGTH]) list, n_attr, p, in_reply_to,
data/elog-3.1.3-1/src/elogd.c:15622:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buffer, error_str[256];
data/elog-3.1.3-1/src/elogd.c:15623:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[16];
data/elog-3.1.3-1/src/elogd.c:15699:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *text, *p, url[256], str[1000];
data/elog-3.1.3-1/src/elogd.c:15719:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
version = atoi(p + 10) * 100 + atoi(p + 12) * 10 + atoi(p + 14);
data/elog-3.1.3-1/src/elogd.c:15719:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
version = atoi(p + 10) * 100 + atoi(p + 12) * 10 + atoi(p + 14);
data/elog-3.1.3-1/src/elogd.c:15719:55: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
version = atoi(p + 10) * 100 + atoi(p + 12) * 10 + atoi(p + 14);
data/elog-3.1.3-1/src/elogd.c:15764:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
id = atoi(p);
data/elog-3.1.3-1/src/elogd.c:15844:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256], file_name[MAX_PATH_LENGTH], attrib[MAX_N_ATTR][NAME_LENGTH];
data/elog-3.1.3-1/src/elogd.c:15845:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subdir[256], param[256], remote_host_name[256], url[256], upwd[80];
data/elog-3.1.3-1/src/elogd.c:15846:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char date[80], *text, in_reply_to[80], reply_to[MAX_REPLY_TO * 10],
data/elog-3.1.3-1/src/elogd.c:15848:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *content, *p, boundary[80], request[10000], response[10000];
data/elog-3.1.3-1/src/elogd.c:15883:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(error_str, "Error initiating SSL connection\n");
data/elog-3.1.3-1/src/elogd.c:15896:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(file_name, O_RDONLY | O_BINARY);
data/elog-3.1.3-1/src/elogd.c:15910:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(boundary, "---------------------------%04X%04X%04X", rand(), rand(), rand());
data/elog-3.1.3-1/src/elogd.c:15912:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(content, "\r\nContent-Disposition: form-data; name=\"cmd\"\r\n\r\nSubmit\r\n");
data/elog-3.1.3-1/src/elogd.c:15963:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(file_name, O_RDONLY | O_BINARY);
data/elog-3.1.3-1/src/elogd.c:15979:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, buffer, size);
data/elog-3.1.3-1/src/elogd.c:15982:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(p, "\r\n");
data/elog-3.1.3-1/src/elogd.c:15992:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(request, "POST ");
data/elog-3.1.3-1/src/elogd.c:16000:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(request, " HTTP/1.0\r\n");
data/elog-3.1.3-1/src/elogd.c:16004:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(request + strlen(request), "User-Agent: ELOGD\r\n");
data/elog-3.1.3-1/src/elogd.c:16005:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(request + strlen(request), "Content-Length: %d\r\n", content_length);
data/elog-3.1.3-1/src/elogd.c:16010:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(request, "\r\n");
data/elog-3.1.3-1/src/elogd.c:16031:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(error_str, "Cannot receive response");
data/elog-3.1.3-1/src/elogd.c:16058:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(error_str, "Invalid user name or password\n");
data/elog-3.1.3-1/src/elogd.c:16067:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
remote_id = atoi(strrchr(str, '/') + 1);
data/elog-3.1.3-1/src/elogd.c:16069:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
remote_id = atoi(str);
data/elog-3.1.3-1/src/elogd.c:16072:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(error_str, "No logbook specified\n");
data/elog-3.1.3-1/src/elogd.c:16074:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(error_str, "Missing or invalid password\n");
data/elog-3.1.3-1/src/elogd.c:16076:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(error_str, "Missing or invalid user name/password\n");
data/elog-3.1.3-1/src/elogd.c:16083:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(error_str, "Error transmitting message\n");
data/elog-3.1.3-1/src/elogd.c:16101:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[NAME_LENGTH], str2[NAME_LENGTH], *p, *p2, *message, date[80], attrib[MAX_N_ATTR][NAME_LENGTH],
data/elog-3.1.3-1/src/elogd.c:16126:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(p + 8) != message_id) {
data/elog-3.1.3-1/src/elogd.c:16129:65: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sprintf(error_str, loc("Received wrong entry id \"%d\""), atoi(p + 8));
data/elog-3.1.3-1/src/elogd.c:16231:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256], upwd[80];
data/elog-3.1.3-1/src/elogd.c:16232:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subdir[256], param[256], remote_host_name[256];
data/elog-3.1.3-1/src/elogd.c:16233:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *content, boundary[80], request[10000], response[10000];
data/elog-3.1.3-1/src/elogd.c:16262:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(boundary, "---------------------------%04X%04X%04X", rand(), rand(), rand());
data/elog-3.1.3-1/src/elogd.c:16264:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(content, "\r\nContent-Disposition: form-data; name=\"cmd\"\r\n\r\nSave\r\n");
data/elog-3.1.3-1/src/elogd.c:16285:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(request, "POST ");
data/elog-3.1.3-1/src/elogd.c:16293:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(request, " HTTP/1.0\r\n");
data/elog-3.1.3-1/src/elogd.c:16297:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(request + strlen(request), "User-Agent: ELOGD\r\n");
data/elog-3.1.3-1/src/elogd.c:16298:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(request + strlen(request), "Content-Length: %d\r\n", content_length);
data/elog-3.1.3-1/src/elogd.c:16303:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(request, "\r\n");
data/elog-3.1.3-1/src/elogd.c:16369:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256], pwd[256], *buffer, *p;
data/elog-3.1.3-1/src/elogd.c:16378:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "?cmd=GetConfig"); // request complete config file
data/elog-3.1.3-1/src/elogd.c:16380:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "?cmd=Download"); // request config section of logbook
data/elog-3.1.3-1/src/elogd.c:16393:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(error_str, "Remote server is not an ELOG server");
data/elog-3.1.3-1/src/elogd.c:16397:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
version = atoi(p + 10) * 100 + atoi(p + 12) * 10 + atoi(p + 14);
data/elog-3.1.3-1/src/elogd.c:16397:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
version = atoi(p + 10) * 100 + atoi(p + 12) * 10 + atoi(p + 14);
data/elog-3.1.3-1/src/elogd.c:16397:58: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
version = atoi(p + 10) * 100 + atoi(p + 12) * 10 + atoi(p + 14);
data/elog-3.1.3-1/src/elogd.c:16424:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
status = atoi(p);
data/elog-3.1.3-1/src/elogd.c:16472:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256];
data/elog-3.1.3-1/src/elogd.c:16474:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(config_file, O_RDWR | O_BINARY, 0644);
data/elog-3.1.3-1/src/elogd.c:16477:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, ": ");
data/elog-3.1.3-1/src/elogd.c:16527:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(p1, "; Following line has been outcommented after cloning\r\n");
data/elog-3.1.3-1/src/elogd.c:16541:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, ": ");
data/elog-3.1.3-1/src/elogd.c:16561:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256], url[256], pwd[256], *buffer, *buf, *p;
data/elog-3.1.3-1/src/elogd.c:16570:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "?cmd=GetPwdFile"); // request password file
data/elog-3.1.3-1/src/elogd.c:16581:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(error_str, "Remote server is not an ELOG server");
data/elog-3.1.3-1/src/elogd.c:16585:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
version = atoi(p + 10) * 100 + atoi(p + 12) * 10 + atoi(p + 14);
data/elog-3.1.3-1/src/elogd.c:16585:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
version = atoi(p + 10) * 100 + atoi(p + 12) * 10 + atoi(p + 14);
data/elog-3.1.3-1/src/elogd.c:16585:58: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
version = atoi(p + 10) * 100 + atoi(p + 12) * 10 + atoi(p + 14);
data/elog-3.1.3-1/src/elogd.c:16606:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
status = atoi(p);
data/elog-3.1.3-1/src/elogd.c:16651:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(str, O_CREAT | O_RDWR | O_BINARY, 0644);
data/elog-3.1.3-1/src/elogd.c:16654:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(error_str, ": ");
data/elog-3.1.3-1/src/elogd.c:16666:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(error_str, ": ");
data/elog-3.1.3-1/src/elogd.c:16686:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256], url[256], file_name[256];
data/elog-3.1.3-1/src/elogd.c:16710:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(file_name, "wt");
data/elog-3.1.3-1/src/elogd.c:16729:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256], url[256], file_name[256], *p;
data/elog-3.1.3-1/src/elogd.c:16755:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(file_name, "rt");
data/elog-3.1.3-1/src/elogd.c:16772:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*md5_index)[i].message_id = atoi(p);
data/elog-3.1.3-1/src/elogd.c:16790:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
BOOL equal_md5(unsigned char m1[16], unsigned char m2[16])
data/elog-3.1.3-1/src/elogd.c:16790:47: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
BOOL equal_md5(unsigned char m1[16], unsigned char m2[16])
data/elog-3.1.3-1/src/elogd.c:16808:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1000];
data/elog-3.1.3-1/src/elogd.c:16826:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[2000], url[256], loc_ref[256], rem_ref[256], pwd[256], locked_by[256], draft[256];
data/elog-3.1.3-1/src/elogd.c:16828:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char list[MAX_N_LIST][NAME_LENGTH], error_str[256], *buffer;
data/elog-3.1.3-1/src/elogd.c:16829:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[16];
data/elog-3.1.3-1/src/elogd.c:16917:67: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (getcfg(lbs->name, "Mirror config", str, sizeof(str)) && atoi(str) == 1 && md5_cache && mode
data/elog-3.1.3-1/src/elogd.c:16953:79: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!getcfg(lbs->name, "Mirror simulate", str, sizeof(str)) || atoi(str) == 0) {
data/elog-3.1.3-1/src/elogd.c:16974:79: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!getcfg(lbs->name, "Mirror simulate", str, sizeof(str)) || atoi(str) == 0) {
data/elog-3.1.3-1/src/elogd.c:17073:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "MIRROR send entry #%d", message_id);
data/elog-3.1.3-1/src/elogd.c:17078:79: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!getcfg(lbs->name, "Mirror simulate", str, sizeof(str)) || atoi(str) == 0) {
data/elog-3.1.3-1/src/elogd.c:17116:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "MIRROR receive entry #%d", message_id);
data/elog-3.1.3-1/src/elogd.c:17120:79: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!getcfg(lbs->name, "Mirror simulate", str, sizeof(str)) || atoi(str) == 0) {
data/elog-3.1.3-1/src/elogd.c:17161:22: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "MIRROR conflict entry #%d", message_id);
data/elog-3.1.3-1/src/elogd.c:17210:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "MIRROR send entry #%d", message_id);
data/elog-3.1.3-1/src/elogd.c:17215:79: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!getcfg(lbs->name, "Mirror simulate", str, sizeof(str)) || atoi(str) == 0) {
data/elog-3.1.3-1/src/elogd.c:17277:25: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "MIRROR delete local entry #%d", message_id);
data/elog-3.1.3-1/src/elogd.c:17281:85: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!getcfg(lbs->name, "Mirror simulate", str, sizeof(str)) || atoi(str) == 0) {
data/elog-3.1.3-1/src/elogd.c:17308:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "MIRROR send entry #%d", message_id);
data/elog-3.1.3-1/src/elogd.c:17312:76: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!getcfg(lbs->name, "Mirror simulate", str, sizeof(str)) || atoi(str) == 0) {
data/elog-3.1.3-1/src/elogd.c:17318:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "Error: Submitting entry #%d resulted in remote entry #%d\n", message_id,
data/elog-3.1.3-1/src/elogd.c:17360:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "MIRROR change entry #%d to #%d", message_id, max_id + 1);
data/elog-3.1.3-1/src/elogd.c:17365:76: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!getcfg(lbs->name, "Mirror simulate", str, sizeof(str)) || atoi(str) == 0) {
data/elog-3.1.3-1/src/elogd.c:17368:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "ID%d:\t", message_id);
data/elog-3.1.3-1/src/elogd.c:17375:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "ID%d:\t", message_id);
data/elog-3.1.3-1/src/elogd.c:17419:82: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!getcfg(lbs->name, "Mirror simulate", str, sizeof(str)) || atoi(str) == 0) {
data/elog-3.1.3-1/src/elogd.c:17457:85: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!getcfg(lbs->name, "Mirror simulate", str, sizeof(str)) || atoi(str) == 0) {
data/elog-3.1.3-1/src/elogd.c:17505:28: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "MIRROR delete remote entry #%d", message_id);
data/elog-3.1.3-1/src/elogd.c:17512:88: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!getcfg(lbs->name, "Mirror simulate", str, sizeof(str)) || atoi(str) == 0) {
data/elog-3.1.3-1/src/elogd.c:17553:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(md5_remote[0].md5_digest, md5_cache[0].md5_digest, 16);
data/elog-3.1.3-1/src/elogd.c:17557:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(md5_remote[j].md5_digest, md5_cache[i].md5_digest, 16);
data/elog-3.1.3-1/src/elogd.c:17562:73: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!getcfg(lbs->name, "Mirror simulate", str, sizeof(str)) || atoi(str) == 0)
data/elog-3.1.3-1/src/elogd.c:17608:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256], pwd[256];
data/elog-3.1.3-1/src/elogd.c:17624:80: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (getcfg(lb_list[i].name, "Mirror exclude", str, sizeof(str)) && atoi(str) == 1)
data/elog-3.1.3-1/src/elogd.c:17653:62: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void display_line(LOGBOOK * lbs, int message_id, int number, char *mode, int expand, int level,
data/elog-3.1.3-1/src/elogd.c:17655:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *date, char *in_reply_to, char *reply_to, int n_attr_disp,
data/elog-3.1.3-1/src/elogd.c:17655:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *date, char *in_reply_to, char *reply_to, int n_attr_disp,
data/elog-3.1.3-1/src/elogd.c:17655:50: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *date, char *in_reply_to, char *reply_to, int n_attr_disp,
data/elog-3.1.3-1/src/elogd.c:17656:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char disp_attr[MAX_N_ATTR + 4][NAME_LENGTH], BOOL disp_attr_link[MAX_N_ATTR + 4],
data/elog-3.1.3-1/src/elogd.c:17657:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attrib[MAX_N_ATTR][NAME_LENGTH], int n_attr, char *text, BOOL show_text,
data/elog-3.1.3-1/src/elogd.c:17657:69: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attrib[MAX_N_ATTR][NAME_LENGTH], int n_attr, char *text, BOOL show_text,
data/elog-3.1.3-1/src/elogd.c:17658:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attachment[MAX_ATTACHMENTS][MAX_PATH_LENGTH], char *encoding, BOOL select,
data/elog-3.1.3-1/src/elogd.c:17662:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[NAME_LENGTH], ref[256], *nowrap, rowstyle[80], tdstyle[80], format[256],
data/elog-3.1.3-1/src/elogd.c:17664:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char display[NAME_LENGTH], attr_icon[80];
data/elog-3.1.3-1/src/elogd.c:17683:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(rowstyle, "listdraft");
data/elog-3.1.3-1/src/elogd.c:17686:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(rowstyle, "list1h");
data/elog-3.1.3-1/src/elogd.c:17688:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(rowstyle, "list2h");
data/elog-3.1.3-1/src/elogd.c:17691:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(rowstyle, "list1");
data/elog-3.1.3-1/src/elogd.c:17693:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(rowstyle, "list2");
data/elog-3.1.3-1/src/elogd.c:17697:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(rowstyle, "list1h");
data/elog-3.1.3-1/src/elogd.c:17699:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(rowstyle, "list1");
data/elog-3.1.3-1/src/elogd.c:17702:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(rowstyle, "threaddraft");
data/elog-3.1.3-1/src/elogd.c:17705:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(rowstyle, "thread");
data/elog-3.1.3-1/src/elogd.c:17707:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(rowstyle, "threadreply");
data/elog-3.1.3-1/src/elogd.c:17711:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(rowstyle, "threadh");
data/elog-3.1.3-1/src/elogd.c:17713:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(rowstyle, "threadreply");
data/elog-3.1.3-1/src/elogd.c:17716:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(rowstyle, "thread");
data/elog-3.1.3-1/src/elogd.c:17718:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(rowstyle, "threadreply");
data/elog-3.1.3-1/src/elogd.c:17762:66: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (getcfg(lbs->name, "List conditions", str, sizeof(str)) && atoi(str) == 1)
data/elog-3.1.3-1/src/elogd.c:17796:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
j = build_subst_list(lbs, (char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue, attrib, TRUE);
data/elog-3.1.3-1/src/elogd.c:17796:65: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
j = build_subst_list(lbs, (char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue, attrib, TRUE);
data/elog-3.1.3-1/src/elogd.c:17797:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%d", message_id);
data/elog-3.1.3-1/src/elogd.c:17798:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
add_subst_list((char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue, "message id", str, &j);
data/elog-3.1.3-1/src/elogd.c:17798:54: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
add_subst_list((char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue, "message id", str, &j);
data/elog-3.1.3-1/src/elogd.c:17799:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
add_subst_time(lbs, (char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue, "entry time", date,
data/elog-3.1.3-1/src/elogd.c:17799:59: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
add_subst_time(lbs, (char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue, "entry time", date,
data/elog-3.1.3-1/src/elogd.c:17802:48: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
strsubst_list(display, sizeof(display), (char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue,
data/elog-3.1.3-1/src/elogd.c:17802:79: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
strsubst_list(display, sizeof(display), (char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue,
data/elog-3.1.3-1/src/elogd.c:17883:49: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
j = build_subst_list(lbs, (char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue,
data/elog-3.1.3-1/src/elogd.c:17883:80: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
j = build_subst_list(lbs, (char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue,
data/elog-3.1.3-1/src/elogd.c:17885:22: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%d", message_id);
data/elog-3.1.3-1/src/elogd.c:17886:38: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
add_subst_list((char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue, "message id",
data/elog-3.1.3-1/src/elogd.c:17886:69: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
add_subst_list((char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue, "message id",
data/elog-3.1.3-1/src/elogd.c:17888:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
add_subst_time(lbs, (char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue,
data/elog-3.1.3-1/src/elogd.c:17888:74: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
add_subst_time(lbs, (char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue,
data/elog-3.1.3-1/src/elogd.c:17891:63: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
strsubst_list(display, sizeof(display), (char (*)[NAME_LENGTH]) slist,
data/elog-3.1.3-1/src/elogd.c:17892:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char (*)[NAME_LENGTH]) svalue, j);
data/elog-3.1.3-1/src/elogd.c:17895:22: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(display, "%d", message_id);
data/elog-3.1.3-1/src/elogd.c:17971:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(attrib[i]) == 1) {
data/elog-3.1.3-1/src/elogd.c:17999:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ltime = atoi(attrib[i]);
data/elog-3.1.3-1/src/elogd.c:18022:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ltime = atoi(attrib[i]);
data/elog-3.1.3-1/src/elogd.c:18060:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(attrib[i]) == 1)
data/elog-3.1.3-1/src/elogd.c:18073:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ltime = atoi(attrib[i]);
data/elog-3.1.3-1/src/elogd.c:18095:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ltime = atoi(attrib[i]);
data/elog-3.1.3-1/src/elogd.c:18133:52: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
j = build_subst_list(lbs, (char (*)[NAME_LENGTH]) slist,
data/elog-3.1.3-1/src/elogd.c:18134:47: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char (*)[NAME_LENGTH]) svalue, attrib, TRUE);
data/elog-3.1.3-1/src/elogd.c:18135:25: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%d", message_id);
data/elog-3.1.3-1/src/elogd.c:18136:41: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
add_subst_list((char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue,
data/elog-3.1.3-1/src/elogd.c:18136:72: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
add_subst_list((char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue,
data/elog-3.1.3-1/src/elogd.c:18138:46: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
add_subst_time(lbs, (char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue,
data/elog-3.1.3-1/src/elogd.c:18138:77: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
add_subst_time(lbs, (char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue,
data/elog-3.1.3-1/src/elogd.c:18141:66: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
strsubst_list(display, sizeof(display), (char (*)[NAME_LENGTH]) slist,
data/elog-3.1.3-1/src/elogd.c:18142:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char (*)[NAME_LENGTH]) svalue, j);
data/elog-3.1.3-1/src/elogd.c:18153:77: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
} else if (isparam("subtext") && isparam("sall") && atoi(getparam("sall"))) {
data/elog-3.1.3-1/src/elogd.c:18262:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
max_line_len = atoi(param);
data/elog-3.1.3-1/src/elogd.c:18331:64: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!getcfg(lbs->name, "Show text", str, sizeof(str)) || atoi(str) == 1) {
data/elog-3.1.3-1/src/elogd.c:18352:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "[img]elog:/%d[/img]", index + 1);
data/elog-3.1.3-1/src/elogd.c:18397:28: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str + strlen(str), "-%d.png", i);
data/elog-3.1.3-1/src/elogd.c:18403:31: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str + strlen(str), "-%d.png", i);
data/elog-3.1.3-1/src/elogd.c:18468:29: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(file_name, "rt");
data/elog-3.1.3-1/src/elogd.c:18472:42: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
max_n_lines = atoi(str);
data/elog-3.1.3-1/src/elogd.c:18515:20: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char disp_attr[MAX_N_ATTR + 4][NAME_LENGTH], BOOL show_text, int level, int highlight,
data/elog-3.1.3-1/src/elogd.c:18536:60: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
status = el_retrieve(lbs, message_id, date, attr_list, (char (*)[1500]) attrib, lbs->n_attr, text, &size,
data/elog-3.1.3-1/src/elogd.c:18537:49: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
in_reply_to, reply_to, (char (*)[256]) attachment, encoding, locked_by, draft);
data/elog-3.1.3-1/src/elogd.c:18553:71: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
in_reply_to, reply_to, n_attr_disp, disp_attr, NULL, (char (*)[1500]) attrib, lbs->n_attr,
data/elog-3.1.3-1/src/elogd.c:18554:35: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
text, show_text, (char (*)[256]) attachment, encoding, 0, NULL, locked_by, highlight,
data/elog-3.1.3-1/src/elogd.c:18560:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
display_reply(lbs, atoi(p), printable, expand, n_line, n_attr_disp, disp_attr, show_text, level + 1,
data/elog-3.1.3-1/src/elogd.c:18641:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *p1, *p2, *s, param_enc[256], str2[256];
data/elog-3.1.3-1/src/elogd.c:18714:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[1000], users[2000];
data/elog-3.1.3-1/src/elogd.c:18715:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char list[MAX_N_LIST][NAME_LENGTH];
data/elog-3.1.3-1/src/elogd.c:18767:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char draft[256];
data/elog-3.1.3-1/src/elogd.c:18778:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[1000], menu_str[1000], other_str[1000];
data/elog-3.1.3-1/src/elogd.c:18779:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char menu_item[MAX_N_LIST][NAME_LENGTH];
data/elog-3.1.3-1/src/elogd.c:18791:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(menu_str, "List, New, Edit, Delete, Reply, Duplicate, Synchronize, Find, ");
data/elog-3.1.3-1/src/elogd.c:18797:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(menu_str, "Admin, ");
data/elog-3.1.3-1/src/elogd.c:18798:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(menu_str, "Change config file, ");
data/elog-3.1.3-1/src/elogd.c:18799:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(menu_str, "Delete this logbook, ");
data/elog-3.1.3-1/src/elogd.c:18800:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(menu_str, "Rename this logbook, ");
data/elog-3.1.3-1/src/elogd.c:18801:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(menu_str, "Create new logbook, ");
data/elog-3.1.3-1/src/elogd.c:18802:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(menu_str, "GetPwdFile, ");
data/elog-3.1.3-1/src/elogd.c:18809:19: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(menu_str, ", ");
data/elog-3.1.3-1/src/elogd.c:18814:19: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(menu_str, "Change [global]");
data/elog-3.1.3-1/src/elogd.c:18815:19: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(menu_str, ", ");
data/elog-3.1.3-1/src/elogd.c:18819:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(menu_str, "Config, Logout, ");
data/elog-3.1.3-1/src/elogd.c:18821:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(menu_str, "Config, ");
data/elog-3.1.3-1/src/elogd.c:18822:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(menu_str, "Change [global], ");
data/elog-3.1.3-1/src/elogd.c:18823:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(menu_str, "Delete this logbook, ");
data/elog-3.1.3-1/src/elogd.c:18824:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(menu_str, "Rename this logbook, ");
data/elog-3.1.3-1/src/elogd.c:18825:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(menu_str, "Create new logbook, ");
data/elog-3.1.3-1/src/elogd.c:18828:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(menu_str, "Help, HelpELCode, ");
data/elog-3.1.3-1/src/elogd.c:18840:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(menu_str, ", ");
data/elog-3.1.3-1/src/elogd.c:18843:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(menu_str, "HelpELCode, Synchronize, ");
data/elog-3.1.3-1/src/elogd.c:18847:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(menu_str, "Change config file, ");
data/elog-3.1.3-1/src/elogd.c:18848:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(menu_str, "Delete this logbook, ");
data/elog-3.1.3-1/src/elogd.c:18849:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(menu_str, "Rename this logbook, ");
data/elog-3.1.3-1/src/elogd.c:18850:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(menu_str, "Create new logbook, ");
data/elog-3.1.3-1/src/elogd.c:18851:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(menu_str, "GetPwdFile, ");
data/elog-3.1.3-1/src/elogd.c:18858:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(menu_str, ", ");
data/elog-3.1.3-1/src/elogd.c:18863:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(menu_str, "Change [global]");
data/elog-3.1.3-1/src/elogd.c:18864:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(menu_str, ", ");
data/elog-3.1.3-1/src/elogd.c:18905:71: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
} else if (getcfg(lbs->name, "Self register", str, sizeof(str)) && atoi(str) > 0) {
data/elog-3.1.3-1/src/elogd.c:18953:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[1000], *p;
data/elog-3.1.3-1/src/elogd.c:19002:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ref[256], str[NAME_LENGTH], comment[NAME_LENGTH], list[MAX_N_LIST][NAME_LENGTH],
data/elog-3.1.3-1/src/elogd.c:19013:64: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!getcfg(lbs->name, "Show text", str, sizeof(str)) || atoi(str) == 1) {
data/elog-3.1.3-1/src/elogd.c:19015:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ref, "page%d", page_n);
data/elog-3.1.3-1/src/elogd.c:19027:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ref, "page%d", page_n);
data/elog-3.1.3-1/src/elogd.c:19038:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ref, "page%d", page_n);
data/elog-3.1.3-1/src/elogd.c:19050:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ref, "page%d", page_n);
data/elog-3.1.3-1/src/elogd.c:19058:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cur_exp = atoi(getparam("elattach"));
data/elog-3.1.3-1/src/elogd.c:19060:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cur_exp = atoi(getparam("attach"));
data/elog-3.1.3-1/src/elogd.c:19073:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ref, "page%d", page_n);
data/elog-3.1.3-1/src/elogd.c:19079:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cur_exp = atoi(str);
data/elog-3.1.3-1/src/elogd.c:19081:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cur_exp = atoi(getparam("expand"));
data/elog-3.1.3-1/src/elogd.c:19084:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%d", cur_exp > 0 ? cur_exp - 1 : 0);
data/elog-3.1.3-1/src/elogd.c:19092:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ref, "page%d", page_n);
data/elog-3.1.3-1/src/elogd.c:19095:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%d", cur_exp < 3 ? cur_exp + 1 : 3);
data/elog-3.1.3-1/src/elogd.c:19111:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[256], *buf;
data/elog-3.1.3-1/src/elogd.c:19121:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(file_name, "rb");
data/elog-3.1.3-1/src/elogd.c:19139:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!isparam("new_entries") || atoi(getparam("new_entries")) == 0) {
data/elog-3.1.3-1/src/elogd.c:19155:75: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (getcfg(lbs->name, "Case sensitive search", str, sizeof(str)) && atoi(str))
data/elog-3.1.3-1/src/elogd.c:19171:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = isparam("last") ? atoi(getparam("last")) : 0;
data/elog-3.1.3-1/src/elogd.c:19215:46: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = isparam(list[index]) ? atoi(getparam(list[index])) : 0;
data/elog-3.1.3-1/src/elogd.c:19335:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ref[256], str[256];
data/elog-3.1.3-1/src/elogd.c:19345:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ref, "page%d", page_n - 1);
data/elog-3.1.3-1/src/elogd.c:19357:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ref, "page%d", i);
data/elog-3.1.3-1/src/elogd.c:19392:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ref, "page%d", page_n + 1);
data/elog-3.1.3-1/src/elogd.c:19399:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
max_n_msg = atoi(str);
data/elog-3.1.3-1/src/elogd.c:19404:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ref, "page");
data/elog-3.1.3-1/src/elogd.c:19418:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[NAME_LENGTH];
