Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/emacs-pdf-tools-1.0~20200512/server/epdfinfo.h
Examining data/emacs-pdf-tools-1.0~20200512/server/poppler-hack.cc
Examining data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c
Examining data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.h
Examining data/emacs-pdf-tools-1.0~20200512/server/synctex_parser_advanced.h
Examining data/emacs-pdf-tools-1.0~20200512/server/synctex_parser_local.h
Examining data/emacs-pdf-tools-1.0~20200512/server/synctex_parser_utils.c
Examining data/emacs-pdf-tools-1.0~20200512/server/synctex_parser_utils.h
Examining data/emacs-pdf-tools-1.0~20200512/server/synctex_version.h
Examining data/emacs-pdf-tools-1.0~20200512/server/epdfinfo.c
FINAL RESULTS:
data/emacs-pdf-tools-1.0~20200512/server/epdfinfo.c:66:7: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf (stderr, fmt, args);
data/emacs-pdf-tools-1.0~20200512/server/epdfinfo.c:312:3: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf (fmt, va);
data/emacs-pdf-tools-1.0~20200512/server/epdfinfo.h:107:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, "%s: " fmt, PACKAGE_NAME, ## args); \
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:313:13: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(SYNCTEX_PRINT_CHARINDEX_FMT SYNCTEX_PRINT_CHARINDEX_WHAT)
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:317:13: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(SYNCTEX_PRINT_LINEINDEX_FMT SYNCTEX_PRINT_LINEINDEX_WHAT)
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:319:13: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(SYNCTEX_PRINT_CHARINDEX_FMT "\n" SYNCTEX_PRINT_CHARINDEX_WHAT)
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:321:13: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(SYNCTEX_PRINT_CHARINDEX_FMT "\n"SYNCTEX_PRINT_LINEINDEX_WHAT)
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:558:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if (open.synctex != strcpy(open.synctex,output)) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:582:25: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
if (open.synctex != strcat(open.synctex,synctex_suffix)){
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:587:62: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
if (quoteless_synctex_name && (quoteless_synctex_name != strcat(quoteless_synctex_name,synctex_suffix))){
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:599:29: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
if (open.synctex != strcat(open.synctex,synctex_suffix_gz)){
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:606:66: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
if (quoteless_synctex_name && (quoteless_synctex_name != strcat(quoteless_synctex_name,synctex_suffix_gz))){
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:684:37: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if (build_output != strcpy(build_output,output)) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:690:33: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
if (build_output == strcat(build_output,build_directory)) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:699:37: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
if (build_output != strcat(build_output,lpc)) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:738:38: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
} else if (reader->output != strcpy(reader->output,output)) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:3185:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(abstract,SYNCTEX_ABSTRACT_MAX,"Input:%i:%s(%i)" SYNCTEX_PRINT_CHARINDEX_FMT,
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:3210:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(abstract,SYNCTEX_ABSTRACT_MAX,"{%i...}" SYNCTEX_PRINT_CHARINDEX_FMT,
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:3234:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(abstract,SYNCTEX_ABSTRACT_MAX,"<%i...>" SYNCTEX_PRINT_CHARINDEX_FMT,
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:3259:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(abstract,SYNCTEX_ABSTRACT_MAX,"[%i,%i:%i,%i:%i,%i,%i...]"
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:3299:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(abstract,SYNCTEX_ABSTRACT_MAX,"(%i,%i~%i*%i:%i,%i:%i,%i,%i...)"
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:3379:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(abstract,SYNCTEX_ABSTRACT_MAX,"h%i,%i:%i,%i:%i,%i,%i"
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:3414:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(abstract,SYNCTEX_ABSTRACT_MAX,"glue:%i,%i:%i,%i"
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:3443:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(abstract,SYNCTEX_ABSTRACT_MAX,"rule:%i,%i:%i,%i:%i,%i,%i"
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:3478:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(abstract,SYNCTEX_ABSTRACT_MAX,"math:%i,%i:%i,%i"
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:3507:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(abstract,SYNCTEX_ABSTRACT_MAX,"kern:%i,%i:%i,%i:%i"
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:3538:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(abstract,SYNCTEX_ABSTRACT_MAX,"boundary:%i,%i:%i,%i"
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:3567:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(abstract,SYNCTEX_ABSTRACT_MAX,"box bdry:%i,%i:%i,%i" SYNCTEX_PRINT_CHARINDEX_FMT,
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:3593:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(abstract,SYNCTEX_ABSTRACT_MAX,"form ref:%i:%i,%i" SYNCTEX_PRINT_CHARINDEX_FMT,
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:3655:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(abstract,SYNCTEX_ABSTRACT_MAX,
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:3696:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(abstract,SYNCTEX_ABSTRACT_MAX,"(*%i,%i~%i*%i:%i,%i:%i,%i,%i...*)/%p"
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:8411:18: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
result = vfprintf(updater->file.as_FILE_p,
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser_advanced.h:530:13: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf((desc), ##__VA_ARGS__); \
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser_local.h:2:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define printf(fmt, args...) (fprintf (stderr, (fmt), ## args))
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser_local.h:2:31: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define printf(fmt, args...) (fprintf (stderr, (fmt), ## args))
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser_utils.c:106:12: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
result = vsprintf(buff, reason, arg) +strlen(prompt);
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser_utils.c:130:15: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
result += vfprintf(where, reason, arg);
data/emacs-pdf-tools-1.0~20200512/server/epdfinfo.c:354:19: [3] (tmpfile) tempnam:
Temporary file race condition (CWE-377).
