Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/gammu-1.41.0/smsd/uid.c
Examining data/gammu-1.41.0/smsd/core.c
Examining data/gammu-1.41.0/smsd/core.h
Examining data/gammu-1.41.0/smsd/services/files.c
Examining data/gammu-1.41.0/smsd/services/sql.h
Examining data/gammu-1.41.0/smsd/services/files.h
Examining data/gammu-1.41.0/smsd/services/odbc.c
Examining data/gammu-1.41.0/smsd/services/sql.c
Examining data/gammu-1.41.0/smsd/services/null.h
Examining data/gammu-1.41.0/smsd/services/mysql.c
Examining data/gammu-1.41.0/smsd/services/dbi.c
Examining data/gammu-1.41.0/smsd/services/pgsql.c
Examining data/gammu-1.41.0/smsd/services/null.c
Examining data/gammu-1.41.0/smsd/services/sql-core.h
Examining data/gammu-1.41.0/smsd/pidfile.h
Examining data/gammu-1.41.0/smsd/main.c
Examining data/gammu-1.41.0/smsd/uid.h
Examining data/gammu-1.41.0/smsd/winservice.h
Examining data/gammu-1.41.0/smsd/winservice.c
Examining data/gammu-1.41.0/smsd/log.h
Examining data/gammu-1.41.0/smsd/inject.c
Examining data/gammu-1.41.0/smsd/common.h
Examining data/gammu-1.41.0/smsd/monitor.c
Examining data/gammu-1.41.0/smsd/log-event.h
Examining data/gammu-1.41.0/smsd/log-event.c
Examining data/gammu-1.41.0/smsd/pidfile.c
Examining data/gammu-1.41.0/libgammu/gsmcomon.h
Examining data/gammu-1.41.0/libgammu/gsmphones.c
Examining data/gammu-1.41.0/libgammu/debug.c
Examining data/gammu-1.41.0/libgammu/device/bluetooth/bluetooth.c
Examining data/gammu-1.41.0/libgammu/device/bluetooth/blue_w32.c
Examining data/gammu-1.41.0/libgammu/device/bluetooth/blue_bsd.h
Examining data/gammu-1.41.0/libgammu/device/bluetooth/bluez.c
Examining data/gammu-1.41.0/libgammu/device/bluetooth/blue_osx.c
Examining data/gammu-1.41.0/libgammu/device/bluetooth/blue_w32.h
Examining data/gammu-1.41.0/libgammu/device/bluetooth/bluez.h
Examining data/gammu-1.41.0/libgammu/device/bluetooth/blue_bsd.c
Examining data/gammu-1.41.0/libgammu/device/bluetooth/bluetooth.h
Examining data/gammu-1.41.0/libgammu/device/bluetooth/blue_osx.h
Examining data/gammu-1.41.0/libgammu/device/devfunc.h
Examining data/gammu-1.41.0/libgammu/device/serial/ser_djg.h
Examining data/gammu-1.41.0/libgammu/device/serial/ser_w32.c
Examining data/gammu-1.41.0/libgammu/device/serial/ser_w32.h
Examining data/gammu-1.41.0/libgammu/device/serial/ser_unx.h
Examining data/gammu-1.41.0/libgammu/device/serial/ser_unx.c
Examining data/gammu-1.41.0/libgammu/device/serial/ser_djg.c
Examining data/gammu-1.41.0/libgammu/device/usb/usb.h
Examining data/gammu-1.41.0/libgammu/device/usb/usb.c
Examining data/gammu-1.41.0/libgammu/device/devfunc.c
Examining data/gammu-1.41.0/libgammu/device/irda/irda.h
Examining data/gammu-1.41.0/libgammu/device/irda/irda.c
Examining data/gammu-1.41.0/libgammu/device/irda/irda_w32.h
Examining data/gammu-1.41.0/libgammu/device/irda/irda_unx.h
Examining data/gammu-1.41.0/libgammu/device/proxy/proxy.h
Examining data/gammu-1.41.0/libgammu/device/proxy/proxy.c
Examining data/gammu-1.41.0/libgammu/service/gsmpbk.c
Examining data/gammu-1.41.0/libgammu/service/gsmdata.h
Examining data/gammu-1.41.0/libgammu/service/gsmlogo.c
Examining data/gammu-1.41.0/libgammu/service/gsmcal.h
Examining data/gammu-1.41.0/libgammu/service/gsmring.h
Examining data/gammu-1.41.0/libgammu/service/gsmmisc.c
Examining data/gammu-1.41.0/libgammu/service/gsmcal.c
Examining data/gammu-1.41.0/libgammu/service/gsmmisc.h
Examining data/gammu-1.41.0/libgammu/service/gsmnet.c
Examining data/gammu-1.41.0/libgammu/service/gsmcall.h
Examining data/gammu-1.41.0/libgammu/service/gsmdata.c
Examining data/gammu-1.41.0/libgammu/service/gsmnet.h
Examining data/gammu-1.41.0/libgammu/service/sms/gsmmulti.h
Examining data/gammu-1.41.0/libgammu/service/sms/gsmems.h
Examining data/gammu-1.41.0/libgammu/service/sms/gsmmulti.c
Examining data/gammu-1.41.0/libgammu/service/sms/gsmsms.c
Examining data/gammu-1.41.0/libgammu/service/sms/gsmems.c
Examining data/gammu-1.41.0/libgammu/service/gsmring.c
Examining data/gammu-1.41.0/libgammu/service/gsmlogo.h
Examining data/gammu-1.41.0/libgammu/service/gsmpbk.h
Examining data/gammu-1.41.0/libgammu/service/backup/backvcs.h
Examining data/gammu-1.41.0/libgammu/service/backup/backics.c
Examining data/gammu-1.41.0/libgammu/service/backup/backics.h
Examining data/gammu-1.41.0/libgammu/service/backup/backlmb.c
Examining data/gammu-1.41.0/libgammu/service/backup/backtext.c
Examining data/gammu-1.41.0/libgammu/service/backup/backtext.h
Examining data/gammu-1.41.0/libgammu/service/backup/gsmback.c
Examining data/gammu-1.41.0/libgammu/service/backup/backvnt.h
Examining data/gammu-1.41.0/libgammu/service/backup/backldif.c
Examining data/gammu-1.41.0/libgammu/service/backup/backvcs.c
Examining data/gammu-1.41.0/libgammu/service/backup/backlmb.h
Examining data/gammu-1.41.0/libgammu/service/backup/backldif.h
Examining data/gammu-1.41.0/libgammu/service/backup/backvcf.h
Examining data/gammu-1.41.0/libgammu/service/backup/gsmback.h
Examining data/gammu-1.41.0/libgammu/service/backup/backvcf.c
Examining data/gammu-1.41.0/libgammu/service/backup/backvnt.c
Examining data/gammu-1.41.0/libgammu/gsmstate.h
Examining data/gammu-1.41.0/libgammu/phone/nokia/nfuncold.c
Examining data/gammu-1.41.0/libgammu/phone/nokia/nfunc.h
Examining data/gammu-1.41.0/libgammu/phone/nokia/wd2/n3650.c
Examining data/gammu-1.41.0/libgammu/phone/nokia/wd2/n3650.h