data/elog-3.1.3-1/src/elogd.c:19419:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lbk_list[MAX_N_LIST][NAME_LENGTH];
data/elog-3.1.3-1/src/elogd.c:19509:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pm[10], py[10], pd[10], ph[10], pn[10], ps[10], str[NAME_LENGTH], str2[NAME_LENGTH];
data/elog-3.1.3-1/src/elogd.c:19532:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
year = atoi(getparam(py));
data/elog-3.1.3-1/src/elogd.c:19542:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
month = atoi(getparam(pm));
data/elog-3.1.3-1/src/elogd.c:19547:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
day = atoi(getparam(pd));
data/elog-3.1.3-1/src/elogd.c:19564:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tms, localtime(<ime), sizeof(struct tm));
data/elog-3.1.3-1/src/elogd.c:19572:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
hour = atoi(getparam(ph));
data/elog-3.1.3-1/src/elogd.c:19578:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
min = atoi(getparam(pn));
data/elog-3.1.3-1/src/elogd.c:19584:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sec = atoi(getparam(ps));
data/elog-3.1.3-1/src/elogd.c:19615:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *p, str[256];
data/elog-3.1.3-1/src/elogd.c:19626:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
month = atoi(p);
data/elog-3.1.3-1/src/elogd.c:19629:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
day = atoi(p);
data/elog-3.1.3-1/src/elogd.c:19632:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
year = atoi(p);
data/elog-3.1.3-1/src/elogd.c:19639:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
day = atoi(p);
data/elog-3.1.3-1/src/elogd.c:19642:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
month = atoi(p);
data/elog-3.1.3-1/src/elogd.c:19645:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
year = atoi(p);
data/elog-3.1.3-1/src/elogd.c:19677:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *p, str[256];
data/elog-3.1.3-1/src/elogd.c:19688:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
month = atoi(p);
data/elog-3.1.3-1/src/elogd.c:19691:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
day = atoi(p);
data/elog-3.1.3-1/src/elogd.c:19694:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
year = atoi(p);
data/elog-3.1.3-1/src/elogd.c:19701:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
day = atoi(p);
data/elog-3.1.3-1/src/elogd.c:19704:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
month = atoi(p);
data/elog-3.1.3-1/src/elogd.c:19707:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
year = atoi(p);
data/elog-3.1.3-1/src/elogd.c:19720:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
hour = atoi(p);
data/elog-3.1.3-1/src/elogd.c:19723:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
min = atoi(p);
data/elog-3.1.3-1/src/elogd.c:19726:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sec = atoi(p);
data/elog-3.1.3-1/src/elogd.c:19761:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256], charset[256], url[256], attrib[MAX_N_ATTR][NAME_LENGTH], date[80], *text, title[2000],
data/elog-3.1.3-1/src/elogd.c:19788:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(url, "https://localhost");
data/elog-3.1.3-1/src/elogd.c:19790:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(url, "http://localhost");
data/elog-3.1.3-1/src/elogd.c:19792:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(url + strlen(url), ":%d", elog_tcp_port);
data/elog-3.1.3-1/src/elogd.c:19803:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(url + strlen(url), ":%d", elog_tcp_port);
data/elog-3.1.3-1/src/elogd.c:19833:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
n = atoi(str);
data/elog-3.1.3-1/src/elogd.c:19853:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
i = build_subst_list(lbs, (char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue, attrib,
data/elog-3.1.3-1/src/elogd.c:19853:68: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
i = build_subst_list(lbs, (char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue, attrib,
data/elog-3.1.3-1/src/elogd.c:19855:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%d", message_id);
data/elog-3.1.3-1/src/elogd.c:19856:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
add_subst_list((char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue, "message id", str, &i);
data/elog-3.1.3-1/src/elogd.c:19856:57: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
add_subst_list((char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue, "message id", str, &i);
data/elog-3.1.3-1/src/elogd.c:19857:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
add_subst_time(lbs, (char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue, "entry time",
data/elog-3.1.3-1/src/elogd.c:19857:62: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
add_subst_time(lbs, (char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue, "entry time",
data/elog-3.1.3-1/src/elogd.c:19860:47: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
strsubst_list(title, sizeof(title), (char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue,
data/elog-3.1.3-1/src/elogd.c:19860:78: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
strsubst_list(title, sizeof(title), (char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue,
data/elog-3.1.3-1/src/elogd.c:19898:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str + strlen(str), "/%d", message_id);
data/elog-3.1.3-1/src/elogd.c:19942:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pt1, pt, size);
data/elog-3.1.3-1/src/elogd.c:19952:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(pt1, "\001B\004style=\003color:black;background-color:#ffff66\003\002");
data/elog-3.1.3-1/src/elogd.c:19954:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(pt1, "<B style=\"color:black;background-color:#ffff66\">");
data/elog-3.1.3-1/src/elogd.c:19960:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pt1, pt, size);
data/elog-3.1.3-1/src/elogd.c:19966:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(pt1, "\001/B\002");
data/elog-3.1.3-1/src/elogd.c:19968:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(pt1, "</B>");
data/elog-3.1.3-1/src/elogd.c:19980:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reply_to[MAX_REPLY_TO * 10], date[80];
data/elog-3.1.3-1/src/elogd.c:19996:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
n_reply = strbreak(reply_to, (char (*)[NAME_LENGTH]) list, MAX_REPLY_TO, ",", FALSE);
data/elog-3.1.3-1/src/elogd.c:19999:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
id = atoi(list + i * NAME_LENGTH);
data/elog-3.1.3-1/src/elogd.c:20020:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char date[80], attrib[MAX_N_ATTR][NAME_LENGTH], disp_attr[MAX_N_ATTR + 4][NAME_LENGTH], *list, *text,
data/elog-3.1.3-1/src/elogd.c:20026:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *p, *pt1, *pt2, *slist, *svalue, *gattr, line[1024], iattr[256];
data/elog-3.1.3-1/src/elogd.c:20172:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
printable = isparam("Printable") ? atoi(getparam("Printable")) : 0;
data/elog-3.1.3-1/src/elogd.c:20179:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
reverse = atoi(getparam("Reverse"));
data/elog-3.1.3-1/src/elogd.c:20183:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
reverse = atoi(str);
data/elog-3.1.3-1/src/elogd.c:20188:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
page_mid = atoi(getparam("id"));
data/elog-3.1.3-1/src/elogd.c:20245:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
show_attachments = atoi(getparam("elattach"));
data/elog-3.1.3-1/src/elogd.c:20249:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
show_attachments = atoi(getparam("attach"));
data/elog-3.1.3-1/src/elogd.c:20253:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!isparam("elattach") || atoi(getparam("elattach")) != show_attachments)
data/elog-3.1.3-1/src/elogd.c:20254:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mode_cookie, "elattach=%d", show_attachments);
data/elog-3.1.3-1/src/elogd.c:20279:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tms, localtime(<ime_start), sizeof(struct tm));
data/elog-3.1.3-1/src/elogd.c:20300:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "Error: Start date after end date");
data/elog-3.1.3-1/src/elogd.c:20309:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tms, localtime(<ime_end), sizeof(struct tm));
data/elog-3.1.3-1/src/elogd.c:20338:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (isparam("new_entries") && atoi(getparam("new_entries")) == 1 && isparam("unm"))
data/elog-3.1.3-1/src/elogd.c:20344:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
search_all = isparam("all") ? atoi(getparam("all")) : 0;
data/elog-3.1.3-1/src/elogd.c:20346:70: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (getcfg(lbs->name, "Search all logbooks", str, sizeof(str)) && atoi(str) == 0)
data/elog-3.1.3-1/src/elogd.c:20424:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
n = atoi(getparam("last"));
data/elog-3.1.3-1/src/elogd.c:20446:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%da", i);
data/elog-3.1.3-1/src/elogd.c:20449:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%db", i);
data/elog-3.1.3-1/src/elogd.c:20521:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
j = build_subst_list(lbs, (char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue, attrib,
data/elog-3.1.3-1/src/elogd.c:20521:71: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
j = build_subst_list(lbs, (char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue, attrib,
data/elog-3.1.3-1/src/elogd.c:20523:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
add_subst_time(lbs, (char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue, "entry time",
data/elog-3.1.3-1/src/elogd.c:20523:65: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
add_subst_time(lbs, (char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue, "entry time",
data/elog-3.1.3-1/src/elogd.c:20526:46: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
strsubst_list(str, sizeof(str), (char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue, j);
data/elog-3.1.3-1/src/elogd.c:20526:77: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
strsubst_list(str, sizeof(str), (char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue, j);
data/elog-3.1.3-1/src/elogd.c:20647:48: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ltime = isparam(attr_list[i]) ? atoi(getparam(attr_list[i])) : 0;
data/elog-3.1.3-1/src/elogd.c:20651:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tms, localtime(&now), sizeof(struct tm));
data/elog-3.1.3-1/src/elogd.c:20659:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(attrib[i]) < now + ltime * 3600 * 24 - 3600 * 12 || atoi(attrib[i]) > now)
data/elog-3.1.3-1/src/elogd.c:20659:80: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(attrib[i]) < now + ltime * 3600 * 24 - 3600 * 12 || atoi(attrib[i]) > now)
data/elog-3.1.3-1/src/elogd.c:20664:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(attrib[i]) > now + ltime * 3600 * 24 + 3600 * 12 || atoi(attrib[i]) < now)
data/elog-3.1.3-1/src/elogd.c:20664:80: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(attrib[i]) > now + ltime * 3600 * 24 + 3600 * 12 || atoi(attrib[i]) < now)
data/elog-3.1.3-1/src/elogd.c:20668:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%da", i);
data/elog-3.1.3-1/src/elogd.c:20670:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (ltime > 0 && atoi(attrib[i]) < ltime)
data/elog-3.1.3-1/src/elogd.c:20673:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%db", i);
data/elog-3.1.3-1/src/elogd.c:20675:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (ltime > 0 && (atoi(attrib[i]) > ltime || atoi(attrib[i]) == 0))
data/elog-3.1.3-1/src/elogd.c:20675:61: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (ltime > 0 && (atoi(attrib[i]) > ltime || atoi(attrib[i]) == 0))
data/elog-3.1.3-1/src/elogd.c:20684:46: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
j = build_subst_list(lbs, (char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue,
data/elog-3.1.3-1/src/elogd.c:20684:77: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
j = build_subst_list(lbs, (char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue,
data/elog-3.1.3-1/src/elogd.c:20686:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mid, "%d", message_id);
data/elog-3.1.3-1/src/elogd.c:20687:35: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
add_subst_list((char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue, "message id",
data/elog-3.1.3-1/src/elogd.c:20687:66: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
add_subst_list((char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue, "message id",
data/elog-3.1.3-1/src/elogd.c:20689:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
add_subst_time(lbs, (char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue,
data/elog-3.1.3-1/src/elogd.c:20689:71: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
add_subst_time(lbs, (char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue,
data/elog-3.1.3-1/src/elogd.c:20692:52: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
strsubst_list(str, sizeof(str), (char (*)[NAME_LENGTH]) slist,
data/elog-3.1.3-1/src/elogd.c:20693:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char (*)[NAME_LENGTH]) svalue, j);
data/elog-3.1.3-1/src/elogd.c:20713:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (isparam("sall") && atoi(getparam("sall")) && status == REG_NOMATCH) {
data/elog-3.1.3-1/src/elogd.c:20744:47: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
msg_list[index].number = atoi(attrib[j]);
data/elog-3.1.3-1/src/elogd.c:20753:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%08d", message_id);
data/elog-3.1.3-1/src/elogd.c:20761:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%08d", (int) entry_ltime);
data/elog-3.1.3-1/src/elogd.c:20773:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
msg_list[index].number = atoi(attrib[i]);
data/elog-3.1.3-1/src/elogd.c:20855:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&msg_list[j++], &msg_list[i], sizeof(MSG_LIST));
data/elog-3.1.3-1/src/elogd.c:20868:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
n_page = atoi(str);
data/elog-3.1.3-1/src/elogd.c:20872:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
n_page = atoi(getparam("npp"));
data/elog-3.1.3-1/src/elogd.c:20914:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
i = build_subst_list(lbs, (char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue, NULL, TRUE);
data/elog-3.1.3-1/src/elogd.c:20914:65: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
i = build_subst_list(lbs, (char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue, NULL, TRUE);
data/elog-3.1.3-1/src/elogd.c:20915:40: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
strsubst_list(str, sizeof(str), (char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue, i);
data/elog-3.1.3-1/src/elogd.c:20915:71: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
strsubst_list(str, sizeof(str), (char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue, i);
data/elog-3.1.3-1/src/elogd.c:20981:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
refresh = atoi(refr);
data/elog-3.1.3-1/src/elogd.c:21074:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (isparam("select") && atoi(getparam("select")) == 1) {
data/elog-3.1.3-1/src/elogd.c:21084:25: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "&select=1");
data/elog-3.1.3-1/src/elogd.c:21086:25: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "?select=1");
data/elog-3.1.3-1/src/elogd.c:21111:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[256], *buf;
data/elog-3.1.3-1/src/elogd.c:21123:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(file_name, "rb");
data/elog-3.1.3-1/src/elogd.c:21153:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%da", i);
data/elog-3.1.3-1/src/elogd.c:21157:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%db", i);
data/elog-3.1.3-1/src/elogd.c:21173:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (isparam("new_entries") && atoi(getparam("new_entries")) == 1) {
data/elog-3.1.3-1/src/elogd.c:21177:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tms, localtime(<ime_start), sizeof(struct tm));
data/elog-3.1.3-1/src/elogd.c:21225:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tms, localtime(<ime), sizeof(struct tm));
data/elog-3.1.3-1/src/elogd.c:21238:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%da", i);
data/elog-3.1.3-1/src/elogd.c:21240:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%db", i);
data/elog-3.1.3-1/src/elogd.c:21247:22: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tms, localtime(<ime1), sizeof(struct tm));
data/elog-3.1.3-1/src/elogd.c:21259:22: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tms, localtime(<ime2), sizeof(struct tm));
data/elog-3.1.3-1/src/elogd.c:21400:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
n_line = atoi(str);
data/elog-3.1.3-1/src/elogd.c:21403:63: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (getcfg(lbs->name, "Show text", str, sizeof(str)) && atoi(str) == 0)
data/elog-3.1.3-1/src/elogd.c:21408:72: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (getcfg(lbs->name, "Enable attachments", str, sizeof(str)) && atoi(str) == 0)
data/elog-3.1.3-1/src/elogd.c:21413:67: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (getcfg(lbs->name, "Mode commands", str, sizeof(str)) && atoi(str) == 0)
data/elog-3.1.3-1/src/elogd.c:21445:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (isparam("select") && atoi(getparam("select")) == 1)
data/elog-3.1.3-1/src/elogd.c:21467:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
n = strbreak(list, (char (*)[NAME_LENGTH]) gattr, MAX_N_ATTR, ",", FALSE);
data/elog-3.1.3-1/src/elogd.c:21499:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(disp_attr + 3, attr_list, sizeof(attr_list));
data/elog-3.1.3-1/src/elogd.c:21500:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(disp_attr_flags + 3, attr_flags, sizeof(attr_flags));
data/elog-3.1.3-1/src/elogd.c:21506:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(disp_attr + 2, attr_list, sizeof(attr_list));
data/elog-3.1.3-1/src/elogd.c:21507:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(disp_attr_flags + 2, attr_flags, sizeof(attr_flags));
data/elog-3.1.3-1/src/elogd.c:21514:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
n = strbreak(list, (char (*)[NAME_LENGTH]) gattr, MAX_N_ATTR, ",", FALSE);
data/elog-3.1.3-1/src/elogd.c:21535:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (isparam("select") && atoi(getparam("select")) == 1)
data/elog-3.1.3-1/src/elogd.c:21549:80: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (getcfg(lbs->name, "Reverse sort", str2, sizeof(str2)) && atoi(str2) == 1)
data/elog-3.1.3-1/src/elogd.c:21604:65: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (getcfg(lbs->name, "List drafts", str, sizeof(str)) && atoi(str) == 0)
data/elog-3.1.3-1/src/elogd.c:21636:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ltime = atoi(attrib[i]);
data/elog-3.1.3-1/src/elogd.c:21651:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ltime = atoi(attrib[i]);
data/elog-3.1.3-1/src/elogd.c:21731:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ltime = atoi(attrib[i]);
data/elog-3.1.3-1/src/elogd.c:21746:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ltime = atoi(attrib[i]);
data/elog-3.1.3-1/src/elogd.c:21812:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
expand = atoi(str);
data/elog-3.1.3-1/src/elogd.c:21815:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
expand = atoi(getparam("expand"));
data/elog-3.1.3-1/src/elogd.c:21820:93: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (expand == 0 && (!getcfg(lbs->name, "Collapse to last", str, sizeof(str)) || atoi(str) == 1)) {
data/elog-3.1.3-1/src/elogd.c:21838:43: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
isparam("select") ? atoi(getparam("select")) : 0, &n_display, locked_by, 0, re_buf,
data/elog-3.1.3-1/src/elogd.c:21845:54: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
display_reply(msg_list[index].lbs, atoi(p), printable, expand, n_line, n_attr_disp,
data/elog-3.1.3-1/src/elogd.c:21918:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char date[80], attrib[MAX_N_ATTR][NAME_LENGTH], *text, in_reply_to[80], reply_to[MAX_REPLY_TO * 10],
data/elog-3.1.3-1/src/elogd.c:21931:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(in_reply_to))
data/elog-3.1.3-1/src/elogd.c:21932:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
head_id = find_thread_head(lbs, atoi(in_reply_to));
data/elog-3.1.3-1/src/elogd.c:21939:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(disp_attr + 2, attr_list, sizeof(attr_list));
data/elog-3.1.3-1/src/elogd.c:21955:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
display_reply(lbs, atoi(p), FALSE, 1, 0, n_attr_disp, disp_attr, FALSE, 1, message_id, NULL,
data/elog-3.1.3-1/src/elogd.c:21975:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attachment[MAX_ATTACHMENTS][MAX_PATH_LENGTH];
data/elog-3.1.3-1/src/elogd.c:21984:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char att_file[MAX_ATTACHMENTS][256], char *mail_text, int size,
data/elog-3.1.3-1/src/elogd.c:21988:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256], file_name[256], buffer[256], domain[256], subdir[256];
data/elog-3.1.3-1/src/elogd.c:22051:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(file_name, O_RDONLY | O_BINARY);
data/elog-3.1.3-1/src/elogd.c:22064:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(mail_text + length, "\r\n");
data/elog-3.1.3-1/src/elogd.c:22076:39: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void format_email_text(LOGBOOK * lbs, char attrib[MAX_N_ATTR][NAME_LENGTH],
data/elog-3.1.3-1/src/elogd.c:22077:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char att_file[MAX_ATTACHMENTS][256], int old_mail, char *url, char *multipart_boundary,
data/elog-3.1.3-1/src/elogd.c:22081:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[NAME_LENGTH + 100], str2[256], mail_from[256], mail_from_name[256], format[256],
data/elog-3.1.3-1/src/elogd.c:22096:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mail_text + strlen(mail_text), "Content-Transfer-Encoding: 7bit\r\n\r\n");
data/elog-3.1.3-1/src/elogd.c:22102:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
flags = atoi(str);
data/elog-3.1.3-1/src/elogd.c:22156:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, " ");
data/elog-3.1.3-1/src/elogd.c:22157:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(str, attr_list[i], strlen(attr_list[i]));
data/elog-3.1.3-1/src/elogd.c:22172:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ltime = atoi(attrib[i]);
data/elog-3.1.3-1/src/elogd.c:22186:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ltime = atoi(attrib[i]);
data/elog-3.1.3-1/src/elogd.c:22199:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
strcpy(comment, atoi(attrib[i]) ? "1" : "0");
data/elog-3.1.3-1/src/elogd.c:22235:55: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void format_email_html(LOGBOOK * lbs, int message_id, char attrib[MAX_N_ATTR][NAME_LENGTH],
data/elog-3.1.3-1/src/elogd.c:22236:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char att_file[MAX_ATTACHMENTS][256], int old_mail, char *encoding, char *url,
data/elog-3.1.3-1/src/elogd.c:22240:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[NAME_LENGTH + 100], str2[256], mail_from[256], mail_from_name[256], format[256],
data/elog-3.1.3-1/src/elogd.c:22258:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(multipart_boundary_related, "------------%04X%04X%04X", rand(), rand(), rand());
data/elog-3.1.3-1/src/elogd.c:22276:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
flags = atoi(str);
data/elog-3.1.3-1/src/elogd.c:22278:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(mail_text + strlen(mail_text),
data/elog-3.1.3-1/src/elogd.c:22280:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(mail_text + strlen(mail_text), "<html>\r\n<head>\r\n <title></title>\r\n</head>\r\n<body>\r\n");
data/elog-3.1.3-1/src/elogd.c:22283:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(mail_text + strlen(mail_text), "<h3>\r\n");
data/elog-3.1.3-1/src/elogd.c:22336:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, " ");
data/elog-3.1.3-1/src/elogd.c:22337:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(str, attr_list[i], strlen(attr_list[i]));
data/elog-3.1.3-1/src/elogd.c:22352:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ltime = atoi(attrib[i]);
data/elog-3.1.3-1/src/elogd.c:22366:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ltime = atoi(attrib[i]);
data/elog-3.1.3-1/src/elogd.c:22379:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
strcpy(comment, atoi(attrib[i]) ? "1" : "0");
data/elog-3.1.3-1/src/elogd.c:22405:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mail_text + strlen(mail_text), "</table>\r\n");
data/elog-3.1.3-1/src/elogd.c:22412:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mail_text + strlen(mail_text), "\r\n<HR>\r\n");
data/elog-3.1.3-1/src/elogd.c:22423:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(mail_text + strlen(mail_text), "\r\n</html></body>\r\n\r\n");
data/elog-3.1.3-1/src/elogd.c:22436:56: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void format_email_html2(LOGBOOK * lbs, int message_id, char att_file[MAX_ATTACHMENTS][256], int old_mail,
data/elog-3.1.3-1/src/elogd.c:22439:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256], charset[256], multipart_boundary_related[256], *p;
data/elog-3.1.3-1/src/elogd.c:22442:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%d", message_id);
data/elog-3.1.3-1/src/elogd.c:22455:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(multipart_boundary_related, "------------%04X%04X%04X", rand(), rand(), rand());
data/elog-3.1.3-1/src/elogd.c:22491:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int compose_email(LOGBOOK * lbs, char *rcpt_to, char *mail_to, int message_id,
data/elog-3.1.3-1/src/elogd.c:22491:49: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int compose_email(LOGBOOK * lbs, char *rcpt_to, char *mail_to, int message_id,
data/elog-3.1.3-1/src/elogd.c:22492:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attrib[MAX_N_ATTR][NAME_LENGTH], char *mail_param, int old_mail,
data/elog-3.1.3-1/src/elogd.c:22492:57: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attrib[MAX_N_ATTR][NAME_LENGTH], char *mail_param, int old_mail,
data/elog-3.1.3-1/src/elogd.c:22493:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char att_file[MAX_ATTACHMENTS][256], char *encoding, int reply_id)
data/elog-3.1.3-1/src/elogd.c:22496:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[NAME_LENGTH + 100], mail_from[256], mail_from_name[256], *mail_text, smtp_host[256],
data/elog-3.1.3-1/src/elogd.c:22498:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char list[MAX_PARAM][NAME_LENGTH], url[256];
data/elog-3.1.3-1/src/elogd.c:22499:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char slist[MAX_N_ATTR + 10][NAME_LENGTH], svalue[MAX_N_ATTR + 10][NAME_LENGTH];
data/elog-3.1.3-1/src/elogd.c:22500:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char multipart_boundary[80];
data/elog-3.1.3-1/src/elogd.c:22511:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
flags = atoi(str);
data/elog-3.1.3-1/src/elogd.c:22520:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
mail_encoding = atoi(str);
data/elog-3.1.3-1/src/elogd.c:22527:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%d", message_id);
data/elog-3.1.3-1/src/elogd.c:22532:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%d", message_id);
data/elog-3.1.3-1/src/elogd.c:22537:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(subject, "Updated ELOG entry");
data/elog-3.1.3-1/src/elogd.c:22539:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(subject, "New ELOG entry");
data/elog-3.1.3-1/src/elogd.c:22612:79: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!getcfg(lbs->name, "Display email recipients", str, sizeof(str)) || atoi(str) == 1) {
data/elog-3.1.3-1/src/elogd.c:22652:50: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int execute_shell(LOGBOOK * lbs, int message_id, char attrib[MAX_N_ATTR][NAME_LENGTH],
data/elog-3.1.3-1/src/elogd.c:22653:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char att_file[MAX_ATTACHMENTS][256], char *sh_cmd)
data/elog-3.1.3-1/src/elogd.c:22656:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char slist[MAX_N_ATTR + 10][NAME_LENGTH], svalue[MAX_N_ATTR + 10][NAME_LENGTH];
data/elog-3.1.3-1/src/elogd.c:22657:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shell_cmd[10000], tail[1000], str[NAME_LENGTH], *p, subdir[256];
data/elog-3.1.3-1/src/elogd.c:22667:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%d", message_id);
data/elog-3.1.3-1/src/elogd.c:22687:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(p, "\" ");
data/elog-3.1.3-1/src/elogd.c:22707:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[NAME_LENGTH], av_encoded[NAME_LENGTH], *buf, *buf2, *p1, *p2, *p3;
data/elog-3.1.3-1/src/elogd.c:22709:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(config_file, O_RDWR | O_BINARY, 0644);
data/elog-3.1.3-1/src/elogd.c:22712:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, ": ");
data/elog-3.1.3-1/src/elogd.c:22773:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, ": ");
data/elog-3.1.3-1/src/elogd.c:22797:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[NAME_LENGTH], *buf, *buf2, *p1, *p2, *p3;
data/elog-3.1.3-1/src/elogd.c:22799:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(config_file, O_RDWR | O_BINARY, 0644);
data/elog-3.1.3-1/src/elogd.c:22802:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, ": ");
data/elog-3.1.3-1/src/elogd.c:22859:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, ": ");
data/elog-3.1.3-1/src/elogd.c:22880:53: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int propagate_attrib(LOGBOOK * lbs, int message_id, char attrib[MAX_N_ATTR][NAME_LENGTH])
data/elog-3.1.3-1/src/elogd.c:22883:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[NAME_LENGTH], att_file[MAX_ATTACHMENTS][256], *attr, *list, reply_to[MAX_REPLY_TO * 10];
data/elog-3.1.3-1/src/elogd.c:22888:60: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
status = el_retrieve(lbs, message_id, NULL, attr_list, (char (*)[NAME_LENGTH]) attr, lbs->n_attr,
data/elog-3.1.3-1/src/elogd.c:22897:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
n = strbreak(str, (char (*)[1500])list, MAX_N_ATTR, ",", FALSE);
data/elog-3.1.3-1/src/elogd.c:22906:72: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
message_id = el_submit(lbs, message_id, TRUE, "<keep>", attr_list, (char (*)[1500])attr, lbs->n_attr, "<keep>",
data/elog-3.1.3-1/src/elogd.c:22915:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
n = strbreak(reply_to, (char (*)[1500])list, MAX_N_ATTR, ",", FALSE);
data/elog-3.1.3-1/src/elogd.c:22917:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
propagate_attrib(lbs, atoi(list+i*NAME_LENGTH), attrib);
data/elog-3.1.3-1/src/elogd.c:22927:54: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int submit_elog_reply(LOGBOOK * lbs, int message_id, char attrib[MAX_N_ATTR][NAME_LENGTH], char *text)
data/elog-3.1.3-1/src/elogd.c:22930:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str1[80], str2[80], att_file[MAX_ATTACHMENTS][256], reply_to[MAX_REPLY_TO * 10],
data/elog-3.1.3-1/src/elogd.c:22955:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
submit_elog_reply(lbs, atoi(list[i]), attrib, text);
data/elog-3.1.3-1/src/elogd.c:22966:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[NAME_LENGTH], str2[NAME_LENGTH], file_name[256], error[1000], date[80], *mail_list, *rcpt_list,
data/elog-3.1.3-1/src/elogd.c:22979:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
bedit = isparam("edit_id") && atoi(getparam("edit_id"));
data/elog-3.1.3-1/src/elogd.c:22999:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "d%d", i);
data/elog-3.1.3-1/src/elogd.c:23002:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "m%d", i);
data/elog-3.1.3-1/src/elogd.c:23005:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "y%d", i);
data/elog-3.1.3-1/src/elogd.c:23011:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "d%d", i);
data/elog-3.1.3-1/src/elogd.c:23014:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "m%d", i);
data/elog-3.1.3-1/src/elogd.c:23017:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "y%d", i);
data/elog-3.1.3-1/src/elogd.c:23020:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "h%d", i);
data/elog-3.1.3-1/src/elogd.c:23023:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "n%d", i);
data/elog-3.1.3-1/src/elogd.c:23051:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(error, "<i>");
data/elog-3.1.3-1/src/elogd.c:23053:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(error + strlen(error), ".</i><p>\n");