filename = tempnam(NULL, "epdfinfo");
data/emacs-pdf-tools-1.0~20200512/server/epdfinfo.c:357:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = open(filename, O_CREAT | O_EXCL | O_RDONLY, S_IRWXU);
data/emacs-pdf-tools-1.0~20200512/server/epdfinfo.c:545:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (! (file = fopen (filename, "wb")))
data/emacs-pdf-tools-1.0~20200512/server/epdfinfo.c:3463:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&arg.value,
data/emacs-pdf-tools-1.0~20200512/server/epdfinfo.c:3510:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (((char*) &opts) + dopt->offset,
data/emacs-pdf-tools-1.0~20200512/server/epdfinfo.c:3573:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
DEC_CMD (open),
data/emacs-pdf-tools-1.0~20200512/server/epdfinfo.h:31:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
__fd = open("/dev/null", O_WRONLY); \
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:550:51: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
const char * mode = _synctex_get_io_mode_name(open.io_mode);
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:552:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (NULL == (open.synctex = (char *)malloc(size))) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:554:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return open;
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:558:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (open.synctex != strcpy(open.synctex,output)) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:558:32: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (open.synctex != strcpy(open.synctex,output)) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:561:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
free(open.synctex);
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:562:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open.synctex = NULL;
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:564:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return open;
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:567:40: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
_synctex_strip_last_path_extension(open.synctex);
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:568:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!strlen(open.synctex)) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:574:60: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (_synctex_copy_with_quoting_last_path_component(open.synctex,"ed,size) || quoted == NULL) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:578:34: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
quoteless_synctex_name = open.synctex;
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:579:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open.synctex = quoted;
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:582:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (open.synctex != strcat(open.synctex,synctex_suffix)){
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:582:32: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (open.synctex != strcat(open.synctex,synctex_suffix)){
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:591:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (NULL == (open.file = gzopen(open.synctex,mode))) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:591:37: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (NULL == (open.file = gzopen(open.synctex,mode))) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:595:60: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
_synctex_error("could not open %s, error %i\n",open.synctex,errno);
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:599:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (open.synctex != strcat(open.synctex,synctex_suffix_gz)){
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:599:36: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (open.synctex != strcat(open.synctex,synctex_suffix_gz)){
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:603:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open.io_mode |= synctex_io_gz_mask;
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:604:42: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
mode = _synctex_get_io_mode_name(open.io_mode); /* the file is a compressed and is a binary file, this caused errors on Windows */
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:610:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (NULL == (open.file = gzopen(open.synctex,mode))) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:610:41: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (NULL == (open.file = gzopen(open.synctex,mode))) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:614:64: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
_synctex_error("Could not open %s, error %i\n",open.synctex,errno);
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:622:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
gzclose(open.file);
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:623:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (rename(open.synctex,quoteless_synctex_name)) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:624:68: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
_synctex_error("Could not rename %s to %s, error %i\n",open.synctex,quoteless_synctex_name,errno);
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:626:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (NULL == (open.file = gzopen(open.synctex,mode))) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:626:45: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (NULL == (open.file = gzopen(open.synctex,mode))) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:631:74: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
_synctex_error("Could not open again %s, error %i\n",open.synctex,errno);
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:637:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (NULL == (open.file = gzopen(quoteless_synctex_name,mode))) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:646:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
free(open.synctex);
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:647:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open.synctex = quoteless_synctex_name;
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:652:5: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open.status = SYNCTEX_STATUS_OK;
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:653:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return open;
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:665:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (open.status == SYNCTEX_STATUS_OK) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:666:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return open;
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:686:28: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return open;
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:695:32: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return open;
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:701:28: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return open;
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:708:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return open;
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:727:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (open.status<SYNCTEX_STATUS_OK) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:729:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (open.status<SYNCTEX_STATUS_OK) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:733:27: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
reader->synctex = open.synctex;
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:734:24: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
reader->file = open.file;