Examining data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.h
Examining data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c
Examining data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.h
Examining data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510cal.c
Examining data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c
Examining data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510cal.h
Examining data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/n3320.c
Examining data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/dct4func.c
Examining data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/n3320.h
Examining data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/dct4func.h
Examining data/gammu-1.41.0/libgammu/phone/nokia/nauto.c
Examining data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c
Examining data/gammu-1.41.0/libgammu/phone/nokia/ncommon.h
Examining data/gammu-1.41.0/libgammu/phone/nokia/dct3/n9210.c
Examining data/gammu-1.41.0/libgammu/phone/nokia/dct3/dct3func.c
Examining data/gammu-1.41.0/libgammu/phone/nokia/dct3/n7110.h
Examining data/gammu-1.41.0/libgammu/phone/nokia/dct3/dct3func.h
Examining data/gammu-1.41.0/libgammu/phone/nokia/dct3/n0650.c
Examining data/gammu-1.41.0/libgammu/phone/nokia/dct3/n0650.h
Examining data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.h
Examining data/gammu-1.41.0/libgammu/phone/nokia/dct3/n9210.h
Examining data/gammu-1.41.0/libgammu/phone/nokia/dct3/n7110.c
Examining data/gammu-1.41.0/libgammu/phone/nokia/dct3/dct3comm.h
Examining data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c
Examining data/gammu-1.41.0/libgammu/phone/nokia/nfuncold.h
Examining data/gammu-1.41.0/libgammu/phone/s60/s60phone.c
Examining data/gammu-1.41.0/libgammu/phone/s60/s60phone.h
Examining data/gammu-1.41.0/libgammu/phone/pfunc.c
Examining data/gammu-1.41.0/libgammu/phone/at/motorola.h
Examining data/gammu-1.41.0/libgammu/phone/at/sonyericsson.h
Examining data/gammu-1.41.0/libgammu/phone/at/siemens.h
Examining data/gammu-1.41.0/libgammu/phone/at/atfunc.h
Examining data/gammu-1.41.0/libgammu/phone/at/atgen.h
Examining data/gammu-1.41.0/libgammu/phone/at/atgen.c
Examining data/gammu-1.41.0/libgammu/phone/at/motorola.c
Examining data/gammu-1.41.0/libgammu/phone/at/samsung.c
Examining data/gammu-1.41.0/libgammu/phone/at/samsung.h
Examining data/gammu-1.41.0/libgammu/phone/at/at-sms.c
Examining data/gammu-1.41.0/libgammu/phone/at/sonyericsson.c
Examining data/gammu-1.41.0/libgammu/phone/at/siemens.c
Examining data/gammu-1.41.0/libgammu/phone/obex/obexgen.h
Examining data/gammu-1.41.0/libgammu/phone/obex/obexfunc.h
Examining data/gammu-1.41.0/libgammu/phone/obex/obexgen.c
Examining data/gammu-1.41.0/libgammu/phone/obex/mobex.h
Examining data/gammu-1.41.0/libgammu/phone/obex/mobex.c
Examining data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c
Examining data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.h
Examining data/gammu-1.41.0/libgammu/phone/atobex/atobex.h
Examining data/gammu-1.41.0/libgammu/phone/atobex/atobexfunc.h
Examining data/gammu-1.41.0/libgammu/phone/atobex/atobex.c
Examining data/gammu-1.41.0/libgammu/phone/pfunc.h
Examining data/gammu-1.41.0/libgammu/phone/dummy/dummy.c
Examining data/gammu-1.41.0/libgammu/phone/dummy/dummy.h
Examining data/gammu-1.41.0/libgammu/phone/alcatel/alcatel.c
Examining data/gammu-1.41.0/libgammu/phone/alcatel/alcatel.h
Examining data/gammu-1.41.0/libgammu/gsmcomon.c
Examining data/gammu-1.41.0/libgammu/gsmphones.h
Examining data/gammu-1.41.0/libgammu/misc/strptime.h
Examining data/gammu-1.41.0/libgammu/misc/win32-dirent.c
Examining data/gammu-1.41.0/libgammu/misc/string.c
Examining data/gammu-1.41.0/libgammu/misc/string.h
Examining data/gammu-1.41.0/libgammu/misc/misc.h
Examining data/gammu-1.41.0/libgammu/misc/tzfile.h
Examining data/gammu-1.41.0/libgammu/misc/strptime.c
Examining data/gammu-1.41.0/libgammu/misc/coding/coding.h
Examining data/gammu-1.41.0/libgammu/misc/coding/coding.c
Examining data/gammu-1.41.0/libgammu/misc/coding/md5.h
Examining data/gammu-1.41.0/libgammu/misc/coding/md5-glib.c
Examining data/gammu-1.41.0/libgammu/misc/coding/md5.c
Examining data/gammu-1.41.0/libgammu/misc/win32-dirent.h
Examining data/gammu-1.41.0/libgammu/misc/cfg.c
Examining data/gammu-1.41.0/libgammu/misc/array.c
Examining data/gammu-1.41.0/libgammu/misc/locales.h
Examining data/gammu-1.41.0/libgammu/misc/misc.c
Examining data/gammu-1.41.0/libgammu/misc/array.h
Examining data/gammu-1.41.0/libgammu/api.c
Examining data/gammu-1.41.0/libgammu/gsmreply.h
Examining data/gammu-1.41.0/libgammu/gsmstate.c
Examining data/gammu-1.41.0/libgammu/debug.h
Examining data/gammu-1.41.0/libgammu/protocol/protocol.h
Examining data/gammu-1.41.0/libgammu/protocol/nokia/phonet.h
Examining data/gammu-1.41.0/libgammu/protocol/nokia/mbus2.c
Examining data/gammu-1.41.0/libgammu/protocol/nokia/fbus2.h
Examining data/gammu-1.41.0/libgammu/protocol/nokia/phonet.c
Examining data/gammu-1.41.0/libgammu/protocol/nokia/fbus2.c
Examining data/gammu-1.41.0/libgammu/protocol/nokia/mbus2.h
Examining data/gammu-1.41.0/libgammu/protocol/s60/s60.c
Examining data/gammu-1.41.0/libgammu/protocol/s60/s60.h
Examining data/gammu-1.41.0/libgammu/protocol/s60/s60-ids.h
Examining data/gammu-1.41.0/libgammu/protocol/at/at.h