data/elog-3.1.3-1/src/elogd.c:23055:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(error, ".\n");
data/elog-3.1.3-1/src/elogd.c:23086:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(ua, "_0");
data/elog-3.1.3-1/src/elogd.c:23091:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(getparam(ua)) != 0 && atoi(getparam(ua)) != 1 && strcmp(getparam(ua), "<keep>") != 0) {
data/elog-3.1.3-1/src/elogd.c:23091:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(getparam(ua)) != 0 && atoi(getparam(ua)) != 1 && strcmp(getparam(ua), "<keep>") != 0) {
data/elog-3.1.3-1/src/elogd.c:23122:22: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(error, "<br>");
data/elog-3.1.3-1/src/elogd.c:23131:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char encoded[100];
data/elog-3.1.3-1/src/elogd.c:23144:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
allowed_encoding = atoi(str);
data/elog-3.1.3-1/src/elogd.c:23152:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(encoding, "plain");
data/elog-3.1.3-1/src/elogd.c:23169:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "attachment%d", i);
data/elog-3.1.3-1/src/elogd.c:23210:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "m%d", i);
data/elog-3.1.3-1/src/elogd.c:23212:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(attrib[i], "<keep>");
data/elog-3.1.3-1/src/elogd.c:23214:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "y%d", i);
data/elog-3.1.3-1/src/elogd.c:23215:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
year = isparam(str) ? atoi(getparam(str)) : 0;
data/elog-3.1.3-1/src/elogd.c:23219:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "m%d", i);
data/elog-3.1.3-1/src/elogd.c:23220:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
month = isparam(str) ? atoi(getparam(str)) : 0;
data/elog-3.1.3-1/src/elogd.c:23222:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "d%d", i);
data/elog-3.1.3-1/src/elogd.c:23223:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
day = isparam(str) ? atoi(getparam(str)) : 0;
data/elog-3.1.3-1/src/elogd.c:23240:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(attrib[i], "%d", ltime);
data/elog-3.1.3-1/src/elogd.c:23251:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "m%d", i);
data/elog-3.1.3-1/src/elogd.c:23253:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(attrib[i], "<keep>");
data/elog-3.1.3-1/src/elogd.c:23255:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "y%d", i);
data/elog-3.1.3-1/src/elogd.c:23256:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
year = isparam(str) ? atoi(getparam(str)) : 0;
data/elog-3.1.3-1/src/elogd.c:23260:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "m%d", i);
data/elog-3.1.3-1/src/elogd.c:23261:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
month = isparam(str) ? atoi(getparam(str)) : 0;
data/elog-3.1.3-1/src/elogd.c:23263:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "d%d", i);
data/elog-3.1.3-1/src/elogd.c:23264:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
day = isparam(str) ? atoi(getparam(str)) : 0;
data/elog-3.1.3-1/src/elogd.c:23266:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "h%d", i);
data/elog-3.1.3-1/src/elogd.c:23267:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
hour = isparam(str) ? atoi(getparam(str)) : 0;
data/elog-3.1.3-1/src/elogd.c:23269:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "n%d", i);
data/elog-3.1.3-1/src/elogd.c:23270:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
min = isparam(str) ? atoi(getparam(str)) : 0;
data/elog-3.1.3-1/src/elogd.c:23272:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "c%d", i);
data/elog-3.1.3-1/src/elogd.c:23273:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sec = isparam(str) ? atoi(getparam(str)) : 0;
data/elog-3.1.3-1/src/elogd.c:23293:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(attrib[i], "%d", ltime);
data/elog-3.1.3-1/src/elogd.c:23361:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str2, "...");
data/elog-3.1.3-1/src/elogd.c:23407:40: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (bedit && isparam("resubmit") && atoi(getparam("resubmit")) == 1) {
data/elog-3.1.3-1/src/elogd.c:23408:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
resubmit_orig = atoi(getparam("edit_id"));
data/elog-3.1.3-1/src/elogd.c:23426:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
message_id = atoi(getparam("edit_id"));
data/elog-3.1.3-1/src/elogd.c:23427:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(in_reply_to, "<keep>");
data/elog-3.1.3-1/src/elogd.c:23428:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(reply_to, "<keep>");
data/elog-3.1.3-1/src/elogd.c:23432:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
message_id = atoi(getparam("edit_id"));
data/elog-3.1.3-1/src/elogd.c:23433:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(in_reply_to, "<keep>");
data/elog-3.1.3-1/src/elogd.c:23434:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(reply_to, "<keep>");
data/elog-3.1.3-1/src/elogd.c:23435:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(date, "<keep>");
data/elog-3.1.3-1/src/elogd.c:23437:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(locked_by, "<keep>");
data/elog-3.1.3-1/src/elogd.c:23444:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "EDIT multiple entries");
data/elog-3.1.3-1/src/elogd.c:23446:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "DRAFT entry #%d", message_id);
data/elog-3.1.3-1/src/elogd.c:23448:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "EDIT entry #%d", message_id);
data/elog-3.1.3-1/src/elogd.c:23450:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "NEW entry #%d", message_id);
data/elog-3.1.3-1/src/elogd.c:23456:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
for (i = n = 0; i < atoi(getparam("nsel")); i++) {
data/elog-3.1.3-1/src/elogd.c:23457:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "s%d", i);
data/elog-3.1.3-1/src/elogd.c:23460:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
message_id = atoi(getparam(str));
data/elog-3.1.3-1/src/elogd.c:23465:16: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "\n<p>");
data/elog-3.1.3-1/src/elogd.c:23482:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "\n<p>");
data/elog-3.1.3-1/src/elogd.c:23511:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%d/", message_id);
data/elog-3.1.3-1/src/elogd.c:23513:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "elog:%d/", message_id);
data/elog-3.1.3-1/src/elogd.c:23537:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
suppress = isparam("suppress") ? atoi(getparam("suppress")) : 0;
data/elog-3.1.3-1/src/elogd.c:23552:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(mail_param, "?suppress=1");
data/elog-3.1.3-1/src/elogd.c:23561:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "Email ");
data/elog-3.1.3-1/src/elogd.c:23588:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "Email ALL");
data/elog-3.1.3-1/src/elogd.c:23594:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
n = strbreak(list, (char (*)[1500]) mail_list, 200, ",", FALSE);
data/elog-3.1.3-1/src/elogd.c:23621:78: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!getcfg(lbs->name, "Suppress Email to users", str, sizeof(str)) || atoi(str) == 0) {
data/elog-3.1.3-1/src/elogd.c:23665:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&rcpt_list[k * NAME_LENGTH], &rcpt_list[(k + 1) * NAME_LENGTH], NAME_LENGTH);
data/elog-3.1.3-1/src/elogd.c:23666:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&mail_list[k * NAME_LENGTH], &mail_list[(k + 1) * NAME_LENGTH], NAME_LENGTH);
data/elog-3.1.3-1/src/elogd.c:23694:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(mail_to, ",\r\n\t");
data/elog-3.1.3-1/src/elogd.c:23706:79: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
isparam("encoding") ? getparam("encoding") : "plain", atoi(in_reply_to)) == 0) {
data/elog-3.1.3-1/src/elogd.c:23722:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!(isparam("shell_suppress") && atoi(getparam("shell_suppress")))) {
data/elog-3.1.3-1/src/elogd.c:23746:68: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (getcfg(lbs->name, "List after submit", str, sizeof(str)) && atoi(str) == 1)
data/elog-3.1.3-1/src/elogd.c:23757:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[1000], date[80], attrib_value[MAX_N_ATTR][NAME_LENGTH], attrib_name[MAX_N_ATTR][NAME_LENGTH],
data/elog-3.1.3-1/src/elogd.c:23765:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "attachment%d", i);
data/elog-3.1.3-1/src/elogd.c:23782:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
message_id = atoi(value);
data/elog-3.1.3-1/src/elogd.c:23820:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "\n<p>");
data/elog-3.1.3-1/src/elogd.c:23826:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%d", message_id);
data/elog-3.1.3-1/src/elogd.c:23836:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256], str2[256], file_name[MAX_PATH_LENGTH], thumb_name[MAX_PATH_LENGTH],
data/elog-3.1.3-1/src/elogd.c:23858:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
n = isparam("nsel") ? atoi(getparam("nsel")) : 0;
data/elog-3.1.3-1/src/elogd.c:23865:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "s%d", index);
data/elog-3.1.3-1/src/elogd.c:23869:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
source_id = isparam(str) ? atoi(getparam(str)) : 0;
data/elog-3.1.3-1/src/elogd.c:23879:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg_str, "%d", source_id);
data/elog-3.1.3-1/src/elogd.c:23891:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
while (atoi(in_reply_to) > 0) {
data/elog-3.1.3-1/src/elogd.c:23892:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
source_id = atoi(in_reply_to);
data/elog-3.1.3-1/src/elogd.c:23898:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(msg_str, "%d", source_id);
data/elog-3.1.3-1/src/elogd.c:23918:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(file_name, O_RDONLY | O_BINARY);
data/elog-3.1.3-1/src/elogd.c:23946:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(thumb_name, O_RDONLY | O_BINARY);
data/elog-3.1.3-1/src/elogd.c:23971:27: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(thumb_name, O_RDONLY | O_BINARY);
data/elog-3.1.3-1/src/elogd.c:23999:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "[IMG]elog:%d/", src_id);
data/elog-3.1.3-1/src/elogd.c:24016:66: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (getcfg(lbs->name, "Preserve IDs", str, sizeof(str)) && atoi(str) == 1) {
data/elog-3.1.3-1/src/elogd.c:24028:66: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (getcfg(lbs->name, "Preserve IDs", str, sizeof(str)) && atoi(str) == 1)
data/elog-3.1.3-1/src/elogd.c:24036:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%d", orig_id);
data/elog-3.1.3-1/src/elogd.c:24045:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "\n<p>");
data/elog-3.1.3-1/src/elogd.c:24060:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
copy_to(lbs, atoi(list + i * NAME_LENGTH), dest_logbook, move, message_id);
data/elog-3.1.3-1/src/elogd.c:24088:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%d", next_id);
data/elog-3.1.3-1/src/elogd.c:24099:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256], att_enc[256], domain[256], *pt, *p;
data/elog-3.1.3-1/src/elogd.c:24104:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "[img]elog:/%d[/img]", i + 1);
data/elog-3.1.3-1/src/elogd.c:24107:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "[img]elog:%d/%d[/img]", message_id, i + 1);
data/elog-3.1.3-1/src/elogd.c:24139:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[2 * MAX_PATH_LENGTH], cmd[2 * MAX_PATH_LENGTH], thumb_size[256], thumb_options[256];
data/elog-3.1.3-1/src/elogd.c:24205:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[MAX_PATH_LENGTH];
data/elog-3.1.3-1/src/elogd.c:24234:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str + strlen(str), "-%d.png", index);
data/elog-3.1.3-1/src/elogd.c:24258:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[1024], cmd[1024], file_name[256], thumb_name[256], subdir[256];
data/elog-3.1.3-1/src/elogd.c:24283:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(str) > 0) {
data/elog-3.1.3-1/src/elogd.c:24284:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cur_width = atoi(str);
data/elog-3.1.3-1/src/elogd.c:24286:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cur_height = atoi(strchr(str, 'x') + 1);
data/elog-3.1.3-1/src/elogd.c:24290:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cur_rot = atoi(strchr(str, ' ') + 1);
data/elog-3.1.3-1/src/elogd.c:24353:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[2 * NAME_LENGTH], str2[NAME_LENGTH], ref[256], file_enc[256], attrib[MAX_N_ATTR][NAME_LENGTH];
data/elog-3.1.3-1/src/elogd.c:24354:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char date[80], text[TEXT_SIZE], menu_str[1000], cmd[256], script[256], orig_tag[80],
data/elog-3.1.3-1/src/elogd.c:24368:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
message_id = atoi(dec_path);
data/elog-3.1.3-1/src/elogd.c:24392:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(menu_str, "List, New, Edit, Delete, Reply, Duplicate, Find, ");
data/elog-3.1.3-1/src/elogd.c:24395:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(menu_str, "Config, Logout, ");
data/elog-3.1.3-1/src/elogd.c:24397:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(menu_str, "Config, ");
data/elog-3.1.3-1/src/elogd.c:24400:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(menu_str, "Help");
data/elog-3.1.3-1/src/elogd.c:24412:13: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(menu_str, ", ");
data/elog-3.1.3-1/src/elogd.c:24484:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%d", message_id);
data/elog-3.1.3-1/src/elogd.c:24504:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (dec_path[0] && atoi(dec_path) == 0) {
data/elog-3.1.3-1/src/elogd.c:24527:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "READ entry #%d", message_id);
data/elog-3.1.3-1/src/elogd.c:24546:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mid, "%d", message_id);
data/elog-3.1.3-1/src/elogd.c:24552:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "ELOG");
data/elog-3.1.3-1/src/elogd.c:24559:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ref, "%d", message_id);
data/elog-3.1.3-1/src/elogd.c:24586:70: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!getcfg(lbs->name, "Enable browsing", str, sizeof(str)) || atoi(str) == 1) {
data/elog-3.1.3-1/src/elogd.c:24666:75: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (getcfg(lbs->name, "Back to main", str, sizeof(str)) && atoi(str) == 1)
data/elog-3.1.3-1/src/elogd.c:24688:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[256], *buf;
data/elog-3.1.3-1/src/elogd.c:24700:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(file_name, "rb");
data/elog-3.1.3-1/src/elogd.c:24762:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "mail%d", i);
data/elog-3.1.3-1/src/elogd.c:24816:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
j = build_subst_list(lbs, (char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue, attrib,
data/elog-3.1.3-1/src/elogd.c:24816:68: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
j = build_subst_list(lbs, (char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue, attrib,
data/elog-3.1.3-1/src/elogd.c:24818:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%d", message_id);
data/elog-3.1.3-1/src/elogd.c:24819:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
add_subst_list((char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue, "message id", str, &j);
data/elog-3.1.3-1/src/elogd.c:24819:57: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
add_subst_list((char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue, "message id", str, &j);
data/elog-3.1.3-1/src/elogd.c:24820:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
add_subst_time(lbs, (char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue, "entry time",
data/elog-3.1.3-1/src/elogd.c:24820:62: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
add_subst_time(lbs, (char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue, "entry time",
data/elog-3.1.3-1/src/elogd.c:24823:51: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
strsubst_list(display, sizeof(display), (char (*)[NAME_LENGTH]) slist,
data/elog-3.1.3-1/src/elogd.c:24824:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char (*)[NAME_LENGTH]) svalue, j);
data/elog-3.1.3-1/src/elogd.c:24827:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(display, "%d", message_id);
data/elog-3.1.3-1/src/elogd.c:24831:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str + strlen(str), "%d", message_id);
data/elog-3.1.3-1/src/elogd.c:24896:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
format_flags[i] = atoi(fl[0]);
data/elog-3.1.3-1/src/elogd.c:24937:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(class_name, "attribname");
data/elog-3.1.3-1/src/elogd.c:24938:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(class_value, "attribvalue");
data/elog-3.1.3-1/src/elogd.c:24969:74: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (getcfg(lbs->name, "Filtered browsing", str, sizeof(str)) && atoi(str) == 1) {
data/elog-3.1.3-1/src/elogd.c:24979:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(attrib[i]) == 1)
data/elog-3.1.3-1/src/elogd.c:25026:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ltime = atoi(attrib[i]);
data/elog-3.1.3-1/src/elogd.c:25043:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ltime = atoi(attrib[i]);
data/elog-3.1.3-1/src/elogd.c:25058:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
k = build_subst_list(lbs, (char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue,
data/elog-3.1.3-1/src/elogd.c:25058:74: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
k = build_subst_list(lbs, (char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue,
data/elog-3.1.3-1/src/elogd.c:25060:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%d", message_id);
data/elog-3.1.3-1/src/elogd.c:25061:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
add_subst_list((char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue, "message id",
data/elog-3.1.3-1/src/elogd.c:25061:63: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
add_subst_list((char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue, "message id",
data/elog-3.1.3-1/src/elogd.c:25063:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
add_subst_time(lbs, (char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue,
data/elog-3.1.3-1/src/elogd.c:25063:68: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
add_subst_time(lbs, (char (*)[NAME_LENGTH]) slist, (char (*)[NAME_LENGTH]) svalue,
data/elog-3.1.3-1/src/elogd.c:25066:57: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
strsubst_list(display, sizeof(display), (char (*)[NAME_LENGTH]) slist,
data/elog-3.1.3-1/src/elogd.c:25067:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
(char (*)[NAME_LENGTH]) svalue, k);
data/elog-3.1.3-1/src/elogd.c:25107:72: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
show_text = !getcfg(lbs->name, "Show text", str, sizeof(str)) || atoi(str) == 1;
data/elog-3.1.3-1/src/elogd.c:25141:86: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
att_hide[i] = getcfg(lbs->name, "Show attachments", str, sizeof(str)) && atoi(str) == 0;
data/elog-3.1.3-1/src/elogd.c:25154:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(p) < MAX_ATTACHMENTS) {
data/elog-3.1.3-1/src/elogd.c:25155:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
att_hide[atoi(p)] = 1;
data/elog-3.1.3-1/src/elogd.c:25165:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(p) < MAX_ATTACHMENTS) {
data/elog-3.1.3-1/src/elogd.c:25166:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
att_hide[atoi(p)] = 0;
data/elog-3.1.3-1/src/elogd.c:25186:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(file_name, O_RDONLY | O_BINARY);
data/elog-3.1.3-1/src/elogd.c:25333:31: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str + strlen(str), "-%d.png", i);
data/elog-3.1.3-1/src/elogd.c:25339:34: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str + strlen(str), "-%d.png", i);
data/elog-3.1.3-1/src/elogd.c:25379:29: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(file_name, "rt");
data/elog-3.1.3-1/src/elogd.c:25382:42: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
max_n_lines = atoi(str);
data/elog-3.1.3-1/src/elogd.c:25432:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[256], password[256], full_name[256], email[256], email_notify[256];
data/elog-3.1.3-1/src/elogd.c:25439:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(file_name, O_RDONLY | O_BINARY);
data/elog-3.1.3-1/src/elogd.c:25453:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(name, O_WRONLY | O_BINARY | O_CREAT | O_TRUNC, 0644);
data/elog-3.1.3-1/src/elogd.c:25551:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256], oldpwd[256], file_name[256];
data/elog-3.1.3-1/src/elogd.c:25570:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "/list/user[%d]/password", i + 1);
data/elog-3.1.3-1/src/elogd.c:25599:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256], line[256], file_name[256];
data/elog-3.1.3-1/src/elogd.c:25609:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(file_name, O_RDONLY);
data/elog-3.1.3-1/src/elogd.c:25613:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(file_name, O_CREAT | O_RDWR, 0600);
data/elog-3.1.3-1/src/elogd.c:25616:10: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, ": ");
data/elog-3.1.3-1/src/elogd.c:25677:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str1[256], str2[256], error[256];
data/elog-3.1.3-1/src/elogd.c:25724:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256], global[256], orig_topgroup[256];
data/elog-3.1.3-1/src/elogd.c:25754:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int get_user_line(LOGBOOK * lbs, char *user, char *password, char *full_name, char *email,
data/elog-3.1.3-1/src/elogd.c:25754:46: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int get_user_line(LOGBOOK * lbs, char *user, char *password, char *full_name, char *email,
data/elog-3.1.3-1/src/elogd.c:25754:62: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int get_user_line(LOGBOOK * lbs, char *user, char *password, char *full_name, char *email,
data/elog-3.1.3-1/src/elogd.c:25754:79: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int get_user_line(LOGBOOK * lbs, char *user, char *password, char *full_name, char *email,
data/elog-3.1.3-1/src/elogd.c:25759:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256];
data/elog-3.1.3-1/src/elogd.c:25814:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
*inactive = atoi(mxml_get_value(node));
data/elog-3.1.3-1/src/elogd.c:25861:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256];
data/elog-3.1.3-1/src/elogd.c:25862:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/elog-3.1.3-1/src/elogd.c:25867:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(str, O_CREAT | O_RDWR, 0644);
data/elog-3.1.3-1/src/elogd.c:25881:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256], global[256], orig_topgroup[256], file_name[256];
data/elog-3.1.3-1/src/elogd.c:25970:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256], global[256], orig_topgroup[256], file_name[256];
data/elog-3.1.3-1/src/elogd.c:26008:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%d", inactive);
data/elog-3.1.3-1/src/elogd.c:26032:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256], pwd_enc[256], file_name[256], orig_topgroup[256], global[256];
data/elog-3.1.3-1/src/elogd.c:26088:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256], file_name[256];
data/elog-3.1.3-1/src/elogd.c:26111:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "/list/user[%d]/name", n + 1);
data/elog-3.1.3-1/src/elogd.c:26124:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[1000];
data/elog-3.1.3-1/src/elogd.c:26125:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char list[MAX_N_LIST][NAME_LENGTH];
data/elog-3.1.3-1/src/elogd.c:26160:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[1000];
data/elog-3.1.3-1/src/elogd.c:26161:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char list[MAX_N_LIST][NAME_LENGTH];
data/elog-3.1.3-1/src/elogd.c:26162:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char logbook[1000];
data/elog-3.1.3-1/src/elogd.c:26197:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[1000];
data/elog-3.1.3-1/src/elogd.c:26198:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char list[MAX_N_LIST][NAME_LENGTH];
data/elog-3.1.3-1/src/elogd.c:26219:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256], str2[256];
data/elog-3.1.3-1/src/elogd.c:26286:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (isparam("urem") && atoi(getparam("urem")) == 0)
data/elog-3.1.3-1/src/elogd.c:26307:89: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
show_forgot_link = (!getcfg(lbs->name, "allow password change", str, sizeof(str)) || atoi(str) == 1);
data/elog-3.1.3-1/src/elogd.c:26308:82: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
show_self_register = (getcfg(lbs->name, "Self register", str, sizeof(str)) && atoi(str) > 0);
data/elog-3.1.3-1/src/elogd.c:26341:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[1000], pwd_file[256], user_name[256], upwd[256];
data/elog-3.1.3-1/src/elogd.c:26359:74: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (getcfg(lbs->name, "forgot password link", str, sizeof(str)) && atoi(str) == 0)
data/elog-3.1.3-1/src/elogd.c:26401:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, ": ");
data/elog-3.1.3-1/src/elogd.c:26464:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[10000], date[256], slist[MAX_N_ATTR + 10][NAME_LENGTH], svalue[MAX_N_ATTR + 10][NAME_LENGTH],
data/elog-3.1.3-1/src/elogd.c:26476:76: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!getcfg(plb->name, "Expand selection page", str, sizeof(str)) || atoi(str) == 1)
data/elog-3.1.3-1/src/elogd.c:26527:61: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!getcfg(plb->name, "Hidden", str, sizeof(str)) || atoi(str) == 0) {
data/elog-3.1.3-1/src/elogd.c:26553:71: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!getcfg(plb->name, "Hide Comments", str, sizeof(str)) || atoi(str) == 0) {
data/elog-3.1.3-1/src/elogd.c:26571:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attrib[MAX_N_ATTR][NAME_LENGTH];
data/elog-3.1.3-1/src/elogd.c:26578:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "$entry time");
data/elog-3.1.3-1/src/elogd.c:26586:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mid, "%d", message_id);
data/elog-3.1.3-1/src/elogd.c:26602:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[10000], name[NAME_LENGTH], name_enc[NAME_LENGTH];
data/elog-3.1.3-1/src/elogd.c:26607:86: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sizeof(str)) && atoi(str) == 1)
data/elog-3.1.3-1/src/elogd.c:26650:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[10000], file_name[256];
data/elog-3.1.3-1/src/elogd.c:26690:68: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (getcfg("global", "show top groups", str, sizeof(str)) && atoi(str) == 1) {
data/elog-3.1.3-1/src/elogd.c:26699:86: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sizeof(str)) && atoi(str) == 1)
data/elog-3.1.3-1/src/elogd.c:26753:72: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!getcfg("global", "Expand selection page", str, sizeof(str)) || atoi(str) == 1)
data/elog-3.1.3-1/src/elogd.c:26793:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char last_password[32];
data/elog-3.1.3-1/src/elogd.c:26806:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256];
data/elog-3.1.3-1/src/elogd.c:26867:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256], index[10];
data/elog-3.1.3-1/src/elogd.c:26877:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cur_mon = atoi(getparam("m"));
data/elog-3.1.3-1/src/elogd.c:26878:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cur_year = atoi(getparam("y"));
data/elog-3.1.3-1/src/elogd.c:26962:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%d", ts->tm_mday);
data/elog-3.1.3-1/src/elogd.c:26993:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256];
data/elog-3.1.3-1/src/elogd.c:27016:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str + strlen(str), " %d MB", MAX_CONTENT_LENGTH / 1024 / 1024);
data/elog-3.1.3-1/src/elogd.c:27018:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str + strlen(str), " %d kB", MAX_CONTENT_LENGTH / 1024);
data/elog-3.1.3-1/src/elogd.c:27039:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256], att[256], base_url[256], file_enc[256], ref[256], ref_thumb[256];
data/elog-3.1.3-1/src/elogd.c:27051:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "attachment%d", i);
data/elog-3.1.3-1/src/elogd.c:27108:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char charset[256];
data/elog-3.1.3-1/src/elogd.c:27109:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[256], thumbname[256], attchname[256], subdir[256];
data/elog-3.1.3-1/src/elogd.c:27140:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(attchname, "attachment%d", i);
data/elog-3.1.3-1/src/elogd.c:27202:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char list[1000], section[256], str[NAME_LENGTH], str1[NAME_LENGTH], str2[NAME_LENGTH],
data/elog-3.1.3-1/src/elogd.c:27219:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
_logging_level = atoi(str);
data/elog-3.1.3-1/src/elogd.c:27223:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
message_id = atoi(dec_path);
data/elog-3.1.3-1/src/elogd.c:27299:63: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (getcfg(group, "Self register", str, sizeof(str)) && atoi(str) > 0) {
data/elog-3.1.3-1/src/elogd.c:27307:62: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!activate_user(NULL, getparam("new_user_name"), atoi(getparam("code"))))
data/elog-3.1.3-1/src/elogd.c:27367:70: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!getcfg(group, "Self register", str, sizeof(str)) || atoi(str) == 0) {
data/elog-3.1.3-1/src/elogd.c:27475:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "Error: Misconfigured webserver, did not get X-Forwarded-User from it.");
data/elog-3.1.3-1/src/elogd.c:27504:71: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!getcfg(lbs->name, "Self register", str, sizeof(str)) || atoi(str) == 0) {
data/elog-3.1.3-1/src/elogd.c:27573:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!activate_user(lbs, uname, atoi(getparam("code"))))
data/elog-3.1.3-1/src/elogd.c:27619:73: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (getcfg(lbs->name, "Self register", str, sizeof(str)) && atoi(str) > 0) {
data/elog-3.1.3-1/src/elogd.c:27653:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
el_lock_message(lbs, atoi(getparam("edit_id")), NULL, FALSE);
data/elog-3.1.3-1/src/elogd.c:27656:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
el_draft_message(lbs, atoi(getparam("edit_id")), NULL, FALSE);
data/elog-3.1.3-1/src/elogd.c:27664:66: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (getcfg(lbs->name, "Back to main", str, sizeof(str)) && atoi(str) == 1)
data/elog-3.1.3-1/src/elogd.c:27665:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "../");
data/elog-3.1.3-1/src/elogd.c:27674:42: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
status = el_delete_message(lbs, atoi(getparam("edit_id")), TRUE, NULL, TRUE, TRUE);
data/elog-3.1.3-1/src/elogd.c:27690:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
el_lock_message(lbs, atoi(getparam("edit_id")), NULL, FALSE);
data/elog-3.1.3-1/src/elogd.c:27698:66: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (getcfg(lbs->name, "Back to main", str, sizeof(str)) && atoi(str) == 1)
data/elog-3.1.3-1/src/elogd.c:27699:10: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "../");
data/elog-3.1.3-1/src/elogd.c:27708:66: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (getcfg(lbs->name, "Back to main", str, sizeof(str)) && atoi(str) == 1) {
data/elog-3.1.3-1/src/elogd.c:27727:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(strchr(str, ' '));
data/elog-3.1.3-1/src/elogd.c:27728:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "last%d", i);
data/elog-3.1.3-1/src/elogd.c:27730:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str + strlen(str), "?mode=");
data/elog-3.1.3-1/src/elogd.c:27739:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i = atoi(strchr(str, ' '));
data/elog-3.1.3-1/src/elogd.c:27740:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "past%d", i);
data/elog-3.1.3-1/src/elogd.c:27748:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
show_elog_list(lbs, atoi(path + 4), 0, 0, FALSE, NULL);
data/elog-3.1.3-1/src/elogd.c:27754:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
&& !isparam("newpwd") && atoi(path + 4) > 0) {
data/elog-3.1.3-1/src/elogd.c:27755:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