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:2890:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * isa[synctex_node_number_of_types] =
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:3183:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char abstract[SYNCTEX_ABSTRACT_MAX] = "none";
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:3208:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char abstract[SYNCTEX_ABSTRACT_MAX] = "none";
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:3232:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char abstract[SYNCTEX_ABSTRACT_MAX] = "none";
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:3257:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char abstract[SYNCTEX_ABSTRACT_MAX] = "none";
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:3297:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char abstract[SYNCTEX_ABSTRACT_MAX] = "none";
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:3341:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char abstract[SYNCTEX_ABSTRACT_MAX] = "none";
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:3377:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char abstract[SYNCTEX_ABSTRACT_MAX] = "none";
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:3412:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char abstract[SYNCTEX_ABSTRACT_MAX] = "none";
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:3441:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char abstract[SYNCTEX_ABSTRACT_MAX] = "none";
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:3476:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char abstract[SYNCTEX_ABSTRACT_MAX] = "none";
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:3505:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char abstract[SYNCTEX_ABSTRACT_MAX] = "none";
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:3536:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char abstract[SYNCTEX_ABSTRACT_MAX] = "none";
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:3565:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char abstract[SYNCTEX_ABSTRACT_MAX] = "none";
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:3591:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char abstract[SYNCTEX_ABSTRACT_MAX] = "none";
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:3614:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char abstract[SYNCTEX_ABSTRACT_MAX] = "none";
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:3653:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char abstract[SYNCTEX_ABSTRACT_MAX] = "none";
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:3694:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char abstract[SYNCTEX_ABSTRACT_MAX] = "none";
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:3739:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char abstract[SYNCTEX_ABSTRACT_MAX] = "none";
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:4174:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (memcpy(string+already_len,SYNCTEX_CUR,len)) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:8474:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
synctex_open_s open;
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:8482:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (open.status < SYNCTEX_STATUS_OK) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:8484:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (open.status < SYNCTEX_STATUS_OK) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:8492:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
gzclose(open.file);
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:8494:38: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
mode = _synctex_get_io_mode_name(open.io_mode|synctex_io_append_mask);/* either "a" or "ab", depending on the file extension */
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:8495:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (open.io_mode&synctex_io_gz_mask) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:8496:48: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (NULL == (updater->file.as_FILE_p = fopen(open.synctex,mode))) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:8496:54: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (NULL == (updater->file.as_FILE_p = fopen(open.synctex,mode))) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:8498:83: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
_synctex_error("! synctex_updater_new_with_file: Can't append to %s",open.synctex);
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:8499:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
free(open.synctex);
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:8505:55: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (NULL == (updater->file.as_gzFile = gzopen(open.synctex,mode))) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:8511:38: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
printf("SyncTeX: updating %s...",open.synctex);
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:8512:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
_synctex_free(open.synctex);
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:8565:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(copy,name,strlen(name)+1);
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:8759:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char n[25]; /* name */
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser_utils.c:548:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE * F = fopen(synctex_name, "r");
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser_utils.c:567:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * synctex_io_modes[4] = {"r","rb","a","ab"};
data/emacs-pdf-tools-1.0~20200512/server/epdfinfo.c:106:16: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = fgetc (stream)) != EOF)
data/emacs-pdf-tools-1.0~20200512/server/epdfinfo.c:334:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen (str);
data/emacs-pdf-tools-1.0~20200512/server/epdfinfo.c:813:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffer = g_malloc (strlen (args) + 1);
data/emacs-pdf-tools-1.0~20200512/server/epdfinfo.c:942:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cerror_if_not ((strlen (arg) == 7
data/emacs-pdf-tools-1.0~20200512/server/epdfinfo.c:3633:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ssize_t read;
data/emacs-pdf-tools-1.0~20200512/server/epdfinfo.c:3670:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read <= 1 || line[read - 1] != '\n')
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:551:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t size = strlen(output)+strlen(synctex_suffix)+strlen(synctex_suffix_gz)+1;
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:551:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t size = strlen(output)+strlen(synctex_suffix)+strlen(synctex_suffix_gz)+1;
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:551:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t size = strlen(output)+strlen(synctex_suffix)+strlen(synctex_suffix_gz)+1;
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:568:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strlen(open.synctex)) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:668:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (build_directory && strlen(build_directory)) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:675:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(build_directory)+strlen(lpc)+2; /* One for the '/' and one for the '\0'. */
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:675:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(build_directory)+strlen(lpc)+2; /* One for the '/' and one for the '\0'. */
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:678:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size += strlen(output);