Examining data/gammu-1.41.0/libgammu/protocol/at/at.c
Examining data/gammu-1.41.0/libgammu/protocol/obex/obex.h
Examining data/gammu-1.41.0/libgammu/protocol/obex/obex.c
Examining data/gammu-1.41.0/libgammu/protocol/symbian/gnapbus.h
Examining data/gammu-1.41.0/libgammu/protocol/symbian/gnapbus.c
Examining data/gammu-1.41.0/libgammu/protocol/alcatel/alcabus.c
Examining data/gammu-1.41.0/libgammu/protocol/alcatel/alcabus.h
Examining data/gammu-1.41.0/contrib/cpp-sample/gammu.cc
Examining data/gammu-1.41.0/contrib/cpp-sample/smsd.cc
Examining data/gammu-1.41.0/contrib/win32/smsd_mfc/editpbk.h
Examining data/gammu-1.41.0/contrib/win32/smsd_mfc/main.cpp
Examining data/gammu-1.41.0/contrib/win32/smsd_mfc/about.cpp
Examining data/gammu-1.41.0/contrib/win32/smsd_mfc/sendsms.h
Examining data/gammu-1.41.0/contrib/win32/smsd_mfc/about.h
Examining data/gammu-1.41.0/contrib/win32/smsd_mfc/common.h
Examining data/gammu-1.41.0/contrib/win32/smsd_mfc/editpbk.cpp
Examining data/gammu-1.41.0/contrib/win32/smsd_mfc/config.h
Examining data/gammu-1.41.0/contrib/win32/smsd_mfc/config.cpp
Examining data/gammu-1.41.0/contrib/win32/smsd_mfc/sendsms.cpp
Examining data/gammu-1.41.0/contrib/win32/smsd_mfc/loguser.cpp
Examining data/gammu-1.41.0/contrib/win32/smsd_mfc/loguser.h
Examining data/gammu-1.41.0/contrib/smscgi/sms_cgi.h
Examining data/gammu-1.41.0/contrib/smscgi/sms_cgi.c
Examining data/gammu-1.41.0/contrib/smscgi/smsd.c
Examining data/gammu-1.41.0/contrib/sqlreply/c/michal.c
Examining data/gammu-1.41.0/contrib/convert/makeconverttable.c
Examining data/gammu-1.41.0/contrib/coveragehelper/coveragehelper.c
Examining data/gammu-1.41.0/contrib/symbian/gnapplet/rfcomm.cpp
Examining data/gammu-1.41.0/contrib/symbian/gnapplet/proto.h
Examining data/gammu-1.41.0/contrib/symbian/gnapplet/gnapplet.h
Examining data/gammu-1.41.0/contrib/symbian/gnapplet/proto_netinfo.cpp
Examining data/gammu-1.41.0/contrib/symbian/gnapplet/ircomm.cpp
Examining data/gammu-1.41.0/contrib/symbian/gnapplet/proto_calendar.cpp
Examining data/gammu-1.41.0/contrib/symbian/gnapplet/proto_sms.cpp
Examining data/gammu-1.41.0/contrib/symbian/gnapplet/tcpip.cpp
Examining data/gammu-1.41.0/contrib/symbian/gnapplet/proto_power.cpp
Examining data/gammu-1.41.0/contrib/symbian/gnapplet/device.cpp
Examining data/gammu-1.41.0/contrib/symbian/gnapplet/pkt.cpp
Examining data/gammu-1.41.0/contrib/symbian/gnapplet/gnapplet_ui.cpp
Examining data/gammu-1.41.0/contrib/symbian/gnapplet/gnapplet_ui.h
Examining data/gammu-1.41.0/contrib/symbian/gnapplet/rfcomm.h
Examining data/gammu-1.41.0/contrib/symbian/gnapplet/ircomm.h
Examining data/gammu-1.41.0/contrib/symbian/gnapplet/pkt.h
Examining data/gammu-1.41.0/contrib/symbian/gnapplet/proto_profile.cpp
Examining data/gammu-1.41.0/contrib/symbian/gnapplet/proto_debug.cpp
Examining data/gammu-1.41.0/contrib/symbian/gnapplet/gnapplet.cpp
Examining data/gammu-1.41.0/contrib/symbian/gnapplet/proto_clock.cpp
Examining data/gammu-1.41.0/contrib/symbian/gnapplet/device.h
Examining data/gammu-1.41.0/contrib/symbian/gnapplet/proto_info.cpp
Examining data/gammu-1.41.0/contrib/symbian/gnapplet/proto_phonebook.cpp
Examining data/gammu-1.41.0/contrib/symbian/gnapplet/tcpip.h
Examining data/gammu-1.41.0/tests/include-memory.c
Examining data/gammu-1.41.0/tests/smsbackup.c
Examining data/gammu-1.41.0/tests/include-security.c
Examining data/gammu-1.41.0/tests/at-statemachine.c
Examining data/gammu-1.41.0/tests/sizes.c
Examining data/gammu-1.41.0/tests/at-charset.c
Examining data/gammu-1.41.0/tests/samsung-get-memory.c
Examining data/gammu-1.41.0/tests/array-test.c
Examining data/gammu-1.41.0/tests/sms-nokia-16.c
Examining data/gammu-1.41.0/tests/dump-features.c
Examining data/gammu-1.41.0/tests/sms-nokia-09.c
Examining data/gammu-1.41.0/tests/sms-nokia-03.c
Examining data/gammu-1.41.0/tests/sms-nokia-18.c
Examining data/gammu-1.41.0/tests/include-info.c
Examining data/gammu-1.41.0/tests/debug.c
Examining data/gammu-1.41.0/tests/sms-nokia-12.c
Examining data/gammu-1.41.0/tests/sms-nokia-04.c
Examining data/gammu-1.41.0/tests/network-codes.c
Examining data/gammu-1.41.0/tests/ldif-read.c
Examining data/gammu-1.41.0/tests/at-ccfc-reply.c
Examining data/gammu-1.41.0/tests/at-ussd-reply.c
Examining data/gammu-1.41.0/tests/include-category.c
Examining data/gammu-1.41.0/tests/backup-comment.c
Examining data/gammu-1.41.0/tests/include-nokia.c
Examining data/gammu-1.41.0/tests/include-error.c
Examining data/gammu-1.41.0/tests/include-types.c
Examining data/gammu-1.41.0/tests/include-backup.c
Examining data/gammu-1.41.0/tests/include-datetime.c
Examining data/gammu-1.41.0/tests/include-wap.c
Examining data/gammu-1.41.0/tests/sql-parse-date.c
Examining data/gammu-1.41.0/tests/include-settings.c
Examining data/gammu-1.41.0/tests/include-message.c
Examining data/gammu-1.41.0/tests/get-smsc-at.c
Examining data/gammu-1.41.0/tests/sms-nokia-01.c
Examining data/gammu-1.41.0/tests/at-samsung.c
Examining data/gammu-1.41.0/tests/sms-at-parse.c
Examining data/gammu-1.41.0/tests/include-smsd.c
Examining data/gammu-1.41.0/tests/statemachine-alloc.c
Examining data/gammu-1.41.0/tests/at-cnmi-reply.c
Examining data/gammu-1.41.0/tests/features-parsing.c
Examining data/gammu-1.41.0/tests/include-statemachine.c
Examining data/gammu-1.41.0/tests/at-parser.c