show_elog_list(lbs, 0, atoi(path + 4), 0, FALSE, NULL);
data/elog-3.1.3-1/src/elogd.c:27763:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
show_elog_list(lbs, 0, 0, atoi(path + 4), FALSE, NULL);
data/elog-3.1.3-1/src/elogd.c:27847:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
message_id = atoi(dec_path);
data/elog-3.1.3-1/src/elogd.c:27848:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
n = atoi(strchr(dec_path, '/') + 1) - 1;
data/elog-3.1.3-1/src/elogd.c:27851:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "Attachment #%d of entry #%d not found", n + 1, message_id);
data/elog-3.1.3-1/src/elogd.c:27921:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(file_name, "r");
data/elog-3.1.3-1/src/elogd.c:27944:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(file_name, "r");
data/elog-3.1.3-1/src/elogd.c:27967:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(file_name, "r");
data/elog-3.1.3-1/src/elogd.c:27987:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "delatt%d", i);
data/elog-3.1.3-1/src/elogd.c:27989:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "attachment%d", i);
data/elog-3.1.3-1/src/elogd.c:27994:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "attachment%d", j + 1);
data/elog-3.1.3-1/src/elogd.c:27999:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "attachment%d", j);
data/elog-3.1.3-1/src/elogd.c:28006:51: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
show_edit_form(lbs, isparam("edit_id") ? atoi(getparam("edit_id")) : 0,
data/elog-3.1.3-1/src/elogd.c:28013:48: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
show_edit_form(lbs, isparam("edit_id") ? atoi(getparam("edit_id")) : 0,
data/elog-3.1.3-1/src/elogd.c:28034:48: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
show_edit_form(lbs, isparam("edit_id") ? atoi(getparam("edit_id")) : 0,
data/elog-3.1.3-1/src/elogd.c:28059:48: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
show_edit_form(lbs, isparam("edit_id") ? atoi(getparam("edit_id")) : 0,
data/elog-3.1.3-1/src/elogd.c:28089:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (dec_path[0] && atoi(dec_path) == 0 && strchr(dec_path, '/') != NULL) {
data/elog-3.1.3-1/src/elogd.c:28202:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(section, "global");
data/elog-3.1.3-1/src/elogd.c:28204:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(section, "global ");
data/elog-3.1.3-1/src/elogd.c:28234:58: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!activate_user(lbs, getparam("new_user_name"), atoi(getparam("code"))))
data/elog-3.1.3-1/src/elogd.c:28325:68: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (getcfg(lbs->name, "Logout to main", str, sizeof(str)) && atoi(str) == 1) {
data/elog-3.1.3-1/src/elogd.c:28326:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "../");
data/elog-3.1.3-1/src/elogd.c:28378:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[256];
data/elog-3.1.3-1/src/elogd.c:28418:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[MAX_PATH_LENGTH], full_name[MAX_PATH_LENGTH], str[NAME_LENGTH], str2[NAME_LENGTH],
data/elog-3.1.3-1/src/elogd.c:28445:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
n_att = atoi(item + 10) + 1;
data/elog-3.1.3-1/src/elogd.c:28582:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
status = atoi(strchr(buffer, ' ') + 1);
data/elog-3.1.3-1/src/elogd.c:28593:22: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "attachment%d", n_att++);
data/elog-3.1.3-1/src/elogd.c:28605:19: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "attachment%d", n_att++);
data/elog-3.1.3-1/src/elogd.c:28624:22: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str,
data/elog-3.1.3-1/src/elogd.c:28682:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char remote_host[N_MAX_CONNECTION][256];
data/elog-3.1.3-1/src/elogd.c:28687:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str2[1000], url[2000], format[256], cookie[256], boundary[256],
data/elog-3.1.3-1/src/elogd.c:28840:67: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (getcfg("global", "Resolve host names", str, strsize) && atoi(str) == 1) {
data/elog-3.1.3-1/src/elogd.c:28877:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "GET / HTTP/1.0\r\n\r\n");
data/elog-3.1.3-1/src/elogd.c:29193:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
content_length = atoi(strstr(request, "Content-Length:") + 15);
data/elog-3.1.3-1/src/elogd.c:29195:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
content_length = atoi(strstr(request, "Content-length:") + 15);
data/elog-3.1.3-1/src/elogd.c:29243:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[NAME_LENGTH];
data/elog-3.1.3-1/src/elogd.c:29261:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "Return %d bytes", return_length);
data/elog-3.1.3-1/src/elogd.c:29278:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(header_buffer, return_buffer, header_length);
data/elog-3.1.3-1/src/elogd.c:29279:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(header_buffer + header_length, "\r\nContent-Length: %d\r\n\r\n", length);
data/elog-3.1.3-1/src/elogd.c:29315:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(header_buffer, return_buffer, header_length);
data/elog-3.1.3-1/src/elogd.c:29316:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(header_buffer + header_length, "\r\nConnection: Close\r\n\r\n");
data/elog-3.1.3-1/src/elogd.c:29357:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(str) == value)
data/elog-3.1.3-1/src/elogd.c:29365:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
low = atoi(str);
data/elog-3.1.3-1/src/elogd.c:29366:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
high = atoi(strchr(str, '-') + 1);
data/elog-3.1.3-1/src/elogd.c:29389:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *p, str[256], cron[5][256];
data/elog-3.1.3-1/src/elogd.c:29392:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char list[60][NAME_LENGTH];
data/elog-3.1.3-1/src/elogd.c:29453:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&last_time, ts, sizeof(struct tm));
data/elog-3.1.3-1/src/elogd.c:29489:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256], pwd[256];
data/elog-3.1.3-1/src/elogd.c:29540:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[1000], logbook[256], logbook_enc[256];
data/elog-3.1.3-1/src/elogd.c:29570:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
_logging_level = atoi(str);
data/elog-3.1.3-1/src/elogd.c:29576:53: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (getcfg("global", "SSL", str, sizeof(str)) && atoi(str) == 1) {
data/elog-3.1.3-1/src/elogd.c:29615:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&serv_addr.sin_addr.s_addr, phe->h_addr_list[0], phe->h_length);
data/elog-3.1.3-1/src/elogd.c:29681:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/elog-3.1.3-1/src/elogd.c:29690:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pidfile + strlen(pidfile), ".%d", elog_tcp_port);
data/elog-3.1.3-1/src/elogd.c:29700:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(pidfile, O_CREAT | O_RDWR, 0644);
data/elog-3.1.3-1/src/elogd.c:29707:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%d\n", (int) getpid());
data/elog-3.1.3-1/src/elogd.c:29856:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "SSLServer listening on port %d ...\n", elog_tcp_port);
data/elog-3.1.3-1/src/elogd.c:29858:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "Server listening on port %d ...\n", elog_tcp_port);
data/elog-3.1.3-1/src/elogd.c:29951:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&remote_addr[i_conn], &(acc_addr.sin_addr), sizeof(rem_addr));
data/elog-3.1.3-1/src/elogd.c:29954:77: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (getcfg("global", "Resolve host names", str, sizeof(str)) && atoi(str) == 1) {
data/elog-3.1.3-1/src/elogd.c:30044:31: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str,
data/elog-3.1.3-1/src/elogd.c:30088:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
content_length = atoi(strstr(net_buffer, "Content-Length:") + 15);
data/elog-3.1.3-1/src/elogd.c:30090:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
content_length = atoi(strstr(net_buffer, "Content-length:") + 15);
data/elog-3.1.3-1/src/elogd.c:30132:28: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(str, "<br>");
data/elog-3.1.3-1/src/elogd.c:30166:25: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(str, "Received unknown HTTP command: ");
data/elog-3.1.3-1/src/elogd.c:30292:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c[3];
data/elog-3.1.3-1/src/elogd.c:30409:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c, str[256];
data/elog-3.1.3-1/src/elogd.c:30447:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *cfgbuffer, str[256], *p;
data/elog-3.1.3-1/src/elogd.c:30449:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(config_file, O_RDONLY);
data/elog-3.1.3-1/src/elogd.c:30452:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(config_file, O_CREAT | O_WRONLY, 0640);
data/elog-3.1.3-1/src/elogd.c:30471:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(config_file, O_TRUNC | O_WRONLY, 0640);
data/elog-3.1.3-1/src/elogd.c:30537:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256];
data/elog-3.1.3-1/src/elogd.c:30580:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[2048], dir[2048], cmd[2080];
data/elog-3.1.3-1/src/elogd.c:30805:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char smtp_pwd[80], str[256], logbook[256], clone_url[256], error_str[256], file_name[256];
data/elog-3.1.3-1/src/elogd.c:30855:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (i < argc-1 && atoi(argv[i+1]) > 0) {
data/elog-3.1.3-1/src/elogd.c:30856:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
set_verbose(atoi(argv[i+1]));
data/elog-3.1.3-1/src/elogd.c:30905:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
tcp_port_cl = atoi(argv[++i]);
data/elog-3.1.3-1/src/elogd.c:30982:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(config_file, O_RDONLY | O_BINARY);
data/elog-3.1.3-1/src/elogd.c:31007:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(config_file, O_RDONLY | O_BINARY);
data/elog-3.1.3-1/src/elogd.c:31058:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(logbook_dir, "logbooks");
data/elog-3.1.3-1/src/elogd.c:31188:53: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (getcfg("global", "SSL", str, sizeof(str)) && atoi(str) == 1)
data/elog-3.1.3-1/src/elogd.c:31198:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
elog_tcp_port = atoi(str);
data/elog-3.1.3-1/src/elogd.c:31203:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
_max_content_length = atoi(str);
data/elog-3.1.3-1/src/elogd.h:224:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char subdir[256];
data/elog-3.1.3-1/src/elogd.h:225:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[32];
data/elog-3.1.3-1/src/elogd.h:229:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char md5_digest[16];
data/elog-3.1.3-1/src/elogd.h:233:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[256];
data/elog-3.1.3-1/src/elogd.h:234:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_enc[256];
data/elog-3.1.3-1/src/elogd.h:235:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data_dir[256];
data/elog-3.1.3-1/src/elogd.h:236:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char top_group[256];
data/elog-3.1.3-1/src/elogd.h:245:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char md5_digest[16];
data/elog-3.1.3-1/src/elogd.h:251:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[256];
data/elog-3.1.3-1/src/elogd.h:260:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[256];
data/elog-3.1.3-1/src/elogd.h:266:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char user_name[256];
data/elog-3.1.3-1/src/elogd.h:267:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char session_id[32];
data/elog-3.1.3-1/src/elogd.h:268:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char host_ip[32];
data/elog-3.1.3-1/src/elogd.h:276:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int get_user_line(LOGBOOK * lbs, char *user, char *password, char *full_name, char *email,
data/elog-3.1.3-1/src/elogd.h:276:46: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int get_user_line(LOGBOOK * lbs, char *user, char *password, char *full_name, char *email,
data/elog-3.1.3-1/src/elogd.h:276:62: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int get_user_line(LOGBOOK * lbs, char *user, char *password, char *full_name, char *email,
data/elog-3.1.3-1/src/elogd.h:276:79: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int get_user_line(LOGBOOK * lbs, char *user, char *password, char *full_name, char *email,
data/elog-3.1.3-1/src/elogd.h:281:50: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int execute_shell(LOGBOOK * lbs, int message_id, char attrib[MAX_N_ATTR][NAME_LENGTH],
data/elog-3.1.3-1/src/elogd.h:282:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char att_file[MAX_ATTACHMENTS][256], char *sh_cmd);
data/elog-3.1.3-1/src/locext.c:51:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(filename, O_RDONLY | O_BINARY);
data/elog-3.1.3-1/src/locext.c:74:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buf, *bufout, *p, *p2, str[1000], line[1000];
data/elog-3.1.3-1/src/locext.c:122:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fho = open(outfile, O_CREAT | O_WRONLY | O_APPEND | O_BINARY, 644);
data/elog-3.1.3-1/src/locext.c:129:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line,
data/elog-3.1.3-1/src/locext.c:196:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fho = open(outfile, O_CREAT | O_WRONLY | O_BINARY | O_TRUNC, 644);
data/elog-3.1.3-1/src/mxml.c:199:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256], line[1000];
data/elog-3.1.3-1/src/mxml.c:213:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(line, "<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?>\n");
data/elog-3.1.3-1/src/mxml.c:246:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256], line[1000];
data/elog-3.1.3-1/src/mxml.c:254:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
writer->fh = open(file_name, O_RDWR | O_CREAT | O_TRUNC | O_TEXT, 0644);
data/elog-3.1.3-1/src/mxml.c:264:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(line, "<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?>\n");
data/elog-3.1.3-1/src/mxml.c:308:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(pd, "<");
data/elog-3.1.3-1/src/mxml.c:312:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(pd, ">");
data/elog-3.1.3-1/src/mxml.c:316:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(pd, "&");
data/elog-3.1.3-1/src/mxml.c:320:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(pd, """);
data/elog-3.1.3-1/src/mxml.c:324:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(pd, "'");
data/elog-3.1.3-1/src/mxml.c:333:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(pd, "<");
data/elog-3.1.3-1/src/mxml.c:337:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(pd, "&");
data/elog-3.1.3-1/src/mxml.c:412:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1000], name_enc[1000];
data/elog-3.1.3-1/src/mxml.c:465:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1000];
data/elog-3.1.3-1/src/mxml.c:477:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(line, "/>\n");
data/elog-3.1.3-1/src/mxml.c:505:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_enc[4096], val_enc[4096], line[8192];
data/elog-3.1.3-1/src/mxml.c:576:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[1000];
data/elog-3.1.3-1/src/mxml.c:670:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(root->name, "root");
data/elog-3.1.3-1/src/mxml.c:696:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&parent->child[i], &parent->child[i-1], sizeof(MXML_NODE));
data/elog-3.1.3-1/src/mxml.c:785:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&parent->child[i], &parent->child[i-1], sizeof(MXML_NODE));
data/elog-3.1.3-1/src/mxml.c:796:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(parent->child+idx, tree, sizeof(MXML_NODE));
data/elog-3.1.3-1/src/mxml.c:908:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *p3, node_name[256], condition[256];
data/elog-3.1.3-1/src/mxml.c:909:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cond_name[MXML_MAX_CONDITION][256], cond_value[MXML_MAX_CONDITION][256];
data/elog-3.1.3-1/src/mxml.c:930:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(node_name, p1, len);
data/elog-3.1.3-1/src/mxml.c:939:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
idx = atoi(p2);
data/elog-3.1.3-1/src/mxml.c:1242:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&parent->child[j], &parent->child[j+1], sizeof(MXML_NODE));
data/elog-3.1.3-1/src/mxml.c:1294:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *msg, str[1000];
data/elog-3.1.3-1/src/mxml.c:1300:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "XML read error, line %d: ", line_number);
data/elog-3.1.3-1/src/mxml.c:1329:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char node_name[256], attrib_name[256], attrib_value[1000], quote;
data/elog-3.1.3-1/src/mxml.c:1381:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pnew->value, pv, len);
data/elog-3.1.3-1/src/mxml.c:1407:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pnew->value, pv, len);
data/elog-3.1.3-1/src/mxml.c:1510:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(attrib_name, p, len);
data/elog-3.1.3-1/src/mxml.c:1548:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(attrib_value, p, len);
data/elog-3.1.3-1/src/mxml.c:1615:22: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pnew->value, p, len);
data/elog-3.1.3-1/src/mxml.c:1652:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entity_name[MXML_MAX_ENTITY][256];
data/elog-3.1.3-1/src/mxml.c:1653:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char entity_reference_name[MXML_MAX_ENTITY][256];
data/elog-3.1.3-1/src/mxml.c:1654:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *entity_value[MXML_MAX_ENTITY];
data/elog-3.1.3-1/src/mxml.c:1661:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char directoryname[FILENAME_MAX];
data/elog-3.1.3-1/src/mxml.c:1662:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[FILENAME_MAX];
data/elog-3.1.3-1/src/mxml.c:1886:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(replacement, p, len);
data/elog-3.1.3-1/src/mxml.c:1933:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(filename, O_RDONLY | O_TEXT, 0644);
data/elog-3.1.3-1/src/mxml.c:2039:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *buf, line[1000];
data/elog-3.1.3-1/src/mxml.c:2046:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fh = open(file_name, O_RDONLY | O_TEXT, 0644);
data/elog-3.1.3-1/src/mxml.c:2060:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(line, "Cannot allocate buffer: ");
data/elog-3.1.3-1/src/mxml.c:2144:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(clone, tree, sizeof(MXML_NODE));
data/elog-3.1.3-1/src/mxml.c:2290:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[FILENAME_MAX];
data/elog-3.1.3-1/src/mxml.c:2338:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(path, "%c", *p);
data/elog-3.1.3-1/src/mxml.h:66:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MXML_NAME_LENGTH]; // name of element <[name]>[value]</[name]>
data/elog-3.1.3-1/src/regex.c:60:9: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#ifndef bcopy
data/elog-3.1.3-1/src/regex.c:61:9: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define bcopy(s, d, n) memcpy ((d), (s), (n))
data/elog-3.1.3-1/src/regex.c:61:24: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define bcopy(s, d, n) memcpy ((d), (s), (n))
data/elog-3.1.3-1/src/regex.c:95:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char re_syntax_table[CHAR_SET_SIZE];
data/elog-3.1.3-1/src/regex.c:215:4: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy (source, destination, osize), \
data/elog-3.1.3-1/src/regex.c:1394:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[CHAR_CLASS_MAX_LENGTH + 1];
data/elog-3.1.3-1/src/regex.c:2137:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
range_start = ((unsigned char *) p)[-2];
data/elog-3.1.3-1/src/regex.c:2138:27: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
range_end = ((unsigned char *) p)[0];
data/elog-3.1.3-1/src/regex.c:4466:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
return (char *) re_error_msg[(int) ret];
data/elog-3.1.3-1/src/auth.c:175:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = strlen(error_str) + result_string.length;
data/elog-3.1.3-1/src/crypt.c:371:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
key_len = strlen(key);
data/elog-3.1.3-1/src/crypt.c:498:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buffer, sha256_salt_prefix, MAX(0, buflen));
data/elog-3.1.3-1/src/crypt.c:499:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cp = buffer + strlen(buffer);
data/elog-3.1.3-1/src/crypt.c:514:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(cp, salt, MIN((size_t) MAX(0, buflen), salt_len));
data/elog-3.1.3-1/src/crypt.c:515:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cp = cp + strlen(cp);
data/elog-3.1.3-1/src/crypt.c:582:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ sizeof(sha256_rounds_prefix) + 9 + 1 + strlen(salt) + 1 + 43 + 1);
data/elog-3.1.3-1/src/elconv.c:148:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (pc = strstr(message, key) + strlen(key); *pc != '\n' && *pc != '\r';)
data/elog-3.1.3-1/src/elconv.c:233:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(*plist + (i * MAX_PATH_LENGTH), dp->d_name, strlen(dp->d_name));
data/elog-3.1.3-1/src/elconv.c:233:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(*plist + (i * MAX_PATH_LENGTH), dp->d_name, strlen(dp->d_name));
data/elog-3.1.3-1/src/elconv.c:234:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*(*plist + (i * MAX_PATH_LENGTH) + strlen(dp->d_name)) = '\0';
data/elog-3.1.3-1/src/elconv.c:249:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(str, "\\");
data/elog-3.1.3-1/src/elconv.c:260:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(*plist + (i * MAX_PATH_LENGTH), lpfdata->cFileName, strlen(lpfdata->cFileName));
data/elog-3.1.3-1/src/elconv.c:260:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(*plist + (i * MAX_PATH_LENGTH), lpfdata->cFileName, strlen(lpfdata->cFileName));
data/elog-3.1.3-1/src/elconv.c:261:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*(*plist + (i * MAX_PATH_LENGTH) + strlen(lpfdata->cFileName)) = '\0';
data/elog-3.1.3-1/src/elconv.c:265:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(*plist + (i * MAX_PATH_LENGTH), lpfdata->cFileName, strlen(lpfdata->cFileName));
data/elog-3.1.3-1/src/elconv.c:265:67: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(*plist + (i * MAX_PATH_LENGTH), lpfdata->cFileName, strlen(lpfdata->cFileName));
data/elog-3.1.3-1/src/elconv.c:266:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*(*plist + (i * MAX_PATH_LENGTH) + strlen(lpfdata->cFileName)) = '\0';
data/elog-3.1.3-1/src/elconv.c:465:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
i = read(lfh, str, 17);
data/elog-3.1.3-1/src/elconv.c:487:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
i = read(lfh, str, 15);
data/elog-3.1.3-1/src/elconv.c:504:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
i = read(lfh, str, 15);
data/elog-3.1.3-1/src/elconv.c:662:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(fh, str, 16);
data/elog-3.1.3-1/src/elconv.c:664:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(fh, message, size);
data/elog-3.1.3-1/src/elconv.c:682:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
n = read(fh, buffer, tail_size);
data/elog-3.1.3-1/src/elconv.c:710:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(message + strlen(message), "Thread: %s\n", thread);
data/elog-3.1.3-1/src/elconv.c:713:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(message + strlen(message), "%s: %s\n", attr_name[i], attr_value[i]);
data/elog-3.1.3-1/src/elconv.c:733:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(message + strlen(message), "Attachment: %s", afile_name[i]);
data/elog-3.1.3-1/src/elconv.c:736:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(message + strlen(message), ",%s", afile_name[i]);
data/elog-3.1.3-1/src/elconv.c:741:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(message + strlen(message), "Attachment: %s", p);
data/elog-3.1.3-1/src/elconv.c:744:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(message + strlen(message), ",%s", p);
data/elog-3.1.3-1/src/elconv.c:749:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(message + strlen(message), "Attachment: %s", afile_name[0]);
data/elog-3.1.3-1/src/elconv.c:752:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(message + strlen(message), ",%s", afile_name[i]);
data/elog-3.1.3-1/src/elconv.c:754:4: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(message + strlen(message), "\n");
data/elog-3.1.3-1/src/elconv.c:754:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(message + strlen(message), "\n");
data/elog-3.1.3-1/src/elconv.c:756:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(message + strlen(message), "Encoding: %s\n", encoding);
data/elog-3.1.3-1/src/elconv.c:757:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(message + strlen(message), "========================================\n");
data/elog-3.1.3-1/src/elconv.c:764:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(message) + strlen(start_str) + strlen(end_str);
data/elog-3.1.3-1/src/elconv.c:764:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(message) + strlen(start_str) + strlen(end_str);
data/elog-3.1.3-1/src/elconv.c:764:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(message) + strlen(start_str) + strlen(end_str);
data/elog-3.1.3-1/src/elconv.c:772:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write(fh, start_str, strlen(start_str));
data/elog-3.1.3-1/src/elconv.c:773:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write(fh, message, strlen(message));
data/elog-3.1.3-1/src/elconv.c:774:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write(fh, end_str, strlen(end_str));
data/elog-3.1.3-1/src/elconv.c:801:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(fh, str, 16);
data/elog-3.1.3-1/src/elconv.c:866:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
i = read(fh, str, 16);
data/elog-3.1.3-1/src/elconv.c:881:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(fh, message, size);
data/elog-3.1.3-1/src/elconv.c:1003:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write(fh, str, strlen(str));
data/elog-3.1.3-1/src/elconv.c:1014:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write(fh, str, strlen(str));
data/elog-3.1.3-1/src/elconv.c:1026:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write(fh, str, strlen(str));
data/elog-3.1.3-1/src/elconv.c:1034:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (message[strlen(message) - 1] != '\n')
data/elog-3.1.3-1/src/elconv.c:1035:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(message, "\n");
data/elog-3.1.3-1/src/elconv.c:1036:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write(fh, message, strlen(message));
data/elog-3.1.3-1/src/elog.c:94:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pad = 3 - strlen((char *) s) % 3;
data/elog-3.1.3-1/src/elog.c:158:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < (int) strlen(str); i++)
data/elog-3.1.3-1/src/elog.c:202:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(p) > 0 && p[strlen(p) - 1] == '\n')
data/elog-3.1.3-1/src/elog.c:202:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(p) > 0 && p[strlen(p) - 1] == '\n')
data/elog-3.1.3-1/src/elog.c:203:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p[strlen(p) - 1] = 0;
data/elog-3.1.3-1/src/elog.c:224:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int) strlen(buffer) + 2 >= bufsize) {
data/elog-3.1.3-1/src/elog.c:384:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(request + strlen(request), "%s/%s/%d?cmd=download", subdir, str, message_id);
data/elog-3.1.3-1/src/elog.c:386:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(request + strlen(request), "%s/%d?cmd=download", subdir, message_id);
data/elog-3.1.3-1/src/elog.c:388:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(request + strlen(request), "%s/%d?cmd=download", str, message_id);
data/elog-3.1.3-1/src/elog.c:391:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(request + strlen(request), "User-Agent: ELOG\r\n");
data/elog-3.1.3-1/src/elog.c:397:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(request + strlen(request), "Cookie: ");
data/elog-3.1.3-1/src/elog.c:400:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(request + strlen(request), "unm=%s;", uname);
data/elog-3.1.3-1/src/elog.c:405:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(request + strlen(request), "Cookie: ");
data/elog-3.1.3-1/src/elog.c:409:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(request + strlen(request), "upwd=%s;", encrypted_passwd);
data/elog-3.1.3-1/src/elog.c:421:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SSL_write(ssl_con, request, strlen(request));
data/elog-3.1.3-1/src/elog.c:424:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send(sock, request, strlen(request), 0);
data/elog-3.1.3-1/src/elog.c:491:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ps += strlen(attrib_name[index]) + 2;
data/elog-3.1.3-1/src/elog.c:502:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ps += strlen(attrib[index]);
data/elog-3.1.3-1/src/elog.c:524:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(str, strstr(response, "Location:") + 10, sizeof(str));
data/elog-3.1.3-1/src/elog.c:725:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen(p) + 1;
data/elog-3.1.3-1/src/elog.c:777:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(content + strlen(content),
data/elog-3.1.3-1/src/elog.c:782:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(content + strlen(content),
data/elog-3.1.3-1/src/elog.c:788:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(content + strlen(content),
data/elog-3.1.3-1/src/elog.c:792:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(content + strlen(content),
data/elog-3.1.3-1/src/elog.c:796:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(content + strlen(content),
data/elog-3.1.3-1/src/elog.c:798:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(content + strlen(content),
data/elog-3.1.3-1/src/elog.c:803:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(content + strlen(content),
data/elog-3.1.3-1/src/elog.c:807:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(content + strlen(content),
data/elog-3.1.3-1/src/elog.c:810:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(content + strlen(content),
data/elog-3.1.3-1/src/elog.c:813:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(content + strlen(content),
data/elog-3.1.3-1/src/elog.c:820:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(content + strlen(content),
data/elog-3.1.3-1/src/elog.c:826:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(content + strlen(content),
data/elog-3.1.3-1/src/elog.c:830:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
content_length = strlen(content);
data/elog-3.1.3-1/src/elog.c:839:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
content_length += strlen(p);
data/elog-3.1.3-1/src/elog.c:840:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen(p);
data/elog-3.1.3-1/src/elog.c:846:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
content_length += buffer_size[i] + strlen(p);
data/elog-3.1.3-1/src/elog.c:847:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen(p);
data/elog-3.1.3-1/src/elog.c:853:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(request + strlen(request), "%s/", subdir);
data/elog-3.1.3-1/src/elog.c:857:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(request + strlen(request), "%s/", str);
data/elog-3.1.3-1/src/elog.c:861:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(request + strlen(request), "Content-Type: multipart/form-data; boundary=%s\r\n", boundary);
data/elog-3.1.3-1/src/elog.c:866:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(request + strlen(request), "Host: %s\r\n", str);
data/elog-3.1.3-1/src/elog.c:867:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(request + strlen(request), "User-Agent: ELOG\r\n");
data/elog-3.1.3-1/src/elog.c:868:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(request + strlen(request), "Content-Length: %d\r\n", content_length);
data/elog-3.1.3-1/src/elog.c:872:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
header_length = strlen(request);
data/elog-3.1.3-1/src/elog.c:956:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(str, strstr(response, "Location:") + 10, sizeof(str));
data/elog-3.1.3-1/src/elog.c:977:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(str, strstr(response, "Error: Attribute") + 27, sizeof(str));