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:692:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!SYNCTEX_IS_PATH_SEPARATOR(build_output[strlen(build_directory)-1])) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:693:41: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
if (build_output != strcat(build_output,"/")) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:736:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (NULL == (reader->output = (char *)_synctex_malloc(strlen(output)+1))){
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:3142:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (scanR->display_prompt+1<_synctex_display_prompt+strlen(_synctex_display_prompt)) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:3932:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
remaining_len = strlen(the_string); /* All the_string should match */
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:6012:67: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
scanner->display_prompt = (char *)_synctex_display_prompt+strlen(_synctex_display_prompt)-1;
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:6240:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& (strlen(_synctex_data_name(input))!=strlen(_synctex_data_name(other_input))
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:6240:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& (strlen(_synctex_data_name(input))!=strlen(_synctex_data_name(other_input))
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:6241:98: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
|| strncmp(_synctex_data_name(other_input),_synctex_data_name(input),strlen(_synctex_data_name(input))))) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:6254:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t char_index = strlen(name);
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:6268:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while((strlen(relative) > 0) && (strlen(ptr) > 0) && (*relative == *ptr))
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:6268:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while((strlen(relative) > 0) && (strlen(ptr) > 0) && (*relative == *ptr))
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:8450:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if ((result = (int)strlen(buffer))) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:8520:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (magnification && strlen(magnification)) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:8530:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (x_offset && strlen(x_offset)) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:8539:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (y_offset && strlen(y_offset)) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:8564:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * copy = _synctex_malloc(strlen(name)+1);
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser.c:8565:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(copy,name,strlen(name)+1);
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser_utils.c:106:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = vsprintf(buff, reason, arg) +strlen(prompt);
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser_utils.c:118:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = (int)strlen(buffer2);
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser_utils.c:122:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result = (int)strlen(prompt);
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser_utils.c:270:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(!strlen(name)) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser_utils.c:274:5: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(name)>2) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser_utils.c:285:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const char * c = name+strlen(name);
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser_utils.c:306:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(lpc)) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser_utils.c:307:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strchr(lpc,' ') && lpc[0]!='"' && lpc[strlen(lpc)-1]!='"') {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser_utils.c:312:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(src)<size) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser_utils.c:315:18: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
if(dest != strncpy(dest,src,size)) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser_utils.c:321:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(dpc+1,dpc,strlen(dpc)+1); /* Also move the null terminating character. */
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser_utils.c:323:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dpc[strlen(dpc)+1]='\0';/* Consistency test */
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser_utils.c:324:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dpc[strlen(dpc)]='"';
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser_utils.c:351:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(temp);
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser_utils.c:368:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if((size = strlen(temp))>0) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser_utils.c:370:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
if(dest != strncpy(dest,temp,size)) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser_utils.c:402:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(strlen(base_name)>0) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser_utils.c:427:21: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
if(core_name != strncpy(core_name,base_name,size)) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser_utils.c:441:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(output)-strlen(base_name);
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser_utils.c:441:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen(output)-strlen(base_name);
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser_utils.c:449:20: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
if(dir_name != strncpy(dir_name,output,size)) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser_utils.c:465:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(dir_name &&strlen(dir_name)>0) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser_utils.c:467:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(quoted_core_name && strlen(quoted_core_name)>0) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser_utils.c:472:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(quoted_core_name && strlen(quoted_core_name)>0) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser_utils.c:476:72: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(!_synctex_path_is_absolute(output) && build_directory && (size = strlen(build_directory))) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser_utils.c:480:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(quoted_core_name && strlen(quoted_core_name)>0) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser_utils.c:485:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(quoted_core_name && strlen(quoted_core_name)>0) {
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser_utils.c:551:26: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
&& 31 == fgetc(F)
data/emacs-pdf-tools-1.0~20200512/server/synctex_parser_utils.c:553:27: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
&& 139 == fgetc(F)) {
ANALYSIS SUMMARY:
Hits = 188
Lines analyzed = 14794 in approximately 0.43 seconds (34313 lines/second)
Physical Source Lines of Code (SLOC) = 11282
Hits@level = [0] 272 [1] 61 [2] 89 [3] 1 [4] 37 [5] 0
Hits@level+ = [0+] 460 [1+] 188 [2+] 127 [3+] 38 [4+] 37 [5+] 0
Hits/KSLOC@level+ = [0+] 40.7729 [1+] 16.6637 [2+] 11.2569 [3+] 3.3682 [4+] 3.27956 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.