Examining data/gammu-1.41.0/tests/get-model-at.c
Examining data/gammu-1.41.0/tests/inifile.c
Examining data/gammu-1.41.0/tests/getint.c
Examining data/gammu-1.41.0/tests/atgen/test_helper.h
Examining data/gammu-1.41.0/tests/atgen/test_sql_time.c
Examining data/gammu-1.41.0/tests/atgen/incoming-sms-info.c
Examining data/gammu-1.41.0/tests/atgen/smsd-1-folder-getnextsms.c
Examining data/gammu-1.41.0/tests/atgen/test_helper.c
Examining data/gammu-1.41.0/tests/atgen/deferred-event.c
Examining data/gammu-1.41.0/tests/atgen/get-sms-location.c
Examining data/gammu-1.41.0/tests/atgen/is-memory-writeable.c
Examining data/gammu-1.41.0/tests/atgen/smsd-incoming-ussd.c
Examining data/gammu-1.41.0/tests/atgen/set-requested-sms-memory.c
Examining data/gammu-1.41.0/tests/atgen/get-sms.c
Examining data/gammu-1.41.0/tests/atgen/is-memory-enabled.c
Examining data/gammu-1.41.0/tests/atgen/smsd-incoming-cds.c
Examining data/gammu-1.41.0/tests/atgen/smsd-cancel-call.c
Examining data/gammu-1.41.0/tests/atgen/incoming-sms.c
Examining data/gammu-1.41.0/tests/atgen/gsm-set-cnmi-params.c
Examining data/gammu-1.41.0/tests/sms-nokia-06.c
Examining data/gammu-1.41.0/tests/sms-nokia-15.c
Examining data/gammu-1.41.0/tests/sms-cmdline.c
Examining data/gammu-1.41.0/tests/utf-8.c
Examining data/gammu-1.41.0/tests/include-file.c
Examining data/gammu-1.41.0/tests/include-calendar.c
Examining data/gammu-1.41.0/tests/include-bitmap.c
Examining data/gammu-1.41.0/tests/at-motorola.c
Examining data/gammu-1.41.0/tests/sms-nokia-14.c
Examining data/gammu-1.41.0/tests/statemachine-init.c
Examining data/gammu-1.41.0/tests/sms-nokia-05.c
Examining data/gammu-1.41.0/tests/sms-nokia-11.c
Examining data/gammu-1.41.0/tests/base64.c
Examining data/gammu-1.41.0/tests/at-dispatch.c
Examining data/gammu-1.41.0/tests/include-keys.c
Examining data/gammu-1.41.0/tests/sms-nokia-17.c
Examining data/gammu-1.41.0/tests/sms-encode-decode.c
Examining data/gammu-1.41.0/tests/nokia-6110-ringtone.c
Examining data/gammu-1.41.0/tests/include-debug.c
Examining data/gammu-1.41.0/tests/bluetooth_checkservicename.c
Examining data/gammu-1.41.0/tests/dump-error-codes.c
Examining data/gammu-1.41.0/tests/read-backup.c
Examining data/gammu-1.41.0/tests/common.h
Examining data/gammu-1.41.0/tests/usb-device-parse.c
Examining data/gammu-1.41.0/tests/sms-nokia-07.c
Examining data/gammu-1.41.0/tests/include-misc.c
Examining data/gammu-1.41.0/tests/line-splitting.c
Examining data/gammu-1.41.0/tests/include-ringtone.c
Examining data/gammu-1.41.0/tests/sms-nokia-13.c
Examining data/gammu-1.41.0/tests/config.c
Examining data/gammu-1.41.0/tests/sms-nokia-08.c
Examining data/gammu-1.41.0/tests/sms-nokia-10.c
Examining data/gammu-1.41.0/tests/cal-read.c
Examining data/gammu-1.41.0/tests/include-unicode.c
Examining data/gammu-1.41.0/tests/at-get-smsmemories.c
Examining data/gammu-1.41.0/tests/at-creg-reply.c
Examining data/gammu-1.41.0/tests/locking.c
Examining data/gammu-1.41.0/tests/include-limits.c
Examining data/gammu-1.41.0/tests/sms-at-encode.c
Examining data/gammu-1.41.0/tests/vcard-read.c
Examining data/gammu-1.41.0/tests/sms-nokia-02.c
Examining data/gammu-1.41.0/tests/include-inifile.c
Examining data/gammu-1.41.0/tests/at-getmemory-reply.c
Examining data/gammu-1.41.0/tests/include-call.c
Examining data/gammu-1.41.0/tests/obex-vcard-split.c
Examining data/gammu-1.41.0/tests/include-callback.c
Examining data/gammu-1.41.0/include/gammu-memory.h
Examining data/gammu-1.41.0/include/gammu-error.h
Examining data/gammu-1.41.0/include/gammu-settings.h
Examining data/gammu-1.41.0/include/gammu-smsd.h
Examining data/gammu-1.41.0/include/gammu-debug.h
Examining data/gammu-1.41.0/include/gammu-file.h
Examining data/gammu-1.41.0/include/gammu-category.h
Examining data/gammu-1.41.0/include/gammu-datetime.h
Examining data/gammu-1.41.0/include/gammu-call.h
Examining data/gammu-1.41.0/include/gammu.h
Examining data/gammu-1.41.0/include/gammu-message.h
Examining data/gammu-1.41.0/include/gammu-unicode.h
Examining data/gammu-1.41.0/include/gammu-ringtone.h
Examining data/gammu-1.41.0/include/gammu-types.h
Examining data/gammu-1.41.0/include/gammu-bitmap.h
Examining data/gammu-1.41.0/include/gammu-inifile.h
Examining data/gammu-1.41.0/include/gammu-misc.h
Examining data/gammu-1.41.0/include/gammu-callback.h
Examining data/gammu-1.41.0/include/gammu-limits.h
Examining data/gammu-1.41.0/include/gammu-calendar.h
Examining data/gammu-1.41.0/include/gammu-keys.h
Examining data/gammu-1.41.0/include/gammu-info.h
Examining data/gammu-1.41.0/include/gammu-backup.h
Examining data/gammu-1.41.0/include/gammu-wap.h
Examining data/gammu-1.41.0/include/gammu-statemachine.h
Examining data/gammu-1.41.0/include/gammu-nokia.h
Examining data/gammu-1.41.0/include/gammu-security.h
Examining data/gammu-1.41.0/gammu/files.c
Examining data/gammu-1.41.0/gammu/message.c
Examining data/gammu-1.41.0/gammu/misc.h
Examining data/gammu-1.41.0/gammu/backupsms.c
Examining data/gammu-1.41.0/gammu/files.h
Examining data/gammu-1.41.0/gammu/depend/nokia/dct3trac/wmx.c
Examining data/gammu-1.41.0/gammu/depend/nokia/dct3trac/type-mm.h
Examining data/gammu-1.41.0/gammu/depend/nokia/dct3trac/wmx-util.h
Examining data/gammu-1.41.0/gammu/depend/nokia/dct3trac/type-cc.h
Examining data/gammu-1.41.0/gammu/depend/nokia/dct3trac/wmx-sim.c
Examining data/gammu-1.41.0/gammu/depend/nokia/dct3trac/wmx-util.c