data/elog-3.1.3-1/src/elog.c:982:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(str, strstr(response, "Error: Attribute") + 20, sizeof(str));
data/elog-3.1.3-1/src/elog.c:1156:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
i = read(fh, text, size);
data/elog-3.1.3-1/src/elog.c:1172:14: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
i = getchar();
data/elog-3.1.3-1/src/elog.c:1202:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
n = read(fh, buffer[i], att_size[i]);
data/elog-3.1.3-1/src/elogd.c:242:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(str1) != strlen(str2))
data/elog-3.1.3-1/src/elogd.c:242:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(str1) != strlen(str2))
data/elog-3.1.3-1/src/elogd.c:267:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int) strlen(str1) < n || (int) strlen(str2) < n)
data/elog-3.1.3-1/src/elogd.c:267:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int) strlen(str1) < n || (int) strlen(str2) < n)
data/elog-3.1.3-1/src/elogd.c:334:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
extl = strlen(ext);
data/elog-3.1.3-1/src/elogd.c:335:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strl = strlen(str);
data/elog-3.1.3-1/src/elogd.c:371:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
i = read(fh, (char *) buffer + n, bytes - n);
data/elog-3.1.3-1/src/elogd.c:389:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read(fh, buffer, bytes);
data/elog-3.1.3-1/src/elogd.c:537:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s = (char *) xmalloc(strlen(string) + 1);
data/elog-3.1.3-1/src/elogd.c:557:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int total_width = strlen(format) + 1;
data/elog-3.1.3-1/src/elogd.c:613:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
total_width += strlen(va_arg(ap, char *));
data/elog-3.1.3-1/src/elogd.c:695:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = xmalloc(strlen(buf) + 2);
data/elog-3.1.3-1/src/elogd.c:697:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(p, "\n");
data/elog-3.1.3-1/src/elogd.c:723:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (p[strlen(p) - 1] == '\r' || p[strlen(p) - 1] == '\n')
data/elog-3.1.3-1/src/elogd.c:723:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (p[strlen(p) - 1] == '\r' || p[strlen(p) - 1] == '\n')
data/elog-3.1.3-1/src/elogd.c:724:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p[strlen(p) - 1] = 0;
data/elog-3.1.3-1/src/elogd.c:748:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (p[strlen(p) - 1] == '\r' || p[strlen(p) - 1] == '\n')
data/elog-3.1.3-1/src/elogd.c:748:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (p[strlen(p) - 1] == '\r' || p[strlen(p) - 1] == '\n')
data/elog-3.1.3-1/src/elogd.c:749:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p[strlen(p) - 1] = 0;
data/elog-3.1.3-1/src/elogd.c:929:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (strlen(result) > 0 && (result[strlen(result) - 1] == '\r' || result[strlen(result) - 1] == '\n'))
data/elog-3.1.3-1/src/elogd.c:929:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (strlen(result) > 0 && (result[strlen(result) - 1] == '\r' || result[strlen(result) - 1] == '\n'))
data/elog-3.1.3-1/src/elogd.c:929:79: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (strlen(result) > 0 && (result[strlen(result) - 1] == '\r' || result[strlen(result) - 1] == '\n'))
data/elog-3.1.3-1/src/elogd.c:930:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result[strlen(result) - 1] = 0;
data/elog-3.1.3-1/src/elogd.c:953:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(fh, result, size-1);
data/elog-3.1.3-1/src/elogd.c:961:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (strlen(result) > 0 && (result[strlen(result) - 1] == '\r' || result[strlen(result) - 1] == '\n'))
data/elog-3.1.3-1/src/elogd.c:961:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (strlen(result) > 0 && (result[strlen(result) - 1] == '\r' || result[strlen(result) - 1] == '\n'))
data/elog-3.1.3-1/src/elogd.c:961:82: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (strlen(result) > 0 && (result[strlen(result) - 1] == '\r' || result[strlen(result) - 1] == '\n'))
data/elog-3.1.3-1/src/elogd.c:962:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result[strlen(result) - 1] = 0;
data/elog-3.1.3-1/src/elogd.c:1040:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (j = 0; j < (int) strlen(str); j++)
data/elog-3.1.3-1/src/elogd.c:1054:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (j = 0; j < (int) strlen(uattr); j++)
data/elog-3.1.3-1/src/elogd.c:1057:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(str, uattr, strlen(uattr)) == 0)
data/elog-3.1.3-1/src/elogd.c:1064:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/elog-3.1.3-1/src/elogd.c:1065:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ps = p + strlen(uattr);
data/elog-3.1.3-1/src/elogd.c:1091:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (j = 0; j < (int) strlen(str); j++)
data/elog-3.1.3-1/src/elogd.c:1122:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt += strlen(pt);
data/elog-3.1.3-1/src/elogd.c:1147:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(pattern) == strlen(subst)) {
data/elog-3.1.3-1/src/elogd.c:1147:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(pattern) == strlen(subst)) {
data/elog-3.1.3-1/src/elogd.c:1148:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(p, subst, strlen(subst));
data/elog-3.1.3-1/src/elogd.c:1149:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strlen(pattern) > strlen(subst)) {
data/elog-3.1.3-1/src/elogd.c:1149:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strlen(pattern) > strlen(subst)) {
data/elog-3.1.3-1/src/elogd.c:1150:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(p, subst, strlen(subst));
data/elog-3.1.3-1/src/elogd.c:1151:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(p + strlen(subst), p + strlen(pattern), strlen(p + strlen(pattern)) + 1);
data/elog-3.1.3-1/src/elogd.c:1151:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(p + strlen(subst), p + strlen(pattern), strlen(p + strlen(pattern)) + 1);
data/elog-3.1.3-1/src/elogd.c:1151:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(p + strlen(subst), p + strlen(pattern), strlen(p + strlen(pattern)) + 1);
data/elog-3.1.3-1/src/elogd.c:1151:69: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(p + strlen(subst), p + strlen(pattern), strlen(p + strlen(pattern)) + 1);
data/elog-3.1.3-1/src/elogd.c:1153:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tail = (char *) xmalloc(strlen(p) - strlen(pattern) + 1);
data/elog-3.1.3-1/src/elogd.c:1153:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tail = (char *) xmalloc(strlen(p) - strlen(pattern) + 1);
data/elog-3.1.3-1/src/elogd.c:1154:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(tail, p + strlen(pattern));
data/elog-3.1.3-1/src/elogd.c:1161:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen(subst);
data/elog-3.1.3-1/src/elogd.c:1282:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < (int) strlen(str); i++)
data/elog-3.1.3-1/src/elogd.c:1294:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < (int) strlen(str); i++)
data/elog-3.1.3-1/src/elogd.c:1347:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pad = 3 - strlen((char *) s) % 3;
data/elog-3.1.3-1/src/elogd.c:2046:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(mail_text + strlen(mail_text), size - strlen(mail_text) - 1, "Date: %s %+03d%02d\r\n", buf,
data/elog-3.1.3-1/src/elogd.c:2046:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(mail_text + strlen(mail_text), size - strlen(mail_text) - 1, "Date: %s %+03d%02d\r\n", buf,
data/elog-3.1.3-1/src/elogd.c:2062:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(mail_text + strlen(mail_text), size - strlen(mail_text) - 1, "From: %s\r\n", from);
data/elog-3.1.3-1/src/elogd.c:2062:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(mail_text + strlen(mail_text), size - strlen(mail_text) - 1, "From: %s\r\n", from);
data/elog-3.1.3-1/src/elogd.c:2063:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(mail_text + strlen(mail_text), size - strlen(mail_text) - 1, "User-Agent: Elog Version %s\r\n",
data/elog-3.1.3-1/src/elogd.c:2063:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(mail_text + strlen(mail_text), size - strlen(mail_text) - 1, "User-Agent: Elog Version %s\r\n",
data/elog-3.1.3-1/src/elogd.c:2070:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < (int) strlen(subject); i++)
data/elog-3.1.3-1/src/elogd.c:2074:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (i < (int) strlen(subject)) {
data/elog-3.1.3-1/src/elogd.c:2076:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < (int) strlen(subject); i += 40) {
data/elog-3.1.3-1/src/elogd.c:2082:83: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
base64_encode((unsigned char *) buffer, (unsigned char *) (subject_enc + strlen(subject_enc)),
data/elog-3.1.3-1/src/elogd.c:2083:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sizeof(subject_enc) - strlen(subject_enc));
data/elog-3.1.3-1/src/elogd.c:2085:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(subject + i) < 40)
data/elog-3.1.3-1/src/elogd.c:2093:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(mail_text + strlen(mail_text), size - strlen(mail_text) - 1, "Subject: %s\r\n", subject_enc);
data/elog-3.1.3-1/src/elogd.c:2093:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(mail_text + strlen(mail_text), size - strlen(mail_text) - 1, "Subject: %s\r\n", subject_enc);
data/elog-3.1.3-1/src/elogd.c:2103:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(mail_text + strlen(mail_text), size - strlen(mail_text) - 1, "Message-ID: <%s-%d@%s>\r\n",
data/elog-3.1.3-1/src/elogd.c:2103:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(mail_text + strlen(mail_text), size - strlen(mail_text) - 1, "Message-ID: <%s-%d@%s>\r\n",
data/elog-3.1.3-1/src/elogd.c:2106:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(mail_text + strlen(mail_text), size - strlen(mail_text) - 1, "In-Reply-To: <%s-%d@%s>\r\n",
data/elog-3.1.3-1/src/elogd.c:2106:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(mail_text + strlen(mail_text), size - strlen(mail_text) - 1, "In-Reply-To: <%s-%d@%s>\r\n",
data/elog-3.1.3-1/src/elogd.c:2110:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(mail_text + strlen(mail_text), size - strlen(mail_text) - 1, "X-Elog-URL: %s\r\n", url);
data/elog-3.1.3-1/src/elogd.c:2110:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(mail_text + strlen(mail_text), size - strlen(mail_text) - 1, "X-Elog-URL: %s\r\n", url);
data/elog-3.1.3-1/src/elogd.c:2117:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(mail_text + strlen(mail_text), size - strlen(mail_text) - 1,
data/elog-3.1.3-1/src/elogd.c:2117:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(mail_text + strlen(mail_text), size - strlen(mail_text) - 1,
data/elog-3.1.3-1/src/elogd.c:2125:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(mail_text + strlen(mail_text), size - strlen(mail_text) - 1,
data/elog-3.1.3-1/src/elogd.c:2125:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(mail_text + strlen(mail_text), size - strlen(mail_text) - 1,
data/elog-3.1.3-1/src/elogd.c:2216:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send(s, str, strlen(str), 0);
data/elog-3.1.3-1/src/elogd.c:2234:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send(s, str, strlen(str), 0);
data/elog-3.1.3-1/src/elogd.c:2250:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send(s, str, strlen(str), 0);
data/elog-3.1.3-1/src/elogd.c:2258:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(str, "\n");
data/elog-3.1.3-1/src/elogd.c:2264:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(decoded, "\n");
data/elog-3.1.3-1/src/elogd.c:2275:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send(s, str, strlen(str), 0);
data/elog-3.1.3-1/src/elogd.c:2283:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(decoded, "\n");
data/elog-3.1.3-1/src/elogd.c:2292:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send(s, str, strlen(str), 0);
data/elog-3.1.3-1/src/elogd.c:2305:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send(s, str, strlen(str), 0);
data/elog-3.1.3-1/src/elogd.c:2325:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send(s, str, strlen(str), 0);
data/elog-3.1.3-1/src/elogd.c:2341:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send(s, str, strlen(str), 0);
data/elog-3.1.3-1/src/elogd.c:2360:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int) strlen(str) == strsize - 1) {
data/elog-3.1.3-1/src/elogd.c:2365:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send(s, str, strlen(str), 0);
data/elog-3.1.3-1/src/elogd.c:2377:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send(s, str, strlen(str), 0);
data/elog-3.1.3-1/src/elogd.c:2490:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(str, p, sizeof(str));
data/elog-3.1.3-1/src/elogd.c:2493:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(subdir, strchr(str, '/'), 256);
data/elog-3.1.3-1/src/elogd.c:2499:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(subdir, strchr(str, '?'), 256);
data/elog-3.1.3-1/src/elogd.c:2514:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(param, strchr(subdir, '?'), 256);
data/elog-3.1.3-1/src/elogd.c:2519:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(subdir, "/");
data/elog-3.1.3-1/src/elogd.c:2594:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(str + strlen(str), "Cookie: unm=%s; upwd=%s\r\n", unm, upwd);
data/elog-3.1.3-1/src/elogd.c:2598:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(str + strlen(str), "Host: %s:%d\r\n", host, port);
data/elog-3.1.3-1/src/elogd.c:2606:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send_with_timeout(ssl_con, sock, (char *)str, strlen(str));
data/elog-3.1.3-1/src/elogd.c:2692:4: [1] (access) umask:
Ensure that umask is given most restrictive possible setting (e.g., 066 or
077) (CWE-732).
umask(0); /* clear our file mode creation mask */
data/elog-3.1.3-1/src/elogd.c:2917:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(fh, buffer, length);
data/elog-3.1.3-1/src/elogd.c:2945:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lb_config[n_lb_config].section_name = xmalloc(strlen(str) + 1);
data/elog-3.1.3-1/src/elogd.c:2971:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lb_config[n_lb_config].config_param[i].param = xmalloc(strlen(str) + 1);
data/elog-3.1.3-1/src/elogd.c:2972:72: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lb_config[n_lb_config].config_param[i].uparam = xmalloc(strlen(str) + 1);
data/elog-3.1.3-1/src/elogd.c:2975:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (j = 0; j < (int) strlen(str); j++)
data/elog-3.1.3-1/src/elogd.c:2989:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lb_config[n_lb_config].config_param[i].value = xmalloc(strlen(str) + 1);
data/elog-3.1.3-1/src/elogd.c:3032:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(param) >= sizeof(uparam))
data/elog-3.1.3-1/src/elogd.c:3035:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < (int) strlen(param); i++)
data/elog-3.1.3-1/src/elogd.c:3277:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(fh, _locbuffer, length);
data/elog-3.1.3-1/src/elogd.c:3425:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(date) > 25) {
data/elog-3.1.3-1/src/elogd.c:3550:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(p, p + 7, strlen(p + 7) + 1);
data/elog-3.1.3-1/src/elogd.c:3552:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(p, p + 7, strlen(p + 7) + 1);
data/elog-3.1.3-1/src/elogd.c:3601:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(pc, key, strlen(key)) == 0) {
data/elog-3.1.3-1/src/elogd.c:3602:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pc += strlen(key);
data/elog-3.1.3-1/src/elogd.c:3646:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < size && i < (int) strlen(result); i++)
data/elog-3.1.3-1/src/elogd.c:3775:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(*plist + (i * MAX_PATH_LENGTH), dp->d_name, strlen(dp->d_name));
data/elog-3.1.3-1/src/elogd.c:3775:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(*plist + (i * MAX_PATH_LENGTH), dp->d_name, strlen(dp->d_name));
data/elog-3.1.3-1/src/elogd.c:3776:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*(*plist + (i * MAX_PATH_LENGTH) + strlen(dp->d_name)) = '\0';
data/elog-3.1.3-1/src/elogd.c:3802:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(*plist + (i * MAX_PATH_LENGTH), lpfdata->cFileName, strlen(lpfdata->cFileName));
data/elog-3.1.3-1/src/elogd.c:3802:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(*plist + (i * MAX_PATH_LENGTH), lpfdata->cFileName, strlen(lpfdata->cFileName));
data/elog-3.1.3-1/src/elogd.c:3803:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*(*plist + (i * MAX_PATH_LENGTH) + strlen(lpfdata->cFileName)) = '\0';
data/elog-3.1.3-1/src/elogd.c:3807:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(*plist + (i * MAX_PATH_LENGTH), lpfdata->cFileName, strlen(lpfdata->cFileName));
data/elog-3.1.3-1/src/elogd.c:3807:67: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(*plist + (i * MAX_PATH_LENGTH), lpfdata->cFileName, strlen(lpfdata->cFileName));
data/elog-3.1.3-1/src/elogd.c:3808:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*(*plist + (i * MAX_PATH_LENGTH) + strlen(lpfdata->cFileName)) = '\0';
data/elog-3.1.3-1/src/elogd.c:3956:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(fh, buffer, length);
data/elog-3.1.3-1/src/elogd.c:3973:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlcpy(lbs->el_index[*lbs->n_el_index].subdir, file_name+strlen(lbs->data_dir), 256);
data/elog-3.1.3-1/src/elogd.c:3996:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(p);
data/elog-3.1.3-1/src/elogd.c:4052:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (p[strlen(p)-1] != DIR_SEPARATOR)
data/elog-3.1.3-1/src/elogd.c:4066:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (str[strlen(str)-1] != DIR_SEPARATOR)
data/elog-3.1.3-1/src/elogd.c:4109:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MD5_checksum(buffer, strlen(buffer), digest);
data/elog-3.1.3-1/src/elogd.c:4227:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (data_dir[strlen(data_dir) - 1] != DIR_SEPARATOR)
data/elog-3.1.3-1/src/elogd.c:4239:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (data_dir[strlen(data_dir) - 1] != DIR_SEPARATOR)
data/elog-3.1.3-1/src/elogd.c:4260:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen(str);
data/elog-3.1.3-1/src/elogd.c:4542:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(message);
data/elog-3.1.3-1/src/elogd.c:4613:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int) strlen(p) >= *textsize) {
data/elog-3.1.3-1/src/elogd.c:4622:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (text[strlen(text) - 1] == '\n') {
data/elog-3.1.3-1/src/elogd.c:4623:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
text[strlen(text) - 1] = 0;
data/elog-3.1.3-1/src/elogd.c:4624:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (text[strlen(text) - 1] == '\r')
data/elog-3.1.3-1/src/elogd.c:4625:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
text[strlen(text) - 1] = 0;
data/elog-3.1.3-1/src/elogd.c:4628:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
*textsize = strlen(text);
data/elog-3.1.3-1/src/elogd.c:4680:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(str) > 0 && str[strlen(str)-1] == DIR_SEPARATOR)
data/elog-3.1.3-1/src/elogd.c:4680:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(str) > 0 && str[strlen(str)-1] == DIR_SEPARATOR)
data/elog-3.1.3-1/src/elogd.c:4681:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str[strlen(str)-1] = 0;
data/elog-3.1.3-1/src/elogd.c:4726:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(str + strlen(str), "-%d.png", i);
data/elog-3.1.3-1/src/elogd.c:4737:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(str + strlen(str), "-%d.png", i);
data/elog-3.1.3-1/src/elogd.c:4795:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(message);
data/elog-3.1.3-1/src/elogd.c:4929:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(message);
data/elog-3.1.3-1/src/elogd.c:4945:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (old_text[strlen(old_text) - 1] == '\n' || old_text[strlen(old_text) - 1] == '\r')
data/elog-3.1.3-1/src/elogd.c:4945:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (old_text[strlen(old_text) - 1] == '\n' || old_text[strlen(old_text) - 1] == '\r')
data/elog-3.1.3-1/src/elogd.c:4946:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
old_text[strlen(old_text) - 1] = 0;
data/elog-3.1.3-1/src/elogd.c:5000:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(str) > 0 && str[strlen(str)-1] == DIR_SEPARATOR)
data/elog-3.1.3-1/src/elogd.c:5000:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(str) > 0 && str[strlen(str)-1] == DIR_SEPARATOR)
data/elog-3.1.3-1/src/elogd.c:5001:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str[strlen(str)-1] = 0;
data/elog-3.1.3-1/src/elogd.c:5060:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(message + strlen(message), "Date: %s\n", date1);
data/elog-3.1.3-1/src/elogd.c:5063:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(message + strlen(message), "Reply to: %s\n", reply_to1);
data/elog-3.1.3-1/src/elogd.c:5066:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(message + strlen(message), "In reply to: %s\n", in_reply_to1);
data/elog-3.1.3-1/src/elogd.c:5069:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(message + strlen(message), "%s: %s\n", attr_name[i], attrib[i]);
data/elog-3.1.3-1/src/elogd.c:5071:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(message + strlen(message), "Attachment: ");
data/elog-3.1.3-1/src/elogd.c:5074:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(message + strlen(message), "%s", afilename[0]);
data/elog-3.1.3-1/src/elogd.c:5077:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(message + strlen(message), ",%s", afilename[i]);
data/elog-3.1.3-1/src/elogd.c:5079:4: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(message + strlen(message), "\n");
data/elog-3.1.3-1/src/elogd.c:5079:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(message + strlen(message), "\n");
data/elog-3.1.3-1/src/elogd.c:5081:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(message + strlen(message), "Encoding: %s\n", encoding1);
data/elog-3.1.3-1/src/elogd.c:5083:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(message + strlen(message), "Locked by: %s\n", locked_by1);
data/elog-3.1.3-1/src/elogd.c:5085:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(message + strlen(message), "Draft: %s\n", draft);
data/elog-3.1.3-1/src/elogd.c:5087:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(message + strlen(message), "========================================\n");
data/elog-3.1.3-1/src/elogd.c:5098:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
n = write(fh, message, strlen(message));
data/elog-3.1.3-1/src/elogd.c:5099:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (n != (int) strlen(message)) {
data/elog-3.1.3-1/src/elogd.c:5107:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MD5_checksum(message, strlen(message), lbs->el_index[index].md5_digest);
data/elog-3.1.3-1/src/elogd.c:5115:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
delta = strlen(message) - orig_size;
data/elog-3.1.3-1/src/elogd.c:5146:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(reply_to + strlen(reply_to), "%d", message_id);
data/elog-3.1.3-1/src/elogd.c:5284:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(message);
data/elog-3.1.3-1/src/elogd.c:5441:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(reply_to + strlen(reply_to), "%d", new_id);
data/elog-3.1.3-1/src/elogd.c:5468:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(in_reply_to + strlen(in_reply_to), "%d", new_id);
data/elog-3.1.3-1/src/elogd.c:5635:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buf, " ");
data/elog-3.1.3-1/src/elogd.c:5640:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(buf + strlen(buf), "[%s@%s(%s)] ", unm, rem_host, rem_host_ip);
data/elog-3.1.3-1/src/elogd.c:5642:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(buf + strlen(buf), "[%s@%s] ", unm, rem_host);
data/elog-3.1.3-1/src/elogd.c:5645:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(buf + strlen(buf), "[%s(%s)] ", rem_host, rem_host_ip);
data/elog-3.1.3-1/src/elogd.c:5647:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(buf + strlen(buf), "[%s] ", rem_host);
data/elog-3.1.3-1/src/elogd.c:5649:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(buf + strlen(buf), "[%s] ", rem_host_ip);
data/elog-3.1.3-1/src/elogd.c:5652:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(buf + strlen(buf), "{%s} ", lbs->name);
data/elog-3.1.3-1/src/elogd.c:5656:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf) > 0 && buf[strlen(buf) - 1] != '\n')
data/elog-3.1.3-1/src/elogd.c:5656:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf) > 0 && buf[strlen(buf) - 1] != '\n')
data/elog-3.1.3-1/src/elogd.c:5658:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen(buf) > 1 && buf[strlen(buf) - 2] != '\r')
data/elog-3.1.3-1/src/elogd.c:5658:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (strlen(buf) > 1 && buf[strlen(buf) - 2] != '\r')
data/elog-3.1.3-1/src/elogd.c:5659:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlcpy(buf + strlen(buf) - 2, "\r\n", sizeof(buf) - (strlen(buf) - 2));
data/elog-3.1.3-1/src/elogd.c:5659:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlcpy(buf + strlen(buf) - 2, "\r\n", sizeof(buf) - (strlen(buf) - 2));
data/elog-3.1.3-1/src/elogd.c:5662:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf) > 1 && buf[strlen(buf) - 1] != '\n')
data/elog-3.1.3-1/src/elogd.c:5662:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf) > 1 && buf[strlen(buf) - 1] != '\n')
data/elog-3.1.3-1/src/elogd.c:5666:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write(fh, buf, strlen(buf));
data/elog-3.1.3-1/src/elogd.c:5715:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < (int) strlen(s); i++)
data/elog-3.1.3-1/src/elogd.c:5755:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < (int) strlen(s); i++)
data/elog-3.1.3-1/src/elogd.c:5789:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(fh, buf, length);
data/elog-3.1.3-1/src/elogd.c:5794:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < (int) strlen((char *) buf); i++)
data/elog-3.1.3-1/src/elogd.c:5828:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(fh, buf, length);
data/elog-3.1.3-1/src/elogd.c:5858:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(p, strchr(p, '>') + 1, strlen(strchr(p, '>') + 1) + 1);
data/elog-3.1.3-1/src/elogd.c:5885:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < (int) strlen(str); i++) {
data/elog-3.1.3-1/src/elogd.c:5890:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (i - i_last >= n && (int) strlen(str) + 3 < size) {
data/elog-3.1.3-1/src/elogd.c:5899:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (j = strlen(str) + 2; j > i; j--)
data/elog-3.1.3-1/src/elogd.c:5932:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(p + strlen(p), pn, strlen(pn) + 1);
data/elog-3.1.3-1/src/elogd.c:5932:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(p + strlen(p), pn, strlen(pn) + 1);
data/elog-3.1.3-1/src/elogd.c:5950:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(link) > strlen(old))
data/elog-3.1.3-1/src/elogd.c:5950:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(link) > strlen(old))
data/elog-3.1.3-1/src/elogd.c:5951:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen(link) - strlen(old);
data/elog-3.1.3-1/src/elogd.c:5951:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen(link) - strlen(old);
data/elog-3.1.3-1/src/elogd.c:5973:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < (int) strlen(str); i++)
data/elog-3.1.3-1/src/elogd.c:5977:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (i < (int) strlen(str)) {
data/elog-3.1.3-1/src/elogd.c:6004:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen_retbuf + (int) strlen(str) + 1 >= return_buffer_size) {
data/elog-3.1.3-1/src/elogd.c:6005:74: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return_buffer = xrealloc(return_buffer, return_buffer_size + (int) strlen(str) + 100000);
data/elog-3.1.3-1/src/elogd.c:6006:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memset(return_buffer + return_buffer_size, 0, (int) strlen(str) + 100000);
data/elog-3.1.3-1/src/elogd.c:6007:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return_buffer_size += (int) strlen(str) + 100000;
data/elog-3.1.3-1/src/elogd.c:6011:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen_retbuf += strlen(str);
data/elog-3.1.3-1/src/elogd.c:6023:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen_retbuf + (int) (2 * strlen(str) + 1000) >= return_buffer_size) {
data/elog-3.1.3-1/src/elogd.c:6030:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < (int) strlen(str); i++) {
data/elog-3.1.3-1/src/elogd.c:6032:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(str + i, key_list[l], strlen(key_list[l])) == 0) {
data/elog-3.1.3-1/src/elogd.c:6041:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char *) (str + i + strlen(key_list[l]));
data/elog-3.1.3-1/src/elogd.c:6042:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i += strlen(key_list[l]);
data/elog-3.1.3-1/src/elogd.c:6065:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(p, pd + 1, strlen(pd + 1) + 1);
data/elog-3.1.3-1/src/elogd.c:6075:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(p, pd + 1, strlen(pd + 1) + 1);
data/elog-3.1.3-1/src/elogd.c:6079:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (n = 0; n < (int) strlen(link_text); n++) {
data/elog-3.1.3-1/src/elogd.c:6106:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j += strlen(return_buffer + j);
data/elog-3.1.3-1/src/elogd.c:6114:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j += strlen(return_buffer + j);
data/elog-3.1.3-1/src/elogd.c:6123:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j += strlen(return_buffer + j);
data/elog-3.1.3-1/src/elogd.c:6156:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(return_buffer, "<");
data/elog-3.1.3-1/src/elogd.c:6160:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(return_buffer, ">");
data/elog-3.1.3-1/src/elogd.c:6164:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(return_buffer, "\"");
data/elog-3.1.3-1/src/elogd.c:6168:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(return_buffer, " ");
data/elog-3.1.3-1/src/elogd.c:6190:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < (int) strlen(text); i++) {
data/elog-3.1.3-1/src/elogd.c:6328:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen_retbuf + (int) (2 * strlen(str) + 1000) >= return_buffer_size) {
data/elog-3.1.3-1/src/elogd.c:6347:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lstr = xmalloc(strlen(str) + 1);
data/elog-3.1.3-1/src/elogd.c:6352:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < (int) strlen(str); i++) {
data/elog-3.1.3-1/src/elogd.c:6355:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(lstr + i, key_list[l], strlen(key_list[l])) == 0) {
data/elog-3.1.3-1/src/elogd.c:6364:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = (char *) (str + i + strlen(key_list[l]));
data/elog-3.1.3-1/src/elogd.c:6365:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i += strlen(key_list[l]);
data/elog-3.1.3-1/src/elogd.c:6388:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(p, pd + 1, strlen(pd + 1) + 1);
data/elog-3.1.3-1/src/elogd.c:6398:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(p, pd + 1, strlen(pd + 1) + 1);
data/elog-3.1.3-1/src/elogd.c:6407:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (m = 0; m < (int) strlen(tmp); m++)
data/elog-3.1.3-1/src/elogd.c:6411:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (m < (int) strlen(tmp) && tmp[m] != '#') {
data/elog-3.1.3-1/src/elogd.c:6436:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j += strlen(return_buffer + j);
data/elog-3.1.3-1/src/elogd.c:6444:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j += strlen(return_buffer + j);
data/elog-3.1.3-1/src/elogd.c:6453:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j += strlen(return_buffer + j);
data/elog-3.1.3-1/src/elogd.c:6463:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(lstr + i, pattern_list[l].pattern, strlen(pattern_list[l].pattern)) == 0) {
data/elog-3.1.3-1/src/elogd.c:6474:16: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(return_buffer + j, str + i, strlen(pattern_list[l].pattern));
data/elog-3.1.3-1/src/elogd.c:6474:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(return_buffer + j, str + i, strlen(pattern_list[l].pattern));
data/elog-3.1.3-1/src/elogd.c:6475:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j += strlen(pattern_list[l].pattern);
data/elog-3.1.3-1/src/elogd.c:6476:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i += strlen(pattern_list[l].pattern) - 1; // 1 gets added in for loop...
data/elog-3.1.3-1/src/elogd.c:6486:16: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(return_buffer + j, str + i, strlen(pattern_list[l].pattern));
data/elog-3.1.3-1/src/elogd.c:6486:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(return_buffer + j, str + i, strlen(pattern_list[l].pattern));
data/elog-3.1.3-1/src/elogd.c:6487:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j += strlen(pattern_list[l].pattern);
data/elog-3.1.3-1/src/elogd.c:6488:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i += strlen(pattern_list[l].pattern) - 1; // 1 gets added in for loop...
data/elog-3.1.3-1/src/elogd.c:6507:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (pattern_list[l].pattern[strlen(pattern_list[l].pattern) - 1] == '=') {
data/elog-3.1.3-1/src/elogd.c:6508:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i += strlen(pattern_list[l].pattern);
data/elog-3.1.3-1/src/elogd.c:6510:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i += strlen(attrib);
data/elog-3.1.3-1/src/elogd.c:6513:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(attrib, attrib + 1, strlen(attrib + 1) + 1);
data/elog-3.1.3-1/src/elogd.c:6514:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (attrib[strlen(attrib) - 1] == '\"')
data/elog-3.1.3-1/src/elogd.c:6515:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
attrib[strlen(attrib) - 1] = 0;
data/elog-3.1.3-1/src/elogd.c:6522:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j += strlen(return_buffer + j);
data/elog-3.1.3-1/src/elogd.c:6528:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j += strlen(return_buffer + j);
data/elog-3.1.3-1/src/elogd.c:6529:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i += strlen(pattern_list[l].pattern) - 1; // 1 gets added in for loop...
data/elog-3.1.3-1/src/elogd.c:6536:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (pattern_list[l].pattern[strlen(pattern_list[l].pattern) - 1] == '=') {
data/elog-3.1.3-1/src/elogd.c:6538:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i += strlen(pattern_list[l].pattern);
data/elog-3.1.3-1/src/elogd.c:6540:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i += strlen(attrib) + 1;
data/elog-3.1.3-1/src/elogd.c:6547:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (m = 0; m < (int) strlen(tmp); m++)
data/elog-3.1.3-1/src/elogd.c:6551:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (m < (int) strlen(tmp))
data/elog-3.1.3-1/src/elogd.c:6568:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i += strlen(value) - 1;
data/elog-3.1.3-1/src/elogd.c:6573:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j += strlen(return_buffer + j);
data/elog-3.1.3-1/src/elogd.c:6575:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (pattern_list[l].pattern[strlen(pattern_list[l].pattern) - 1] != '=') {
data/elog-3.1.3-1/src/elogd.c:6577:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i += strlen(pattern_list[l].pattern);
data/elog-3.1.3-1/src/elogd.c:6579:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i += strlen(attrib) - 1;
data/elog-3.1.3-1/src/elogd.c:6598:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(hattrib + strlen(hattrib), "%d%s", _current_message_id, attrib + 5);
data/elog-3.1.3-1/src/elogd.c:6621:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j += strlen(return_buffer + j);
data/elog-3.1.3-1/src/elogd.c:6624:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (pattern_list[l].pattern[strlen(pattern_list[l].pattern) - 1] == '=') {
data/elog-3.1.3-1/src/elogd.c:6627:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i += strlen(pattern_list[l].pattern);
data/elog-3.1.3-1/src/elogd.c:6629:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i += strlen(attrib);
data/elog-3.1.3-1/src/elogd.c:6631:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j += strlen(return_buffer + j);
data/elog-3.1.3-1/src/elogd.c:6633:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (pattern_list[l].pattern[strlen(pattern_list[l].pattern) - 1] == ' ') {
data/elog-3.1.3-1/src/elogd.c:6636:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i += strlen(pattern_list[l].pattern);
data/elog-3.1.3-1/src/elogd.c:6638:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i += strlen(attrib);
data/elog-3.1.3-1/src/elogd.c:6640:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j += strlen(return_buffer + j);
data/elog-3.1.3-1/src/elogd.c:6651:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j += strlen(subst);
data/elog-3.1.3-1/src/elogd.c:6652:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i += strlen(pattern_list[l].pattern) - 1; // 1 gets added in for loop...
data/elog-3.1.3-1/src/elogd.c:6668:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j += strlen(link);
data/elog-3.1.3-1/src/elogd.c:6669:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i += strlen(pattern_list[l].pattern) - 1; // 1 gets added in for loop...
data/elog-3.1.3-1/src/elogd.c:6672:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j += strlen(pattern_list[l].pattern);
data/elog-3.1.3-1/src/elogd.c:6673:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i += strlen(pattern_list[l].pattern) - 1; // 1 gets added in for loop...
data/elog-3.1.3-1/src/elogd.c:6690:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j += strlen(link);
data/elog-3.1.3-1/src/elogd.c:6691:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i += strlen(pattern_list[l].pattern) - 1; // 1 gets added in for loop...
data/elog-3.1.3-1/src/elogd.c:6711:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
j += strlen(link);
data/elog-3.1.3-1/src/elogd.c:6712:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i += strlen(pattern_list[l].pattern) - 1; // 1 gets added in for loop...
data/elog-3.1.3-1/src/elogd.c:6760:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(return_buffer, "<");
data/elog-3.1.3-1/src/elogd.c:6764:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(return_buffer, ">");
data/elog-3.1.3-1/src/elogd.c:6768:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(return_buffer, "\"");
data/elog-3.1.3-1/src/elogd.c:6772:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(return_buffer, " ");
data/elog-3.1.3-1/src/elogd.c:6797:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen_retbuf + (int) strlen(str) + 1 >= return_buffer_size) {
data/elog-3.1.3-1/src/elogd.c:6805:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen_retbuf += strlen(str);
data/elog-3.1.3-1/src/elogd.c:6839:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(value) >= TEXT_SIZE) {
data/elog-3.1.3-1/src/elogd.c:6842:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(unsigned long) strlen(value));
data/elog-3.1.3-1/src/elogd.c:6852:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(value) >= CMD_SIZE) {
data/elog-3.1.3-1/src/elogd.c:6855:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(unsigned long) strlen(value));
data/elog-3.1.3-1/src/elogd.c:6870:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(param) >= NAME_LENGTH) {
data/elog-3.1.3-1/src/elogd.c:6871:87: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(str, "Error: Parameter name too big (%lu bytes).\n", (unsigned long) strlen(param));
data/elog-3.1.3-1/src/elogd.c:6878:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(value) >= NAME_LENGTH) {
data/elog-3.1.3-1/src/elogd.c:6881:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
param, (unsigned long) strlen(value));
data/elog-3.1.3-1/src/elogd.c:6988:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (str[strlen(str) - 1] == '/')
data/elog-3.1.3-1/src/elogd.c:6989:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str[strlen(str) - 1] = 0;
data/elog-3.1.3-1/src/elogd.c:7042:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(base_url + strlen(base_url), "%s/", host_name);
data/elog-3.1.3-1/src/elogd.c:7044:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(base_url + strlen(base_url), "%s:%d/", host_name, elog_tcp_port);
data/elog-3.1.3-1/src/elogd.c:7052:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (base_url[strlen(base_url) - 1] != '/')
data/elog-3.1.3-1/src/elogd.c:7116:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (str[strlen(str) - 1] == '/')
data/elog-3.1.3-1/src/elogd.c:7117:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str[strlen(str) - 1] = 0;
data/elog-3.1.3-1/src/elogd.c:7120:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = str + strlen(str);
data/elog-3.1.3-1/src/elogd.c:7150:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(str + strlen(str), ":%d", elog_tcp_port);
data/elog-3.1.3-1/src/elogd.c:7155:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (str[strlen(str) - 1] != '/')
data/elog-3.1.3-1/src/elogd.c:7195:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(str + strlen(str), ":%d", elog_tcp_port);
data/elog-3.1.3-1/src/elogd.c:7200:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (str[strlen(str) - 1] != '/')
data/elog-3.1.3-1/src/elogd.c:7249:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(str, ".");
data/elog-3.1.3-1/src/elogd.c:7390:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (j = 0; j < (int) strlen(list[i]); j++)
data/elog-3.1.3-1/src/elogd.c:7396:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen(list[i]);
data/elog-3.1.3-1/src/elogd.c:7405:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (list[i][strlen(list[i]) - 1] == ' ')
data/elog-3.1.3-1/src/elogd.c:7406:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
list[i][strlen(list[i]) - 1] = 0;
data/elog-3.1.3-1/src/elogd.c:7829:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(grpname) < 7)
data/elog-3.1.3-1/src/elogd.c:8123:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (j = 0; j < (int) strlen(str); j++)
data/elog-3.1.3-1/src/elogd.c:8519:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < (int) strlen(file_name); i++)
data/elog-3.1.3-1/src/elogd.c:8543:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (length > return_buffer_size - (int) strlen(return_buffer)) {
data/elog-3.1.3-1/src/elogd.c:8544:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
delta = length - (return_buffer_size - strlen(return_buffer)) + 1000;
data/elog-3.1.3-1/src/elogd.c:8551:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return_length = strlen(return_buffer) + length;
data/elog-3.1.3-1/src/elogd.c:8552:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(fh, return_buffer + strlen(return_buffer), length);
data/elog-3.1.3-1/src/elogd.c:8552:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
read(fh, return_buffer + strlen(return_buffer), length);
data/elog-3.1.3-1/src/elogd.c:8579:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < (int) strlen(text); i++) {
data/elog-3.1.3-1/src/elogd.c:8627:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < (int) strlen(text); i++) {
data/elog-3.1.3-1/src/elogd.c:8672:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < (int) strlen(text); i++) {
data/elog-3.1.3-1/src/elogd.c:8700:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < (int) strlen(text); i++) {
data/elog-3.1.3-1/src/elogd.c:8703:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(b) + 5 >= (unsigned int) size)
data/elog-3.1.3-1/src/elogd.c:8708:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(b) + 4 >= (unsigned int) size)
data/elog-3.1.3-1/src/elogd.c:8713:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(b) + 4 >= (unsigned int) size)
data/elog-3.1.3-1/src/elogd.c:8718:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(b) + 5 >= (unsigned int) size)
data/elog-3.1.3-1/src/elogd.c:8723:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(b) + 6 >= (unsigned int) size)
data/elog-3.1.3-1/src/elogd.c:8728:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(b) + 1 >= (unsigned int) size)
data/elog-3.1.3-1/src/elogd.c:8730:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(b + strlen(b), "%c", text[i]);
data/elog-3.1.3-1/src/elogd.c:9093:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(p - 1, p, strlen(p) + 1);
data/elog-3.1.3-1/src/elogd.c:9098:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = loc = 0, len = 1; i < (int) strlen(retstr); i++) {
data/elog-3.1.3-1/src/elogd.c:9123:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(attrib[index]) > 0 && strncmp(attrib[index], retstr, loc) == 0)
data/elog-3.1.3-1/src/elogd.c:9365:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(attrib[i]) + strlen(getparam(str)) < NAME_LENGTH - 2)
data/elog-3.1.3-1/src/elogd.c:9365:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(attrib[i]) + strlen(getparam(str)) < NAME_LENGTH - 2)
data/elog-3.1.3-1/src/elogd.c:9397:16: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(attrib[i], "");
data/elog-3.1.3-1/src/elogd.c:9438:16: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(attrib[i], "");
data/elog-3.1.3-1/src/elogd.c:10015:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(str, " ");
data/elog-3.1.3-1/src/elogd.c:10017:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(str, " ");
data/elog-3.1.3-1/src/elogd.c:10431:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str2[strlen(lang_table[i].language)] = 0;
data/elog-3.1.3-1/src/elogd.c:10748:16: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str, "-");
data/elog-3.1.3-1/src/elogd.c:10763:16: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str, "-");
data/elog-3.1.3-1/src/elogd.c:11466:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pend = p + strlen(p);
data/elog-3.1.3-1/src/elogd.c:11664:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen(p) + 1;
data/elog-3.1.3-1/src/elogd.c:11715:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(fh, buffer, length);
data/elog-3.1.3-1/src/elogd.c:11898:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(att[index]) < 14 || att[index][6] != '_' || att[index][13] != '_') {
data/elog-3.1.3-1/src/elogd.c:11957:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < (int) strlen(cmd); i++)
data/elog-3.1.3-1/src/elogd.c:12636:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(fh, *buffer, length);
data/elog-3.1.3-1/src/elogd.c:12661:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p = *buffer + strlen(*buffer) - 1;
data/elog-3.1.3-1/src/elogd.c:12802:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(p, p + 1, strlen(p + 1) + 1);
data/elog-3.1.3-1/src/elogd.c:12818:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(p, p + 1, strlen(p + 1) + 1); // strcpy() gives error under Ubuntu
data/elog-3.1.3-1/src/elogd.c:12836:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int) strlen(buffer) + 2 >= bufsize) {
data/elog-3.1.3-1/src/elogd.c:12871:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = xmalloc(length + strlen(buffer) + 10);
data/elog-3.1.3-1/src/elogd.c:12872:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(fh, buf, length);
data/elog-3.1.3-1/src/elogd.c:12891:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlcat(p1, buf2, length + strlen(buffer) + 1);
data/elog-3.1.3-1/src/elogd.c:12895:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
adjust_crlf(buf, length + strlen(buffer) + 10);
data/elog-3.1.3-1/src/elogd.c:12898:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = write(fh, buf, strlen(buf));
data/elog-3.1.3-1/src/elogd.c:12899:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (i < (int) strlen(buf)) {
data/elog-3.1.3-1/src/elogd.c:12939:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bufsize = 2 * (length + strlen(new_value) + 10);
data/elog-3.1.3-1/src/elogd.c:12941:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(fh, buf, length);
data/elog-3.1.3-1/src/elogd.c:12998:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p2 += strlen(p2);
data/elog-3.1.3-1/src/elogd.c:13003:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlcat(p2, buf2, length + strlen(new_value) + 10);
data/elog-3.1.3-1/src/elogd.c:13010:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = write(fh, buf, strlen(buf));
data/elog-3.1.3-1/src/elogd.c:13011:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (i < (int) strlen(buf)) {
data/elog-3.1.3-1/src/elogd.c:13056:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(fh, buf, length);
data/elog-3.1.3-1/src/elogd.c:13064:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(p2)+1;
data/elog-3.1.3-1/src/elogd.c:13070:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = write(fh, buf, strlen(buf));
data/elog-3.1.3-1/src/elogd.c:13071:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (i < (int) strlen(buf)) {
data/elog-3.1.3-1/src/elogd.c:13112:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (lb_dir[strlen(lb_dir) - 1] != DIR_SEPARATOR)
data/elog-3.1.3-1/src/elogd.c:13126:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
bufsize = 2 * (length + strlen(new_name) + 10);
data/elog-3.1.3-1/src/elogd.c:13128:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(fh, buf, length);
data/elog-3.1.3-1/src/elogd.c:13148:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlcat(p1, buf2, length + strlen(new_name) + 1);
data/elog-3.1.3-1/src/elogd.c:13154:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = write(fh, buf, strlen(buf));
data/elog-3.1.3-1/src/elogd.c:13155:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (i < (int) strlen(buf)) {
data/elog-3.1.3-1/src/elogd.c:13201:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(fh, buf, length);
data/elog-3.1.3-1/src/elogd.c:13222:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
templ_length = strlen(p1);
data/elog-3.1.3-1/src/elogd.c:13226:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p2 = buf + strlen(buf) - 1;
data/elog-3.1.3-1/src/elogd.c:13239:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p2 = buf + strlen(buf);
data/elog-3.1.3-1/src/elogd.c:13240:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(p2, p1, templ_length);
data/elog-3.1.3-1/src/elogd.c:13247:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = write(fh, buf, strlen(buf));
data/elog-3.1.3-1/src/elogd.c:13248:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (i < (int) strlen(buf)) {
data/elog-3.1.3-1/src/elogd.c:13287:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = (char *) xmalloc(strlen(buffer) * 2);
data/elog-3.1.3-1/src/elogd.c:13288:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlcpy(buf, buffer, strlen(buffer) * 2);
data/elog-3.1.3-1/src/elogd.c:13289:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
adjust_crlf(buf, strlen(buffer) * 2);
data/elog-3.1.3-1/src/elogd.c:13291:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = write(fh, buf, strlen(buf));
data/elog-3.1.3-1/src/elogd.c:13292:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (i < (int) strlen(buf)) {
data/elog-3.1.3-1/src/elogd.c:13524:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (url[strlen(url) - 1] != '/')
data/elog-3.1.3-1/src/elogd.c:13551:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mail_text + strlen(mail_text), "\r\n%s:\r\n\r\n",
data/elog-3.1.3-1/src/elogd.c:13555:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mail_text + strlen(mail_text), "%s : %s\r\n", loc("Logbook"), lbs->name);
data/elog-3.1.3-1/src/elogd.c:13557:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mail_text + strlen(mail_text), "%s : %s\r\n", loc("Host"), host_name);
data/elog-3.1.3-1/src/elogd.c:13560:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mail_text + strlen(mail_text), "%s : %s\r\n", loc("Login name"),
data/elog-3.1.3-1/src/elogd.c:13563:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mail_text + strlen(mail_text), "%s : %s\r\n", loc("Full name"),
data/elog-3.1.3-1/src/elogd.c:13566:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mail_text + strlen(mail_text), "%s : %s\r\n", loc("Email"),
data/elog-3.1.3-1/src/elogd.c:13569:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mail_text + strlen(mail_text), "\r\n%s:\r\n", loc("Activation URL"));
data/elog-3.1.3-1/src/elogd.c:13571:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mail_text + strlen(mail_text), "\r\nURL : %s", url);
data/elog-3.1.3-1/src/elogd.c:13574:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mail_text + strlen(mail_text), "?cmd=%s", loc("Activate"));
data/elog-3.1.3-1/src/elogd.c:13576:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mail_text + strlen(mail_text), "&code=%d&unm=%s\r\n", code, getparam("new_user_name"));
data/elog-3.1.3-1/src/elogd.c:13630:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mail_text + strlen(mail_text), "\r\n%s:\r\n\r\n", str);
data/elog-3.1.3-1/src/elogd.c:13633:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mail_text + strlen(mail_text), "%s : %s\r\n", loc("Logbook"),
data/elog-3.1.3-1/src/elogd.c:13636:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mail_text + strlen(mail_text), "%s : %s\r\n", loc("Host"),
data/elog-3.1.3-1/src/elogd.c:13640:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mail_text + strlen(mail_text), "%s : %s\r\n", loc("Login name"),
data/elog-3.1.3-1/src/elogd.c:13643:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mail_text + strlen(mail_text), "%s : %s\r\n", loc("Full name"),
data/elog-3.1.3-1/src/elogd.c:13646:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mail_text + strlen(mail_text), "%s : %s\r\n", loc("Email"),
data/elog-3.1.3-1/src/elogd.c:13650:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mail_text + strlen(mail_text), "\r\n%s:\r\n",
data/elog-3.1.3-1/src/elogd.c:13653:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mail_text + strlen(mail_text), "\r\nURL : %s", url);
data/elog-3.1.3-1/src/elogd.c:13656:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mail_text + strlen(mail_text), "?cmd=%s&new_user_name=%s",
data/elog-3.1.3-1/src/elogd.c:13659:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mail_text + strlen(mail_text), "&code=%d&unm=%s\r\n", code, pl);
data/elog-3.1.3-1/src/elogd.c:13662:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mail_text + strlen(mail_text),
data/elog-3.1.3-1/src/elogd.c:13704:13: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(str, ".");
data/elog-3.1.3-1/src/elogd.c:13706:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(str + strlen(str), "?cmd=%s&cfg_user=", loc("Config"));
data/elog-3.1.3-1/src/elogd.c:13709:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(str + strlen(str), "?cmd=%s&cfg_user=", loc("Config"));
data/elog-3.1.3-1/src/elogd.c:13712:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(str + strlen(str), "?cmd=%s", loc("Config"));
data/elog-3.1.3-1/src/elogd.c:14108:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (url[strlen(url) - 1] != '/')
data/elog-3.1.3-1/src/elogd.c:14124:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mail_text + strlen(mail_text), " %s", http_host);
data/elog-3.1.3-1/src/elogd.c:14125:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mail_text + strlen(mail_text), ".\r\n\r\n");
data/elog-3.1.3-1/src/elogd.c:14126:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(url + strlen(url), "?unm=%s", user_name);
data/elog-3.1.3-1/src/elogd.c:14127:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mail_text + strlen(mail_text), "%s %s.\r\n\r\n", loc("You can access it at"), url);
data/elog-3.1.3-1/src/elogd.c:14128:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mail_text + strlen(mail_text), "%s.\r\n",
data/elog-3.1.3-1/src/elogd.c:14201:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (url[strlen(url) - 1] != '/')
data/elog-3.1.3-1/src/elogd.c:14229:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mail_text + strlen(mail_text),
data/elog-3.1.3-1/src/elogd.c:14237:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mail_text + strlen(mail_text), "ELOG Version %s\r\n", VERSION);
data/elog-3.1.3-1/src/elogd.c:14739:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(buffer);
data/elog-3.1.3-1/src/elogd.c:14756:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(buffer);
data/elog-3.1.3-1/src/elogd.c:14793:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(message);
data/elog-3.1.3-1/src/elogd.c:14804:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (size + 1 >= return_buffer_size - (int) strlen(return_buffer)) {
data/elog-3.1.3-1/src/elogd.c:14805:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
delta = size - (return_buffer_size - strlen(return_buffer)) + 1000;
data/elog-3.1.3-1/src/elogd.c:14812:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return_length = strlen(return_buffer) + size;
data/elog-3.1.3-1/src/elogd.c:14833:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(buffer);
data/elog-3.1.3-1/src/elogd.c:14840:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (size + 1 >= return_buffer_size - (int) strlen(return_buffer)) {
data/elog-3.1.3-1/src/elogd.c:14841:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
delta = size - (return_buffer_size - strlen(return_buffer)) + 1000;
data/elog-3.1.3-1/src/elogd.c:14848:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return_length = strlen(return_buffer) + size;
data/elog-3.1.3-1/src/elogd.c:15047:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(sep, ",");
data/elog-3.1.3-1/src/elogd.c:15051:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(sep, ",");
data/elog-3.1.3-1/src/elogd.c:15642:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MD5_checksum(buffer, strlen(buffer), digest);
data/elog-3.1.3-1/src/elogd.c:15680:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (result[strlen(result) - 1] != '/')
data/elog-3.1.3-1/src/elogd.c:15724:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(str, p + 10, 5);
data/elog-3.1.3-1/src/elogd.c:15914:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(content + strlen(content),
data/elog-3.1.3-1/src/elogd.c:15918:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(content + strlen(content), "%s\r\nContent-Disposition: form-data; name=\"unm\"\r\n\r\n%s\r\n",
data/elog-3.1.3-1/src/elogd.c:15925:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(content + strlen(content), "%s\r\nContent-Disposition: form-data; name=\"upwd\"\r\n\r\n%s\r\n",
data/elog-3.1.3-1/src/elogd.c:15930:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(content + strlen(content),
data/elog-3.1.3-1/src/elogd.c:15935:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(content + strlen(content),
data/elog-3.1.3-1/src/elogd.c:15939:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(content + strlen(content), "%s\r\nContent-Disposition: form-data; name=\"%s\"\r\n\r\n%s\r\n",
data/elog-3.1.3-1/src/elogd.c:15942:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(content + strlen(content),
data/elog-3.1.3-1/src/elogd.c:15945:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(content + strlen(content),
data/elog-3.1.3-1/src/elogd.c:15948:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(content + strlen(content),
data/elog-3.1.3-1/src/elogd.c:15952:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
content_length = strlen(content);
data/elog-3.1.3-1/src/elogd.c:15969:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(fh, buffer, size);
data/elog-3.1.3-1/src/elogd.c:15976:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
content_length += strlen(p);
data/elog-3.1.3-1/src/elogd.c:15977:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen(p);
data/elog-3.1.3-1/src/elogd.c:15984:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
content_length += size + strlen(p);
data/elog-3.1.3-1/src/elogd.c:15985:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen(p);
data/elog-3.1.3-1/src/elogd.c:15995:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(request, "/");
data/elog-3.1.3-1/src/elogd.c:15997:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (request[strlen(request) - 1] != '/')
data/elog-3.1.3-1/src/elogd.c:15998:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(request, "/");
data/elog-3.1.3-1/src/elogd.c:16002:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(request + strlen(request), "Content-Type: multipart/form-data; boundary=%s\r\n", boundary);
data/elog-3.1.3-1/src/elogd.c:16003:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(request + strlen(request), "Host: %s\r\n", host_name);
data/elog-3.1.3-1/src/elogd.c:16004:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(request + strlen(request), "User-Agent: ELOGD\r\n");
data/elog-3.1.3-1/src/elogd.c:16005:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(request + strlen(request), "Content-Length: %d\r\n", content_length);
data/elog-3.1.3-1/src/elogd.c:16008:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(request + strlen(request), "Cookie: wpwd=%s\r\n", getparam("wpwd"));
data/elog-3.1.3-1/src/elogd.c:16012:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
header_length = strlen(request);
data/elog-3.1.3-1/src/elogd.c:16078:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(str, strstr(response, "Error: Attribute") + 20, sizeof(str));