Examining data/gammu-1.41.0/gammu/depend/nokia/dct3trac/type-rr.h
Examining data/gammu-1.41.0/gammu/depend/nokia/dct3trac/type-sms.h
Examining data/gammu-1.41.0/gammu/depend/nokia/dct3trac/wmx-list.h
Examining data/gammu-1.41.0/gammu/depend/nokia/dct3trac/wmx.h
Examining data/gammu-1.41.0/gammu/depend/nokia/dct3trac/type-ss.h
Examining data/gammu-1.41.0/gammu/depend/nokia/dct3trac/wmx-gsm.c
Examining data/gammu-1.41.0/gammu/depend/nokia/dct3trac/wmx-gsm.h
Examining data/gammu-1.41.0/gammu/depend/nokia/dct3trac/wmx-list.c
Examining data/gammu-1.41.0/gammu/depend/nokia/dct3trac/wmx-sim.h
Examining data/gammu-1.41.0/gammu/depend/nokia/dct4.c
Examining data/gammu-1.41.0/gammu/depend/nokia/dct3.c
Examining data/gammu-1.41.0/gammu/depend/nokia/dct3.h
Examining data/gammu-1.41.0/gammu/depend/nokia/dct4.h
Examining data/gammu-1.41.0/gammu/depend/siemens/dsiemens.h
Examining data/gammu-1.41.0/gammu/depend/siemens/dsiemens.c
Examining data/gammu-1.41.0/gammu/depend/siemens/chiffre.h
Examining data/gammu-1.41.0/gammu/depend/siemens/chiffre.c
Examining data/gammu-1.41.0/gammu/nokia.c
Examining data/gammu-1.41.0/gammu/memory.h
Examining data/gammu-1.41.0/gammu/calendar.c
Examining data/gammu-1.41.0/gammu/gammu.h
Examining data/gammu-1.41.0/gammu/backup.h
Examining data/gammu-1.41.0/gammu/calendar.h
Examining data/gammu-1.41.0/gammu/message.h
Examining data/gammu-1.41.0/gammu/sniff.c
Examining data/gammu-1.41.0/gammu/gammu.c
Examining data/gammu-1.41.0/gammu/misc.c
Examining data/gammu-1.41.0/gammu/mms.c
Examining data/gammu-1.41.0/gammu/nokia.h
Examining data/gammu-1.41.0/gammu/common.h
Examining data/gammu-1.41.0/gammu/sniff.h
Examining data/gammu-1.41.0/gammu/memory.c
Examining data/gammu-1.41.0/gammu/search.c
Examining data/gammu-1.41.0/gammu/backup.c
Examining data/gammu-1.41.0/gammu/common.c
Examining data/gammu-1.41.0/gammu/search.h
Examining data/gammu-1.41.0/gammu-detect/win32-serial.c
Examining data/gammu-1.41.0/gammu-detect/main.h
Examining data/gammu-1.41.0/gammu-detect/win32-serial.h
Examining data/gammu-1.41.0/gammu-detect/udev.c
Examining data/gammu-1.41.0/gammu-detect/bluez.c
Examining data/gammu-1.41.0/gammu-detect/main.c
Examining data/gammu-1.41.0/gammu-detect/bluez.h
Examining data/gammu-1.41.0/gammu-detect/udev.h
Examining data/gammu-1.41.0/docs/examples/sms-read.c
Examining data/gammu-1.41.0/docs/examples/sms-send.c
Examining data/gammu-1.41.0/docs/examples/smsd.c
Examining data/gammu-1.41.0/docs/examples/custom-config.c
Examining data/gammu-1.41.0/docs/examples/phone-info.c
Examining data/gammu-1.41.0/docs/examples/long-sms.c
Examining data/gammu-1.41.0/helper/message-cmdline.c
Examining data/gammu-1.41.0/helper/cmdline.h
Examining data/gammu-1.41.0/helper/message-display.h
Examining data/gammu-1.41.0/helper/printing.h
Examining data/gammu-1.41.0/helper/memory-display.h
Examining data/gammu-1.41.0/helper/cmdline.c
Examining data/gammu-1.41.0/helper/memory-display.c
Examining data/gammu-1.41.0/helper/formats.h
Examining data/gammu-1.41.0/helper/locales.h
Examining data/gammu-1.41.0/helper/printing.c
Examining data/gammu-1.41.0/helper/message-display.c
Examining data/gammu-1.41.0/helper/message-cmdline.h
FINAL RESULTS:
data/gammu-1.41.0/smsd/log-event.c:42:6: [5] (misc) SetSecurityDescriptorDacl:
Never create NULL ACLs; an attacker can set it to Everyone (Deny All
Access), which would even forbid administrator access (CWE-732).
if(!SetSecurityDescriptorDacl(&SD, TRUE, 0, FALSE)) {
data/gammu-1.41.0/smsd/log-event.c:42:6: [5] (misc) SetSecurityDescriptorDacl:
Never create NULL ACLs; an attacker can set it to Everyone (Deny All
Access), which would even forbid administrator access (CWE-732).
if(!SetSecurityDescriptorDacl(&SD, TRUE, 0, FALSE)) {
data/gammu-1.41.0/contrib/coveragehelper/coveragehelper.c:55:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(commandline, argv[i]);
data/gammu-1.41.0/contrib/coveragehelper/coveragehelper.c:101:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(logname, COVERAGE_TEMPLATE, testnum);
data/gammu-1.41.0/contrib/coveragehelper/coveragehelper.c:109:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(
data/gammu-1.41.0/contrib/smscgi/sms_cgi.c:64:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(err_file, script_name);
data/gammu-1.41.0/contrib/smscgi/sms_cgi.c:65:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(err_file, ERR_SUFFIX);
data/gammu-1.41.0/contrib/smscgi/sms_cgi.c:83:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(script_name, cgi_path); /**< prepend script path */
data/gammu-1.41.0/contrib/smscgi/sms_cgi.c:124:2: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execv(script_name, params);
data/gammu-1.41.0/contrib/smscgi/sms_cgi.c:136:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(script_name, cgi_path); /**< prepend script path */
data/gammu-1.41.0/contrib/smscgi/sms_cgi.c:151:2: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execv(script_name, params);
data/gammu-1.41.0/contrib/smscgi/sms_cgi.c:174:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer3, key);
data/gammu-1.41.0/contrib/smscgi/sms_cgi.c:176:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer3, value);
data/gammu-1.41.0/contrib/smscgi/smsd.c:94:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cgi_path, tmp);