data/elog-3.1.3-1/src/elogd.c:16108:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(str + strlen(str), "%d?cmd=%s", message_id, loc("Download"));
data/elog-3.1.3-1/src/elogd.c:16183:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (p[strlen(p) - 1] == '\n')
data/elog-3.1.3-1/src/elogd.c:16184:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p[strlen(p) - 1] = 0;
data/elog-3.1.3-1/src/elogd.c:16267:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(content + strlen(content), "%s\r\nContent-Disposition: form-data; name=\"unm\"\r\n\r\n%s\r\n",
data/elog-3.1.3-1/src/elogd.c:16274:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(content + strlen(content), "%s\r\nContent-Disposition: form-data; name=\"upwd\"\r\n\r\n%s\r\n",
data/elog-3.1.3-1/src/elogd.c:16278:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(content + strlen(content),
data/elog-3.1.3-1/src/elogd.c:16282:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
content_length = strlen(content);
data/elog-3.1.3-1/src/elogd.c:16288:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(request, "/");
data/elog-3.1.3-1/src/elogd.c:16290:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (request[strlen(request) - 1] != '/')
data/elog-3.1.3-1/src/elogd.c:16291:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(request, "/");
data/elog-3.1.3-1/src/elogd.c:16295:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(request + strlen(request), "Content-Type: multipart/form-data; boundary=%s\r\n", boundary);
data/elog-3.1.3-1/src/elogd.c:16296:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(request + strlen(request), "Host: %s\r\n", host_name);
data/elog-3.1.3-1/src/elogd.c:16297:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(request + strlen(request), "User-Agent: ELOGD\r\n");
data/elog-3.1.3-1/src/elogd.c:16298:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(request + strlen(request), "Content-Length: %d\r\n", content_length);
data/elog-3.1.3-1/src/elogd.c:16301:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(request + strlen(request), "Cookie: wpwd=%s\r\n", getparam("wpwd"));
data/elog-3.1.3-1/src/elogd.c:16305:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
header_length = strlen(request);
data/elog-3.1.3-1/src/elogd.c:16357:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(str, strstr(response, "Error: Attribute") + 20, sizeof(str));
data/elog-3.1.3-1/src/elogd.c:16431:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (pwd[strlen(pwd) - 1] == '\n' || pwd[strlen(pwd) - 1] == '\r')
data/elog-3.1.3-1/src/elogd.c:16431:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (pwd[strlen(pwd) - 1] == '\n' || pwd[strlen(pwd) - 1] == '\r')
data/elog-3.1.3-1/src/elogd.c:16432:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pwd[strlen(pwd) - 1] = 0;
data/elog-3.1.3-1/src/elogd.c:16487:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(fh, buf, length);
data/elog-3.1.3-1/src/elogd.c:16538:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = write(fh, buf, strlen(buf));
data/elog-3.1.3-1/src/elogd.c:16539:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (i < (int) strlen(buf)) {
data/elog-3.1.3-1/src/elogd.c:16634:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (str[strlen(str) - 1] == '\r' || str[strlen(str) - 1] == '\n')
data/elog-3.1.3-1/src/elogd.c:16634:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (str[strlen(str) - 1] == '\r' || str[strlen(str) - 1] == '\n')
data/elog-3.1.3-1/src/elogd.c:16635:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str[strlen(str) - 1] = 0;
data/elog-3.1.3-1/src/elogd.c:16641:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (str[strlen(str) - 1] == '\r' || str[strlen(str) - 1] == '\n')
data/elog-3.1.3-1/src/elogd.c:16641:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (str[strlen(str) - 1] == '\r' || str[strlen(str) - 1] == '\n')
data/elog-3.1.3-1/src/elogd.c:16642:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str[strlen(str) - 1] = 0;
data/elog-3.1.3-1/src/elogd.c:16659:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = (char *) xmalloc(2 * strlen(p));
data/elog-3.1.3-1/src/elogd.c:16660:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlcpy(buf, p, 2 * strlen(p));
data/elog-3.1.3-1/src/elogd.c:16661:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
adjust_crlf(buf, 2 * strlen(p));
data/elog-3.1.3-1/src/elogd.c:16663:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = write(fh, buf, strlen(buf));
data/elog-3.1.3-1/src/elogd.c:16664:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (i < (int) strlen(buf)) {
data/elog-3.1.3-1/src/elogd.c:16699:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < (int) strlen(str); i++)
data/elog-3.1.3-1/src/elogd.c:16703:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (str[strlen(str) - 1] == '_')
data/elog-3.1.3-1/src/elogd.c:16704:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str[strlen(str) - 1] = 0;
data/elog-3.1.3-1/src/elogd.c:16744:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < (int) strlen(str); i++)
data/elog-3.1.3-1/src/elogd.c:16748:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (str[strlen(str) - 1] == '_')
data/elog-3.1.3-1/src/elogd.c:16749:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str[strlen(str) - 1] = 0;
data/elog-3.1.3-1/src/elogd.c:16856:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (list[index][strlen(list[index]) - 1] != '/')
data/elog-3.1.3-1/src/elogd.c:16879:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (str[strlen(str) - 1] == '\r' || str[strlen(str) - 1] == '\n')
data/elog-3.1.3-1/src/elogd.c:16879:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (str[strlen(str) - 1] == '\r' || str[strlen(str) - 1] == '\n')
data/elog-3.1.3-1/src/elogd.c:16880:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str[strlen(str) - 1] = 0;
data/elog-3.1.3-1/src/elogd.c:16886:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (str[strlen(str) - 1] == '\r' || str[strlen(str) - 1] == '\n')
data/elog-3.1.3-1/src/elogd.c:16886:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (str[strlen(str) - 1] == '\r' || str[strlen(str) - 1] == '\n')
data/elog-3.1.3-1/src/elogd.c:16887:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str[strlen(str) - 1] = 0;
data/elog-3.1.3-1/src/elogd.c:16925:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
MD5_checksum(buffer, strlen(buffer), digest);
data/elog-3.1.3-1/src/elogd.c:16997:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(str, ".");
data/elog-3.1.3-1/src/elogd.c:17177:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(str + strlen(str), loc("Please delete %s or %s entry to resolve conflict"),
data/elog-3.1.3-1/src/elogd.c:17179:19: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(str, ".");
data/elog-3.1.3-1/src/elogd.c:17369:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(str + strlen(str), loc("Changed local entry ID to %d"), max_id + 1);
data/elog-3.1.3-1/src/elogd.c:17376:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(str + strlen(str), loc("Local entry ID should be changed to %d"), max_id + 1);
data/elog-3.1.3-1/src/elogd.c:17679:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(ref + strlen(ref), "../%s/%d", lbs->name_enc, message_id);
data/elog-3.1.3-1/src/elogd.c:18003:25: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str, "-");
data/elog-3.1.3-1/src/elogd.c:18026:25: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str, "-");
data/elog-3.1.3-1/src/elogd.c:18077:25: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str, "-");
data/elog-3.1.3-1/src/elogd.c:18099:25: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str, "-");
data/elog-3.1.3-1/src/elogd.c:18397:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(str + strlen(str), "-%d.png", i);
data/elog-3.1.3-1/src/elogd.c:18403:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(str + strlen(str), "-%d.png", i);
data/elog-3.1.3-1/src/elogd.c:18617:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (*(p + strlen(param)) != '=') {
data/elog-3.1.3-1/src/elogd.c:18618:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen(param);
data/elog-3.1.3-1/src/elogd.c:18624:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen(param);
data/elog-3.1.3-1/src/elogd.c:18657:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (p2 = p1 + strlen(param_enc) + 1; *p2 && *p2 != '&'; p2++);
data/elog-3.1.3-1/src/elogd.c:18678:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p1 += strlen(param_enc) + 1;
data/elog-3.1.3-1/src/elogd.c:18681:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (len > (int) strlen(value)) {
data/elog-3.1.3-1/src/elogd.c:18684:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlcpy(str2 + strlen(value), p2, size - (p1 + strlen(value) - str));
data/elog-3.1.3-1/src/elogd.c:18684:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlcpy(str2 + strlen(value), p2, size - (p1 + strlen(value) - str));
data/elog-3.1.3-1/src/elogd.c:18691:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlcat(str2, s, size - (p1 + strlen(value) - str));
data/elog-3.1.3-1/src/elogd.c:18968:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(ref) > 0 && ref[strlen(ref) - 1] == '?')
data/elog-3.1.3-1/src/elogd.c:18968:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(ref) > 0 && ref[strlen(ref) - 1] == '?')
data/elog-3.1.3-1/src/elogd.c:18969:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ref[strlen(ref) - 1] = 0;
data/elog-3.1.3-1/src/elogd.c:19290:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i1 = i2 = 0; i1 <= (int) strlen(comment); i1++) {
data/elog-3.1.3-1/src/elogd.c:19792:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(url + strlen(url), ":%d", elog_tcp_port);
data/elog-3.1.3-1/src/elogd.c:19793:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(url, "/");
data/elog-3.1.3-1/src/elogd.c:19803:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(url + strlen(url), ":%d", elog_tcp_port);
data/elog-3.1.3-1/src/elogd.c:19804:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(url, "/");
data/elog-3.1.3-1/src/elogd.c:19808:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (url[strlen(url) - 1] != '/')
data/elog-3.1.3-1/src/elogd.c:19809:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(url, "/");
data/elog-3.1.3-1/src/elogd.c:19898:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(str + strlen(str), "/%d", message_id);
data/elog-3.1.3-1/src/elogd.c:19956:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt1 += strlen(pt1);
data/elog-3.1.3-1/src/elogd.c:19969:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt1 += strlen(pt1);
data/elog-3.1.3-1/src/elogd.c:20046:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(pt1, pt2 + 2, strlen(pt2 + 2) + 1);
data/elog-3.1.3-1/src/elogd.c:20052:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt2 = pt1 + strlen(str);
data/elog-3.1.3-1/src/elogd.c:20057:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(pt1, pt2, strlen(pt2) + 1);
data/elog-3.1.3-1/src/elogd.c:20061:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (_cmdline[strlen(_cmdline) - 1] == '=') {
data/elog-3.1.3-1/src/elogd.c:20062:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt1 = _cmdline + strlen(_cmdline) - 1;
data/elog-3.1.3-1/src/elogd.c:20067:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (param[strlen(param) - 1] == '=')
data/elog-3.1.3-1/src/elogd.c:20068:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
param[strlen(param) - 1] = 0;
data/elog-3.1.3-1/src/elogd.c:20075:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pt2 = pt1 + strlen(str);
data/elog-3.1.3-1/src/elogd.c:20080:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(pt1, pt2, strlen(pt2) + 1);
data/elog-3.1.3-1/src/elogd.c:20084:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (_cmdline[strlen(_cmdline) - 1] == '&')
data/elog-3.1.3-1/src/elogd.c:20085:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
_cmdline[strlen(_cmdline) - 1] = 0;
data/elog-3.1.3-1/src/elogd.c:20602:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (str[0] == '^' && str[strlen(str) - 1] == '$') {
data/elog-3.1.3-1/src/elogd.c:20603:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str[strlen(str) - 1] = 0;
data/elog-3.1.3-1/src/elogd.c:20992:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(str + strlen(str), loc("Last %d days"), past_n);
data/elog-3.1.3-1/src/elogd.c:20994:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(str + strlen(str), loc("Last %d hours"), -past_n);
data/elog-3.1.3-1/src/elogd.c:20996:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(str + strlen(str), loc("Last %d entries"), last_n);
data/elog-3.1.3-1/src/elogd.c:20998:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlcpy(str + strlen(str), loc("all entries"), sizeof(str) - strlen(str));
data/elog-3.1.3-1/src/elogd.c:20998:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlcpy(str + strlen(str), loc("all entries"), sizeof(str) - strlen(str));
data/elog-3.1.3-1/src/elogd.c:21000:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(str + strlen(str), loc("Page %d of %d"), page_n, (n_msg - 1) / n_page + 1);
data/elog-3.1.3-1/src/elogd.c:21001:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(str) == 2)
data/elog-3.1.3-1/src/elogd.c:21020:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(str) > 1 && (str[strlen(str) - 1] == '&' || str[strlen(str) - 1] == '?'))
data/elog-3.1.3-1/src/elogd.c:21020:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(str) > 1 && (str[strlen(str) - 1] == '&' || str[strlen(str) - 1] == '?'))
data/elog-3.1.3-1/src/elogd.c:21020:72: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(str) > 1 && (str[strlen(str) - 1] == '&' || str[strlen(str) - 1] == '?'))
data/elog-3.1.3-1/src/elogd.c:21021:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str[strlen(str) - 1] = 0;
data/elog-3.1.3-1/src/elogd.c:21078:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(str) > 1 && (str[strlen(str) - 1] == '&' || str[strlen(str) - 1] == '?'))
data/elog-3.1.3-1/src/elogd.c:21078:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(str) > 1 && (str[strlen(str) - 1] == '&' || str[strlen(str) - 1] == '?'))
data/elog-3.1.3-1/src/elogd.c:21078:84: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(str) > 1 && (str[strlen(str) - 1] == '&' || str[strlen(str) - 1] == '?'))
data/elog-3.1.3-1/src/elogd.c:21079:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str[strlen(str) - 1] = 0;
data/elog-3.1.3-1/src/elogd.c:21292:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (str[0] == '^' && str[strlen(str) - 1] == '$') {
data/elog-3.1.3-1/src/elogd.c:21293:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str[strlen(str) - 1] = 0;
data/elog-3.1.3-1/src/elogd.c:21299:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strencode2(line + strlen(line), str, sizeof(line) - strlen(line));
data/elog-3.1.3-1/src/elogd.c:21299:77: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strencode2(line + strlen(line), str, sizeof(line) - strlen(line));
data/elog-3.1.3-1/src/elogd.c:21317:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (str[0] == '^' && str[strlen(str) - 1] == '$') {
data/elog-3.1.3-1/src/elogd.c:21318:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str[strlen(str) - 1] = 0;
data/elog-3.1.3-1/src/elogd.c:21323:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strencode2(line + strlen(line), str, sizeof(line) - strlen(line));
data/elog-3.1.3-1/src/elogd.c:21323:74: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strencode2(line + strlen(line), str, sizeof(line) - strlen(line));
data/elog-3.1.3-1/src/elogd.c:21350:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strencode2(line + strlen(line), getparam(attr_list[i]), sizeof(line) - strlen(line));
data/elog-3.1.3-1/src/elogd.c:21350:90: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strencode2(line + strlen(line), getparam(attr_list[i]), sizeof(line) - strlen(line));
data/elog-3.1.3-1/src/elogd.c:21371:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (str[0] == '^' && str[strlen(str) - 1] == '$') {
data/elog-3.1.3-1/src/elogd.c:21372:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str[strlen(str) - 1] = 0;
data/elog-3.1.3-1/src/elogd.c:21421:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (str[0] == '^' && str[strlen(str) - 1] == '$') {
data/elog-3.1.3-1/src/elogd.c:21422:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str[strlen(str) - 1] = 0;
data/elog-3.1.3-1/src/elogd.c:21640:22: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str, "-");
data/elog-3.1.3-1/src/elogd.c:21655:22: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str, "-");
data/elog-3.1.3-1/src/elogd.c:21678:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(text)>0 && strieq(mode, "CSV3")) {
data/elog-3.1.3-1/src/elogd.c:21717:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (j = 0; j < (int) strlen(iattr); j++)
data/elog-3.1.3-1/src/elogd.c:21735:19: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str, "-");
data/elog-3.1.3-1/src/elogd.c:21750:19: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str, "-");
data/elog-3.1.3-1/src/elogd.c:22005:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(mail_text + strlen(mail_text), size - strlen(mail_text) - 1, "\r\n--%s\r\n",
data/elog-3.1.3-1/src/elogd.c:22005:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(mail_text + strlen(mail_text), size - strlen(mail_text) - 1, "\r\n--%s\r\n",
data/elog-3.1.3-1/src/elogd.c:22009:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < (int) strlen(att_file[index]) && i < (int) sizeof(str) - 1; i++)
data/elog-3.1.3-1/src/elogd.c:22032:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(mail_text + strlen(mail_text), size - strlen(mail_text) - 1, "Content-ID: <att%d@%s>\r\n",
data/elog-3.1.3-1/src/elogd.c:22032:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(mail_text + strlen(mail_text), size - strlen(mail_text) - 1, "Content-ID: <att%d@%s>\r\n",
data/elog-3.1.3-1/src/elogd.c:22034:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(mail_text + strlen(mail_text), size - strlen(mail_text) - 1,
data/elog-3.1.3-1/src/elogd.c:22034:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(mail_text + strlen(mail_text), size - strlen(mail_text) - 1,
data/elog-3.1.3-1/src/elogd.c:22037:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(mail_text + strlen(mail_text), size - strlen(mail_text) - 1,
data/elog-3.1.3-1/src/elogd.c:22037:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(mail_text + strlen(mail_text), size - strlen(mail_text) - 1,
data/elog-3.1.3-1/src/elogd.c:22052:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(mail_text);
data/elog-3.1.3-1/src/elogd.c:22061:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (length + (int) strlen(str) + 2 < size) {
data/elog-3.1.3-1/src/elogd.c:22063:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length += strlen(str);
data/elog-3.1.3-1/src/elogd.c:22094:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mail_text + strlen(mail_text), "Content-Type: text/plain; charset=%s; format=flowed\r\n",
data/elog-3.1.3-1/src/elogd.c:22096:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mail_text + strlen(mail_text), "Content-Transfer-Encoding: 7bit\r\n\r\n");
data/elog-3.1.3-1/src/elogd.c:22116:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlcpy(mail_text + strlen(mail_text), heading, size - strlen(mail_text));
data/elog-3.1.3-1/src/elogd.c:22116:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlcpy(mail_text + strlen(mail_text), heading, size - strlen(mail_text));
data/elog-3.1.3-1/src/elogd.c:22120:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlcpy(mail_text + strlen(mail_text), loc("An old ELOG entry has been updated"),
data/elog-3.1.3-1/src/elogd.c:22121:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size - strlen(mail_text));
data/elog-3.1.3-1/src/elogd.c:22123:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlcpy(mail_text + strlen(mail_text), loc("A new ELOG entry has been submitted"),
data/elog-3.1.3-1/src/elogd.c:22124:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size - strlen(mail_text));
data/elog-3.1.3-1/src/elogd.c:22125:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(mail_text, ":");
data/elog-3.1.3-1/src/elogd.c:22128:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlcpy(mail_text + strlen(mail_text), "\r\n\r\n", size - strlen(mail_text));
data/elog-3.1.3-1/src/elogd.c:22128:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlcpy(mail_text + strlen(mail_text), "\r\n\r\n", size - strlen(mail_text));
data/elog-3.1.3-1/src/elogd.c:22132:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mail_text + strlen(mail_text), "%s : %s\r\n", loc("Logbook"), lbs->name);
data/elog-3.1.3-1/src/elogd.c:22157:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(str, attr_list[i], strlen(attr_list[i]));
data/elog-3.1.3-1/src/elogd.c:22176:16: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(comment, "-");
data/elog-3.1.3-1/src/elogd.c:22190:16: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(comment, "-");
data/elog-3.1.3-1/src/elogd.c:22201:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (k = strlen(str) - 1; k > 0; k--)
data/elog-3.1.3-1/src/elogd.c:22210:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(mail_text + strlen(mail_text), str);
data/elog-3.1.3-1/src/elogd.c:22215:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mail_text + strlen(mail_text), "\r\n%s URL : %s\r\n", loc("Logbook"), url);
data/elog-3.1.3-1/src/elogd.c:22219:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mail_text + strlen(mail_text), "\r\n%s %d : %s (%s/%d)\r\n", loc("Attachment"),
data/elog-3.1.3-1/src/elogd.c:22225:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mail_text + strlen(mail_text), "\r\n=================================\r\n\r\n%s",
data/elog-3.1.3-1/src/elogd.c:22259:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(mail_text + strlen(mail_text), size - strlen(mail_text) - 1,
data/elog-3.1.3-1/src/elogd.c:22259:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(mail_text + strlen(mail_text), size - strlen(mail_text) - 1,
data/elog-3.1.3-1/src/elogd.c:22267:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(mail_text + strlen(mail_text), size - strlen(mail_text) - 1,
data/elog-3.1.3-1/src/elogd.c:22267:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(mail_text + strlen(mail_text), size - strlen(mail_text) - 1,
data/elog-3.1.3-1/src/elogd.c:22269:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(mail_text + strlen(mail_text), size - strlen(mail_text) - 1,
data/elog-3.1.3-1/src/elogd.c:22269:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(mail_text + strlen(mail_text), size - strlen(mail_text) - 1,
data/elog-3.1.3-1/src/elogd.c:22278:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(mail_text + strlen(mail_text),
data/elog-3.1.3-1/src/elogd.c:22280:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(mail_text + strlen(mail_text), "<html>\r\n<head>\r\n <title></title>\r\n</head>\r\n<body>\r\n");
data/elog-3.1.3-1/src/elogd.c:22283:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(mail_text + strlen(mail_text), "<h3>\r\n");
data/elog-3.1.3-1/src/elogd.c:22293:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlcpy(mail_text + strlen(mail_text), heading, size - strlen(mail_text));
data/elog-3.1.3-1/src/elogd.c:22293:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlcpy(mail_text + strlen(mail_text), heading, size - strlen(mail_text));
data/elog-3.1.3-1/src/elogd.c:22297:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mail_text + strlen(mail_text), loc("A old entry has been updated on %s"), host_name);
data/elog-3.1.3-1/src/elogd.c:22299:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mail_text + strlen(mail_text), loc("A new entry has been submitted on %s"), host_name);
data/elog-3.1.3-1/src/elogd.c:22300:10: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(mail_text, ":");
data/elog-3.1.3-1/src/elogd.c:22303:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlcpy(mail_text + strlen(mail_text), "</h3>\r\n", size - strlen(mail_text));
data/elog-3.1.3-1/src/elogd.c:22303:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlcpy(mail_text + strlen(mail_text), "</h3>\r\n", size - strlen(mail_text));
data/elog-3.1.3-1/src/elogd.c:22306:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlcpy(mail_text + strlen(mail_text), "<table border=\"3\" cellpadding=\"4\">\r\n",
data/elog-3.1.3-1/src/elogd.c:22307:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size - strlen(mail_text));
data/elog-3.1.3-1/src/elogd.c:22310:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mail_text + strlen(mail_text), "<tr><td bgcolor=\"#CCCCFF\">%s</td>", loc("Logbook"));
data/elog-3.1.3-1/src/elogd.c:22311:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mail_text + strlen(mail_text), "<td bgcolor=\"#DDEEBB\">%s</td></tr>\r\n", lbs->name);
data/elog-3.1.3-1/src/elogd.c:22337:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(str, attr_list[i], strlen(attr_list[i]));
data/elog-3.1.3-1/src/elogd.c:22356:16: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(comment, "-");
data/elog-3.1.3-1/src/elogd.c:22370:16: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(comment, "-");
data/elog-3.1.3-1/src/elogd.c:22381:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (k = strlen(str) - 1; k > 0; k--)
data/elog-3.1.3-1/src/elogd.c:22385:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mail_text + strlen(mail_text), "<tr><td bgcolor=\"#CCCCFF\">%s</td>", attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:22386:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mail_text + strlen(mail_text), "<td bgcolor=\"#DDEEBB\">%s</td></tr>\r\n", comment);
data/elog-3.1.3-1/src/elogd.c:22391:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mail_text + strlen(mail_text),
data/elog-3.1.3-1/src/elogd.c:22393:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mail_text + strlen(mail_text), "<a href=\"%s\">%s</a></td></tr>\r\n", url, url);
data/elog-3.1.3-1/src/elogd.c:22398:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mail_text + strlen(mail_text),
data/elog-3.1.3-1/src/elogd.c:22400:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mail_text + strlen(mail_text), "<a href=\"%s/%d\">%s</a></td></tr>\r\n", url, i + 1,
data/elog-3.1.3-1/src/elogd.c:22405:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mail_text + strlen(mail_text), "</table>\r\n");
data/elog-3.1.3-1/src/elogd.c:22410:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mail_text + strlen(mail_text), "\r\n<HR>\r\n%s", getparam("text"));
data/elog-3.1.3-1/src/elogd.c:22412:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mail_text + strlen(mail_text), "\r\n<HR>\r\n");
data/elog-3.1.3-1/src/elogd.c:22415:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlcpy(mail_text + strlen(mail_text), return_buffer, TEXT_SIZE + 1000 - strlen(mail_text));
data/elog-3.1.3-1/src/elogd.c:22415:86: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlcpy(mail_text + strlen(mail_text), return_buffer, TEXT_SIZE + 1000 - strlen(mail_text));
data/elog-3.1.3-1/src/elogd.c:22418:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mail_text + strlen(mail_text), "\r\n=================================\r\n\r\n%s",
data/elog-3.1.3-1/src/elogd.c:22423:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy(mail_text + strlen(mail_text), "\r\n</html></body>\r\n\r\n");
data/elog-3.1.3-1/src/elogd.c:22456:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(mail_text + strlen(mail_text), size - strlen(mail_text) - 1,
data/elog-3.1.3-1/src/elogd.c:22456:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(mail_text + strlen(mail_text), size - strlen(mail_text) - 1,
data/elog-3.1.3-1/src/elogd.c:22464:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(mail_text + strlen(mail_text), size - strlen(mail_text) - 1,
data/elog-3.1.3-1/src/elogd.c:22464:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(mail_text + strlen(mail_text), size - strlen(mail_text) - 1,
data/elog-3.1.3-1/src/elogd.c:22466:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(mail_text + strlen(mail_text), size - strlen(mail_text) - 1,
data/elog-3.1.3-1/src/elogd.c:22466:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(mail_text + strlen(mail_text), size - strlen(mail_text) - 1,
data/elog-3.1.3-1/src/elogd.c:22476:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlcpy(mail_text + strlen(mail_text), p + 4, size - strlen(mail_text));
data/elog-3.1.3-1/src/elogd.c:22476:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlcpy(mail_text + strlen(mail_text), p + 4, size - strlen(mail_text));
data/elog-3.1.3-1/src/elogd.c:22614:13: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(mail_param, "?");
data/elog-3.1.3-1/src/elogd.c:22616:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(mail_param, "&");
data/elog-3.1.3-1/src/elogd.c:22634:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mail_param + strlen(mail_param), "mail%d=%s", i, str);
data/elog-3.1.3-1/src/elogd.c:22636:19: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(mail_param, "&");
data/elog-3.1.3-1/src/elogd.c:22640:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(mail_param + strlen(mail_param), "mail0=%s", str);
data/elog-3.1.3-1/src/elogd.c:22675:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlcpy(tail, p + strlen("$attachments"), sizeof(tail));
data/elog-3.1.3-1/src/elogd.c:22679:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (att_file[i][0] && strlen(shell_cmd) + strlen(lbs->data_dir) + strlen(subdir) + strlen(att_file[i])
data/elog-3.1.3-1/src/elogd.c:22679:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (att_file[i][0] && strlen(shell_cmd) + strlen(lbs->data_dir) + strlen(subdir) + strlen(att_file[i])
data/elog-3.1.3-1/src/elogd.c:22679:76: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (att_file[i][0] && strlen(shell_cmd) + strlen(lbs->data_dir) + strlen(subdir) + strlen(att_file[i])
data/elog-3.1.3-1/src/elogd.c:22679:93: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (att_file[i][0] && strlen(shell_cmd) + strlen(lbs->data_dir) + strlen(subdir) + strlen(att_file[i])
data/elog-3.1.3-1/src/elogd.c:22681:13: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(p, "\"");
data/elog-3.1.3-1/src/elogd.c:22688:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen(p);
data/elog-3.1.3-1/src/elogd.c:22724:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf = xmalloc(length + strlen(av_encoded) + 3);
data/elog-3.1.3-1/src/elogd.c:22725:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(fh, buf, length);
data/elog-3.1.3-1/src/elogd.c:22759:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p3 = p1 + strlen(p1);
data/elog-3.1.3-1/src/elogd.c:22765:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlcat(buf, buf2, length + strlen(av_encoded) + 3);
data/elog-3.1.3-1/src/elogd.c:22770:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = write(fh, buf, strlen(buf));
data/elog-3.1.3-1/src/elogd.c:22771:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (i < (int) strlen(buf)) {
data/elog-3.1.3-1/src/elogd.c:22810:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += strlen(attributes[i]) + 2;
data/elog-3.1.3-1/src/elogd.c:22816:4: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(fh, buf, length);
data/elog-3.1.3-1/src/elogd.c:22846:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p3 += strlen(p3);
data/elog-3.1.3-1/src/elogd.c:22856:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = write(fh, buf, strlen(buf));
data/elog-3.1.3-1/src/elogd.c:22857:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (i < (int) strlen(buf)) {
data/elog-3.1.3-1/src/elogd.c:23052:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(error + strlen(error), loc("Error: Attribute <b>%s</b> not supplied"), attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:23053:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(error + strlen(error), ".</i><p>\n");
data/elog-3.1.3-1/src/elogd.c:23054:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(error + strlen(error), loc("Please go back and enter the <b>%s</b> field"), attr_list[i]);
data/elog-3.1.3-1/src/elogd.c:23069:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (j = 0; i < (int) strlen(str); i++)
data/elog-3.1.3-1/src/elogd.c:23074:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (i < (int) strlen(str) && strcmp(str, "<keep>") != 0 && strcmp(str, str2) != 0) {
data/elog-3.1.3-1/src/elogd.c:23181:10: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(attrib[i], "0");
data/elog-3.1.3-1/src/elogd.c:23197:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(attrib[i]) + strlen(getparam(str)) < NAME_LENGTH - 2)
data/elog-3.1.3-1/src/elogd.c:23197:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(attrib[i]) + strlen(getparam(str)) < NAME_LENGTH - 2)
data/elog-3.1.3-1/src/elogd.c:23226:19: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(attrib[i], "");
data/elog-3.1.3-1/src/elogd.c:23276:19: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(attrib[i], "");
data/elog-3.1.3-1/src/elogd.c:23355:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(str2) > NAME_LENGTH - 100) {
data/elog-3.1.3-1/src/elogd.c:23528:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen(str2);
data/elog-3.1.3-1/src/elogd.c:23563:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(str + strlen(str), "\"%s\"", attr_list[index]);
data/elog-3.1.3-1/src/elogd.c:23566:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(str, " ");
data/elog-3.1.3-1/src/elogd.c:23602:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(p, p + 7, strlen(p + 7) + 1);
data/elog-3.1.3-1/src/elogd.c:23604:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int) strlen(mail_to) + (int) strlen(&mail_list[i * NAME_LENGTH]) + 10 >= mail_to_size) {
data/elog-3.1.3-1/src/elogd.c:23604:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int) strlen(mail_to) + (int) strlen(&mail_list[i * NAME_LENGTH]) + 10 >= mail_to_size) {
data/elog-3.1.3-1/src/elogd.c:23609:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(mail_to, ",");
data/elog-3.1.3-1/src/elogd.c:23611:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int) strlen(rcpt_to) + (int) strlen(&mail_list[i * NAME_LENGTH]) + 10 >= rcpt_to_size) {
data/elog-3.1.3-1/src/elogd.c:23611:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int) strlen(rcpt_to) + (int) strlen(&mail_list[i * NAME_LENGTH]) + 10 >= rcpt_to_size) {
data/elog-3.1.3-1/src/elogd.c:23616:16: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(rcpt_to, ",");
data/elog-3.1.3-1/src/elogd.c:23639:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int) strlen(mail_to) + (int) strlen(str) + 1 >= mail_to_size) {
data/elog-3.1.3-1/src/elogd.c:23639:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int) strlen(mail_to) + (int) strlen(str) + 1 >= mail_to_size) {
data/elog-3.1.3-1/src/elogd.c:23646:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int) strlen(rcpt_to) + (int) strlen(str) + 1 >= rcpt_to_size) {
data/elog-3.1.3-1/src/elogd.c:23646:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int) strlen(rcpt_to) + (int) strlen(str) + 1 >= rcpt_to_size) {
data/elog-3.1.3-1/src/elogd.c:23656:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(mail_to) > 0) {
data/elog-3.1.3-1/src/elogd.c:23680:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int) strlen(rcpt_to) + (int) strlen(&rcpt_list[i * NAME_LENGTH]) + 5 >= rcpt_to_size) {
data/elog-3.1.3-1/src/elogd.c:23680:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int) strlen(rcpt_to) + (int) strlen(&rcpt_list[i * NAME_LENGTH]) + 5 >= rcpt_to_size) {
data/elog-3.1.3-1/src/elogd.c:23686:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int) strlen(mail_to) + (int) strlen(&mail_list[i * NAME_LENGTH]) + 5 >= mail_to_size) {
data/elog-3.1.3-1/src/elogd.c:23686:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int) strlen(mail_to) + (int) strlen(&mail_list[i * NAME_LENGTH]) + 5 >= mail_to_size) {
data/elog-3.1.3-1/src/elogd.c:23693:13: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(rcpt_to, ",");
data/elog-3.1.3-1/src/elogd.c:23924:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(fh, buffer, size);
data/elog-3.1.3-1/src/elogd.c:23952:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(fh, buffer, size);
data/elog-3.1.3-1/src/elogd.c:23977:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(fh, buffer, size);
data/elog-3.1.3-1/src/elogd.c:24120:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(str, p, 5);
data/elog-3.1.3-1/src/elogd.c:24180:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < (int) strlen(cmd); i++)
data/elog-3.1.3-1/src/elogd.c:24215:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(str + strlen(str), sizeof(str) - strlen(str) - 1, "-%d.png", index);
data/elog-3.1.3-1/src/elogd.c:24215:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(str + strlen(str), sizeof(str) - strlen(str) - 1, "-%d.png", index);
data/elog-3.1.3-1/src/elogd.c:24234:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(str + strlen(str), "-%d.png", index);
data/elog-3.1.3-1/src/elogd.c:24276:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < (int) strlen(cmd); i++)
data/elog-3.1.3-1/src/elogd.c:24335:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < (int) strlen(cmd); i++)
data/elog-3.1.3-1/src/elogd.c:24490:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(str + strlen(str), "?%s=1", lattr);
data/elog-3.1.3-1/src/elogd.c:24492:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(str + strlen(str), "&%s=1", lattr);
data/elog-3.1.3-1/src/elogd.c:24591:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (file_name[0] && file_name[strlen(file_name) - 1] != DIR_SEPARATOR)
data/elog-3.1.3-1/src/elogd.c:24831:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(str + strlen(str), "%d", message_id);
data/elog-3.1.3-1/src/elogd.c:24858:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(ref + strlen(ref), "%s", orig_tag);
data/elog-3.1.3-1/src/elogd.c:24871:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(ref + strlen(ref), "%s", p);
data/elog-3.1.3-1/src/elogd.c:25030:16: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str, "-");
data/elog-3.1.3-1/src/elogd.c:25047:16: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str, "-");
data/elog-3.1.3-1/src/elogd.c:25173:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (attachment[index][0] && strlen(attachment[index]) > 14 && !att_inline[index]) {
data/elog-3.1.3-1/src/elogd.c:25174:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < (int) strlen(attachment[index]); i++)
data/elog-3.1.3-1/src/elogd.c:25333:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(str + strlen(str), "-%d.png", i);
data/elog-3.1.3-1/src/elogd.c:25339:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(str + strlen(str), "-%d.png", i);
data/elog-3.1.3-1/src/elogd.c:25651:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(fh, line, sizeof(line));
data/elog-3.1.3-1/src/elogd.c:25933:13: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str, "0");
data/elog-3.1.3-1/src/elogd.c:26583:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(str + strlen(str), " %s $author", loc("by"));
data/elog-3.1.3-1/src/elogd.c:26824:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(str, ".");
data/elog-3.1.3-1/src/elogd.c:26890:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(index, "1");
data/elog-3.1.3-1/src/elogd.c:26964:13: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(str, "");
data/elog-3.1.3-1/src/elogd.c:27016:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(str + strlen(str), " %d MB", MAX_CONTENT_LENGTH / 1024 / 1024);
data/elog-3.1.3-1/src/elogd.c:27018:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(str + strlen(str), " %d kB", MAX_CONTENT_LENGTH / 1024);
data/elog-3.1.3-1/src/elogd.c:27730:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(str + strlen(str), "?mode=");
data/elog-3.1.3-1/src/elogd.c:27798:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(pfile) > 13 && pfile[6] == '_' && pfile[13] == '_') || (strlen(pfile) > 13 && pfile[6] == '_'
data/elog-3.1.3-1/src/elogd.c:27798:72: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(pfile) > 13 && pfile[6] == '_' && pfile[13] == '_') || (strlen(pfile) > 13 && pfile[6] == '_'
data/elog-3.1.3-1/src/elogd.c:27803:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(pfile) > 13 && pfile[6] == '_' && pfile[13] == '_') || (strlen(pfile) > 13 && pfile[6]
data/elog-3.1.3-1/src/elogd.c:27803:75: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(pfile) > 13 && pfile[6] == '_' && pfile[13] == '_') || (strlen(pfile) > 13 && pfile[6]
data/elog-3.1.3-1/src/elogd.c:27815:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (file_name[0] && file_name[strlen(file_name)
data/elog-3.1.3-1/src/elogd.c:27938:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < (int) strlen(str); i++)
data/elog-3.1.3-1/src/elogd.c:27961:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < (int) strlen(str); i++)
data/elog-3.1.3-1/src/elogd.c:28218:10: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
sprintf(str, ".");
data/elog-3.1.3-1/src/elogd.c:28220:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(str + strlen(str), "?cmd=%s&cfg_user=", loc("Config"));
data/elog-3.1.3-1/src/elogd.c:28223:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(str + strlen(str), "?cmd=%s&cfg_user=", loc("Config"));
data/elog-3.1.3-1/src/elogd.c:28226:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(str + strlen(str), "?cmd=%s", loc("Config"));
data/elog-3.1.3-1/src/elogd.c:28390:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (p[strlen(p) - 1] == '/')
data/elog-3.1.3-1/src/elogd.c:28391:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p[strlen(p) - 1] = 0;
data/elog-3.1.3-1/src/elogd.c:28428:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
string = strstr(string, boundary) + strlen(boundary);
data/elog-3.1.3-1/src/elogd.c:28486:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pctmp += strlen(pctmp);
data/elog-3.1.3-1/src/elogd.c:28502:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
string = strstr(p, boundary) + strlen(boundary);
data/elog-3.1.3-1/src/elogd.c:28504:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
string = strstr(string, boundary) + strlen(boundary);
data/elog-3.1.3-1/src/elogd.c:28554:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pctmp += strlen(pctmp);
data/elog-3.1.3-1/src/elogd.c:28609:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
string = strstr(p, boundary) + strlen(boundary);
data/elog-3.1.3-1/src/elogd.c:28611:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
string = strstr(string, boundary) + strlen(boundary);
data/elog-3.1.3-1/src/elogd.c:28620:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
string = strstr(p, boundary) + strlen(boundary);
data/elog-3.1.3-1/src/elogd.c:28632:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptmp = _mtext + (strlen(_mtext) - 1);
data/elog-3.1.3-1/src/elogd.c:28641:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptmp = str + (strlen(str) - 1);
data/elog-3.1.3-1/src/elogd.c:28654:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
string = p + strlen(p);
data/elog-3.1.3-1/src/elogd.c:28704:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strsize = strlen(request)+1001;
data/elog-3.1.3-1/src/elogd.c:28735:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < (int) strlen(str); i++)
data/elog-3.1.3-1/src/elogd.c:28777:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (p = referer + strlen(referer) - 1; p > referer && *p != '/'; p--)
data/elog-3.1.3-1/src/elogd.c:28948:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = strlen(url); *p && *p != ' ' && i < (int) sizeof(url); i++)
data/elog-3.1.3-1/src/elogd.c:29089:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(rem_host) > strlen(host_list[i]) && strieq(host_list[i], rem_host + strlen(rem_host)
data/elog-3.1.3-1/src/elogd.c:29089:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(rem_host) > strlen(host_list[i]) && strieq(host_list[i], rem_host + strlen(rem_host)
data/elog-3.1.3-1/src/elogd.c:29089:92: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(rem_host) > strlen(host_list[i]) && strieq(host_list[i], rem_host + strlen(rem_host)
data/elog-3.1.3-1/src/elogd.c:29090:69: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
- strlen(host_list[i]))) {
data/elog-3.1.3-1/src/elogd.c:29098:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (host_list[i][strlen(host_list[i]) - 1] == '.') {
data/elog-3.1.3-1/src/elogd.c:29100:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(str) > strlen(host_list[i]))
data/elog-3.1.3-1/src/elogd.c:29100:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(str) > strlen(host_list[i]))
data/elog-3.1.3-1/src/elogd.c:29101:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str[strlen(host_list[i])] = 0;
data/elog-3.1.3-1/src/elogd.c:29129:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(rem_host) > strlen(host_list[i]) && strieq(host_list[i], rem_host + strlen(rem_host)
data/elog-3.1.3-1/src/elogd.c:29129:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(rem_host) > strlen(host_list[i]) && strieq(host_list[i], rem_host + strlen(rem_host)
data/elog-3.1.3-1/src/elogd.c:29129:92: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(rem_host) > strlen(host_list[i]) && strieq(host_list[i], rem_host + strlen(rem_host)
data/elog-3.1.3-1/src/elogd.c:29130:69: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
- strlen(host_list[i]))) {
data/elog-3.1.3-1/src/elogd.c:29138:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (host_list[i][strlen(host_list[i]) - 1] == '.') {
data/elog-3.1.3-1/src/elogd.c:29140:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(str) > strlen(host_list[i]))
data/elog-3.1.3-1/src/elogd.c:29140:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(str) > strlen(host_list[i]))
data/elog-3.1.3-1/src/elogd.c:29141:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
str[strlen(host_list[i])] = 0;
data/elog-3.1.3-1/src/elogd.c:29281:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send_with_timeout(ssl_con, _sock, header_buffer, strlen(header_buffer));
data/elog-3.1.3-1/src/elogd.c:29319:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send_with_timeout(ssl_con, _sock, header_buffer, strlen(header_buffer));
data/elog-3.1.3-1/src/elogd.c:29398:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(cron[i], "*");
data/elog-3.1.3-1/src/elogd.c:29690:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(pidfile + strlen(pidfile), ".%d", elog_tcp_port);
data/elog-3.1.3-1/src/elogd.c:29708:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (write(fd, buf, strlen(buf)) == -1) {
data/elog-3.1.3-1/src/elogd.c:30165:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(net_buffer) > 0 && get_verbose() >= VERBOSE_INFO) {
data/elog-3.1.3-1/src/elogd.c:30202:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(net_buffer, pend, strlen(pend) + 1);
data/elog-3.1.3-1/src/elogd.c:30458:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write(fh, str, strlen(str));
data/elog-3.1.3-1/src/elogd.c:30482:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(p, name, strlen(name)) == 0) {
data/elog-3.1.3-1/src/elogd.c:30487:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write(fh, str, strlen(str));
data/elog-3.1.3-1/src/elogd.c:30494:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write(fh, p, strlen(p));
data/elog-3.1.3-1/src/elogd.c:30512:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write(fh, str, strlen(str));
data/elog-3.1.3-1/src/elogd.c:30515:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write(fh, p, strlen(p));
data/elog-3.1.3-1/src/elogd.c:30523:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write(fh, cfgbuffer, strlen(cfgbuffer));
data/elog-3.1.3-1/src/elogd.c:30525:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write(fh, str, strlen(str));
data/elog-3.1.3-1/src/elogd.c:30844:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (config_file[0] && config_file[strlen(config_file) - 1] != DIR_SEPARATOR)
data/elog-3.1.3-1/src/elogd.c:30969:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = strlen(str) - 1; i > 0; i--)
data/elog-3.1.3-1/src/elogd.c:31036:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = strlen(resource_dir) - 1; i > 0; i--) {
data/elog-3.1.3-1/src/elogd.c:31048:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = strlen(logbook_dir) - 1; i > 0; i--) {
data/elog-3.1.3-1/src/elogd.c:31061:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (logbook_dir[strlen(logbook_dir) - 1] == DIR_SEPARATOR)
data/elog-3.1.3-1/src/elogd.c:31062:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
logbook_dir[strlen(logbook_dir) - 1] = 0;
data/elog-3.1.3-1/src/elogd.c:31085:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (resource_dir[0] && resource_dir[strlen(resource_dir) - 1] != DIR_SEPARATOR)
data/elog-3.1.3-1/src/elogd.c:31087:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (logbook_dir[0] && logbook_dir[strlen(logbook_dir) - 1] != DIR_SEPARATOR)
data/elog-3.1.3-1/src/locext.c:63:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
i = read(fh, *buf, size);
data/elog-3.1.3-1/src/locext.c:131:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write(fho, line, strlen(line));
data/elog-3.1.3-1/src/locext.c:137:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write(fho, line, strlen(line));
data/elog-3.1.3-1/src/locext.c:152:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(line, p, sizeof(line));
data/elog-3.1.3-1/src/locext.c:159:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p += strlen(line);
data/elog-3.1.3-1/src/locext.c:169:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) <= 1)
data/elog-3.1.3-1/src/locext.c:172:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (line[strlen(line) - 1] == ' ')
data/elog-3.1.3-1/src/locext.c:173:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
line[strlen(line) - 1] = 0;
data/elog-3.1.3-1/src/locext.c:176:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < (int) strlen(line); i++)
data/elog-3.1.3-1/src/locext.c:201:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write(fho, bufout, strlen(bufout));
data/elog-3.1.3-1/src/mxml.c:175:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (int)strlen(line);
data/elog-3.1.3-1/src/mxml.c:363:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(p, p+3, strlen(p+3) + 1);
data/elog-3.1.3-1/src/mxml.c:367:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(p, p+3, strlen(p+3) + 1);
data/elog-3.1.3-1/src/mxml.c:371:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(p, p+4, strlen(p+4) + 1);
data/elog-3.1.3-1/src/mxml.c:375:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(p, p+5, strlen(p+5) + 1);
data/elog-3.1.3-1/src/mxml.c:379:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(p, p+5, strlen(p+5) + 1);
data/elog-3.1.3-1/src/mxml.c:434:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
writer->stack[writer->level] = (char *) mxml_malloc(strlen(name_enc)+1);
data/elog-3.1.3-1/src/mxml.c:440:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return mxml_write_line(writer, line) == (int)strlen(line);
data/elog-3.1.3-1/src/mxml.c:478:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return mxml_write_line(writer, line) == (int)strlen(line);
data/elog-3.1.3-1/src/mxml.c:495:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return mxml_write_line(writer, line) == (int)strlen(line);
data/elog-3.1.3-1/src/mxml.c:517:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return mxml_write_line(writer, line) == (int)strlen(line);
data/elog-3.1.3-1/src/mxml.c:540:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if ((int)strlen(data)*2+1000 > data_size) {
data/elog-3.1.3-1/src/mxml.c:541:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
data_size = 1000+(int)strlen(data)*2;
data/elog-3.1.3-1/src/mxml.c:547:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return mxml_write_line(writer, _data_enc) == (int)strlen(_data_enc);
data/elog-3.1.3-1/src/mxml.c:590:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (mxml_write_line(writer, line) != (int)strlen(line))
data/elog-3.1.3-1/src/mxml.c:715:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pnode->value = (char *)mxml_malloc(strlen(value)+1);
data/elog-3.1.3-1/src/mxml.c:836:70: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pnode->attribute_value[pnode->n_attributes] = (char *)mxml_malloc(strlen(attrib_value)+1);
data/elog-3.1.3-1/src/mxml.c:963:77: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (cond_name[num_cond][0] && isspace(cond_name[num_cond][strlen(cond_name[num_cond])-1]))
data/elog-3.1.3-1/src/mxml.c:964:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cond_name[num_cond][strlen(cond_name[num_cond])-1] = 0;
data/elog-3.1.3-1/src/mxml.c:971:82: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (cond_value[num_cond][0] && isspace(cond_value[num_cond][strlen(cond_value[num_cond])-1]))
data/elog-3.1.3-1/src/mxml.c:972:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cond_value[num_cond][strlen(cond_value[num_cond])-1] = 0;
data/elog-3.1.3-1/src/mxml.c:973:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (cond_value[num_cond][0] && cond_value[num_cond][strlen(cond_value[num_cond])-1] == '\"')
data/elog-3.1.3-1/src/mxml.c:974:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cond_value[num_cond][strlen(cond_value[num_cond])-1] = 0;
data/elog-3.1.3-1/src/mxml.c:977:82: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (cond_value[num_cond][0] && isspace(cond_value[num_cond][strlen(cond_value[num_cond])-1]))
data/elog-3.1.3-1/src/mxml.c:978:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cond_value[num_cond][strlen(cond_value[num_cond])-1] = 0;
data/elog-3.1.3-1/src/mxml.c:979:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (cond_value[num_cond][0] && cond_value[num_cond][strlen(cond_value[num_cond])-1] == '\'')
data/elog-3.1.3-1/src/mxml.c:980:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cond_value[num_cond][strlen(cond_value[num_cond])-1] = 0;
data/elog-3.1.3-1/src/mxml.c:983:82: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (cond_value[num_cond][0] && isspace(cond_value[num_cond][strlen(cond_value[num_cond])-1]))
data/elog-3.1.3-1/src/mxml.c:984:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cond_value[num_cond][strlen(cond_value[num_cond])-1] = 0;
data/elog-3.1.3-1/src/mxml.c:1141:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pnode->value = (char *)mxml_realloc(pnode->value, strlen(value)+1);
data/elog-3.1.3-1/src/mxml.c:1143:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pnode->value = (char *)mxml_malloc(strlen(value)+1);
data/elog-3.1.3-1/src/mxml.c:1214:80: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pnode->attribute_value[i] = (char *)mxml_realloc(pnode->attribute_value[i], strlen(attrib_value)+1);
data/elog-3.1.3-1/src/mxml.c:1675:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!buf || !(*buf) || !strlen(*buf))
data/elog-3.1.3-1/src/mxml.c:1682:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffer = (char *) mxml_malloc(strlen(*buf) + 1);
data/elog-3.1.3-1/src/mxml.c:1893:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
entity_value[nentity] = (char *) mxml_malloc(strlen(replacement));
data/elog-3.1.3-1/src/mxml.c:1962:30: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
length = (int)read(fh, entity_value[i], length);
data/elog-3.1.3-1/src/mxml.c:1977:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = (int)strlen(buffer);
data/elog-3.1.3-1/src/mxml.c:1980:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
entity_value_length[i] = (int)strlen(entity_value[i]);
data/elog-3.1.3-1/src/mxml.c:1981:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
entity_name_length[i] = (int)strlen(entity_name[i]);
data/elog-3.1.3-1/src/mxml.c:2067:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
length = (int)read(fh, buf, length);
data/elog-3.1.3-1/src/mxml.c:2322:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!path || strlen(path) == 0)
data/elog-3.1.3-1/src/mxml.c:2336:7: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(path, ".");
data/elog-3.1.3-1/src/regex.c:4463:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = regex_compile(s, strlen(s), re_syntax_options, &re_comp_buf);
data/elog-3.1.3-1/src/regex.c:4473:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int len = strlen(s);
data/elog-3.1.3-1/src/regex.c:4560:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret = regex_compile(pattern, strlen(pattern), syntax, preg);
data/elog-3.1.3-1/src/regex.c:4595:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(string);
data/elog-3.1.3-1/src/regex.c:4664:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
msg_size = strlen(msg) + 1; /* Includes the null. */
data/elog-3.1.3-1/src/regex.c:4668:10: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(errbuf, msg, errbuf_size - 1);
data/elog-3.1.3-1/src/strlcpy.c:86:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (dlen + strlen(s));
ANALYSIS SUMMARY:
Hits = 3723
Lines analyzed = 43121 in approximately 1.50 seconds (28676 lines/second)
Physical Source Lines of Code (SLOC) = 30876
Hits@level = [0] 249 [1] 988 [2] 1638 [3] 4 [4] 1091 [5] 2
Hits@level+ = [0+] 3972 [1+] 3723 [2+] 2735 [3+] 1097 [4+] 1093 [5+] 2
Hits/KSLOC@level+ = [0+] 128.644 [1+] 120.579 [2+] 88.5801 [3+] 35.5292 [4+] 35.3997 [5+] 0.0647752
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.