data/gammu-1.41.0/contrib/sqlreply/c/michal.c:37:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(PC, S);
data/gammu-1.41.0/contrib/sqlreply/c/michal.c:38:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(User, U);
data/gammu-1.41.0/contrib/sqlreply/c/michal.c:39:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Pass, P);
data/gammu-1.41.0/contrib/sqlreply/c/michal.c:40:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(DBName, D);
data/gammu-1.41.0/contrib/sqlreply/c/michal.c:109:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffe[num], Row3[num2 - 1]);
data/gammu-1.41.0/contrib/sqlreply/c/michal.c:115:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffe[num], Row4[num2 - 1]);
data/gammu-1.41.0/contrib/sqlreply/c/michal.c:128:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf4, Row3[num2 - 1]);
data/gammu-1.41.0/contrib/sqlreply/c/michal.c:134:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf4, Row4[num2 - 1]);
data/gammu-1.41.0/contrib/sqlreply/c/michal.c:277:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "SELECT ID,RuleID,DB,SQL,User,Pass,PC FROM `rules` WHERE ID='%s'", Row[0]);
data/gammu-1.41.0/contrib/sqlreply/c/michal.c:282:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "SELECT ID,ActionID,User,User2,Pass,Pass2,DB,DB2,PC,PC2,SQL,User3,Pass3,DB3,PC3 FROM `actions` WHERE ID='%s'", Row[0]);
data/gammu-1.41.0/contrib/win32/smsd_mfc/main.cpp:85:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buffer,Validity);
data/gammu-1.41.0/contrib/win32/smsd_mfc/main.cpp:272:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(something,inbox);
data/gammu-1.41.0/contrib/win32/smsd_mfc/main.cpp:273:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(something+strlen(something),"%s",GetDocument()->FID);
data/gammu-1.41.0/contrib/win32/smsd_mfc/main.cpp:295:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(something,outbox);
data/gammu-1.41.0/contrib/win32/smsd_mfc/main.cpp:296:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(something+strlen(something),"%s",GetDocument()->FID);
data/gammu-1.41.0/contrib/win32/smsd_mfc/main.cpp:318:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(something,outbox_multi);
data/gammu-1.41.0/contrib/win32/smsd_mfc/main.cpp:319:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(something+strlen(something),"%s",GetDocument()->FID);
data/gammu-1.41.0/contrib/win32/smsd_mfc/main.cpp:338:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(something,sent);
data/gammu-1.41.0/contrib/win32/smsd_mfc/main.cpp:339:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(something+strlen(something),"%s",GetDocument()->FID);
data/gammu-1.41.0/contrib/win32/smsd_mfc/main.cpp:364:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(something,sent);
data/gammu-1.41.0/contrib/win32/smsd_mfc/main.cpp:365:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(something+strlen(something),"%s",GetDocument()->FID);
data/gammu-1.41.0/contrib/win32/smsd_mfc/main.cpp:651:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(something,outbox_multi);
data/gammu-1.41.0/contrib/win32/smsd_mfc/main.cpp:652:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(something+strlen(something),"%s",Row[8]);
data/gammu-1.41.0/contrib/win32/smsd_mfc/main.cpp:663:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(something,"%s",counter);
data/gammu-1.41.0/contrib/win32/smsd_mfc/main.cpp:879:3: [4] (buffer) _tcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
_tcscpy(server, dlg.IP);
data/gammu-1.41.0/contrib/win32/smsd_mfc/main.cpp:880:3: [4] (buffer) _tcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
_tcscpy(user, dlg.User);
data/gammu-1.41.0/contrib/win32/smsd_mfc/main.cpp:881:3: [4] (buffer) _tcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
_tcscpy(password, dlg.Pass);
data/gammu-1.41.0/contrib/win32/smsd_mfc/sendsms.cpp:51:2: [4] (buffer) _tcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
_tcscpy((char *)text, Text);
data/gammu-1.41.0/docs/examples/custom-config.c:69:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cfg->Model, argv[3]);
data/gammu-1.41.0/gammu-detect/udev.c:48:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(&real_fmt[i + 2], fmt);
data/gammu-1.41.0/gammu-detect/udev.c:54:3: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vprintf(real_fmt, args);
data/gammu-1.41.0/gammu-detect/udev.c:88:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(propstr, *iter);
data/gammu-1.41.0/gammu-detect/udev.c:92:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(propstr, g_udev_device_get_property(device, *iter));
data/gammu-1.41.0/gammu/backup.c:241:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, LISTFORMAT, _("Reading"));
data/gammu-1.41.0/gammu/backup.c:356:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Backup.Creator, "Gammu %s", GAMMU_VERSION);
data/gammu-1.41.0/gammu/backup.c:359:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Backup.Creator+strlen(Backup.Creator),GetOS());
data/gammu-1.41.0/gammu/backup.c:363:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Backup.Creator+strlen(Backup.Creator),GetCompiler());
data/gammu-1.41.0/gammu/backup.c:383:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Backup.Model, buffer);
data/gammu-1.41.0/gammu/backup.c:386:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Backup.Model,GSM_GetModelInfo(gsm)->model);
data/gammu-1.41.0/gammu/backup.c:391:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(Backup.Model,buffer);
data/gammu-1.41.0/gammu/backup.c:424:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, LISTFORMAT, _("Reading"));
data/gammu-1.41.0/gammu/backup.c:496:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, LISTFORMAT, _("Reading"));
data/gammu-1.41.0/gammu/backup.c:531:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, LISTFORMAT, _("Reading"));
data/gammu-1.41.0/gammu/backup.c:565:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, LISTFORMAT, _("Reading"));
data/gammu-1.41.0/gammu/backup.c:633:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, LISTFORMAT, _("Reading"));
data/gammu-1.41.0/gammu/backup.c:670:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, LISTFORMAT, _("Reading"));
data/gammu-1.41.0/gammu/backup.c:707:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, LISTFORMAT, _("Reading"));
data/gammu-1.41.0/gammu/backup.c:744:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, LISTFORMAT, _("Reading"));
data/gammu-1.41.0/gammu/backup.c:781:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, LISTFORMAT, _("Reading"));
data/gammu-1.41.0/gammu/backup.c:819:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, LISTFORMAT, _("Reading"));
data/gammu-1.41.0/gammu/backup.c:860:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, LISTFORMAT, _("Reading"));
data/gammu-1.41.0/gammu/backup.c:894:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, LISTFORMAT, _("Reading"));
data/gammu-1.41.0/gammu/backup.c:931:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, LISTFORMAT, _("Reading"));
data/gammu-1.41.0/gammu/backup.c:971:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, LISTFORMAT "%s\n", _("Time of backup"), OSDateTime(Backup->DateTime, FALSE));
data/gammu-1.41.0/gammu/backup.c:974:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, LISTFORMAT "%s\n", _("Phone"), Backup->Model);
data/gammu-1.41.0/gammu/backup.c:977:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, LISTFORMAT "%s\n", _("IMEI"), Backup->IMEI);
data/gammu-1.41.0/gammu/backup.c:980:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, LISTFORMAT "%s\n", _("File created by"), Backup->Creator);
data/gammu-1.41.0/gammu/backup.c:1499:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, LISTFORMAT, _("Deleting"));
data/gammu-1.41.0/gammu/calendar.c:19:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Note type"));
data/gammu-1.41.0/gammu/calendar.c:156:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Start"),
data/gammu-1.41.0/gammu/calendar.c:163:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Stop"),
data/gammu-1.41.0/gammu/calendar.c:170:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Last modified"),
data/gammu-1.41.0/gammu/calendar.c:176:6: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Tone alarm"));
data/gammu-1.41.0/gammu/calendar.c:187:6: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n",
data/gammu-1.41.0/gammu/calendar.c:197:6: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Silent alarm"));
data/gammu-1.41.0/gammu/calendar.c:208:6: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n",
data/gammu-1.41.0/gammu/calendar.c:217:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n", _("Text"),
data/gammu-1.41.0/gammu/calendar.c:222:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n", _("Description"),
data/gammu-1.41.0/gammu/calendar.c:227:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n", _("LUID"),
data/gammu-1.41.0/gammu/calendar.c:232:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n", _("Location"),
data/gammu-1.41.0/gammu/calendar.c:237:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n", _("Phone"),
data/gammu-1.41.0/gammu/calendar.c:242:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Private"),
data/gammu-1.41.0/gammu/calendar.c:254:7: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT
data/gammu-1.41.0/gammu/calendar.c:261:7: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%d\n",
data/gammu-1.41.0/gammu/calendar.c:266:6: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%d\n",
data/gammu-1.41.0/gammu/calendar.c:310:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Repeating"));
data/gammu-1.41.0/gammu/calendar.c:312:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(ngettext
data/gammu-1.41.0/gammu/calendar.c:373:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Age"));
data/gammu-1.41.0/gammu/calendar.c:542:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Date"),
data/gammu-1.41.0/gammu/calendar.c:545:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Date"),
data/gammu-1.41.0/gammu/calendar.c:551:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n", _("Text"),
data/gammu-1.41.0/gammu/calendar.c:599:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%d\n", _("Location"), Note.Location);
data/gammu-1.41.0/gammu/calendar.c:643:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%d\n", _("Location"), Note.Location);
data/gammu-1.41.0/gammu/calendar.c:687:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%i\n", _("Location"), i);
data/gammu-1.41.0/gammu/calendar.c:711:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%i\n", _("Location"), ToDo->Location);
data/gammu-1.41.0/gammu/calendar.c:713:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Priority"));
data/gammu-1.41.0/gammu/calendar.c:739:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Due time"),
data/gammu-1.41.0/gammu/calendar.c:744:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Start time"),
data/gammu-1.41.0/gammu/calendar.c:749:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Completed time"),
data/gammu-1.41.0/gammu/calendar.c:754:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Completed"),
data/gammu-1.41.0/gammu/calendar.c:759:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Alarm"),
data/gammu-1.41.0/gammu/calendar.c:764:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Silent alarm"),
data/gammu-1.41.0/gammu/calendar.c:769:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Last modified"),
data/gammu-1.41.0/gammu/calendar.c:774:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n", _("Text"),
data/gammu-1.41.0/gammu/calendar.c:779:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Private"),
data/gammu-1.41.0/gammu/calendar.c:788:6: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\" (%i)\n",
data/gammu-1.41.0/gammu/calendar.c:794:6: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%i\n", _("Category"),
data/gammu-1.41.0/gammu/calendar.c:806:7: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT
data/gammu-1.41.0/gammu/calendar.c:813:7: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%d\n",
data/gammu-1.41.0/gammu/calendar.c:818:6: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%d\n", _("Contact"),
data/gammu-1.41.0/gammu/calendar.c:823:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n", _("Phone"),
data/gammu-1.41.0/gammu/calendar.c:828:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n", _("Description"),
data/gammu-1.41.0/gammu/calendar.c:833:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n", _("Location"),
data/gammu-1.41.0/gammu/calendar.c:838:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n", _("LUID"),
data/gammu-1.41.0/gammu/calendar.c:996:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n", _("Text"),
data/gammu-1.41.0/gammu/common.c:194:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Security status"));
data/gammu-1.41.0/gammu/common.c:350:2: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(buffer, sizeof(buffer) - 1, format, ap);
data/gammu-1.41.0/gammu/depend/nokia/dct4.c:325:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(DCT4Tests.Tests[i].Name,msg->Buffer+pos+4);
data/gammu-1.41.0/gammu/depend/nokia/dct4.c:625:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sm->Phone.Data.PhoneString,"%s->wav",DecodeUnicodeString(Buffer));
data/gammu-1.41.0/gammu/depend/nokia/dct4.c:824:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Old simlock"));
data/gammu-1.41.0/gammu/depend/nokia/dct4.c:845:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Simlock data"));
data/gammu-1.41.0/gammu/depend/nokia/dct4.c:872:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Bluetooth"));
data/gammu-1.41.0/gammu/depend/nokia/dct4.c:888:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("UEM"), value);
data/gammu-1.41.0/gammu/files.c:48:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Phone memory"));
data/gammu-1.41.0/gammu/files.c:55:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Usage details"));
data/gammu-1.41.0/gammu/files.c:203:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(FolderName,
data/gammu-1.41.0/gammu/files.c:431:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "%s", DecodeUnicodeConsole(File->Name));
data/gammu-1.41.0/gammu/files.c:437:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "%s",
data/gammu-1.41.0/gammu/files.c:443:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "file%s",
data/gammu-1.41.0/gammu/memory.c:141:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%i\n", _("Location"), j);
data/gammu-1.41.0/gammu/message.c:86:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Status"));
data/gammu-1.41.0/gammu/message.c:114:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n", _("Service reply"), DecodeUnicodeConsole(ussd->Text));
data/gammu-1.41.0/gammu/message.c:217:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%d\n", _("Location"), smsc.Location);
data/gammu-1.41.0/gammu/message.c:220:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n", _("Name"),DecodeUnicodeConsole(smsc.Name));
data/gammu-1.41.0/gammu/message.c:222:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n", _("Number"),DecodeUnicodeConsole(smsc.Number));
data/gammu-1.41.0/gammu/message.c:223:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n", _("Default number"),DecodeUnicodeConsole(smsc.DefaultNumber));
data/gammu-1.41.0/gammu/message.c:225:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Format"));
data/gammu-1.41.0/gammu/message.c:234:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Validity"));
data/gammu-1.41.0/gammu/message.c:430:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, LISTFORMAT, _("Reading"));
data/gammu-1.41.0/gammu/message.c:589:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%i\n", _("Message number"), i);
data/gammu-1.41.0/gammu/message.c:594:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%i\n", _("Number of messages"), sms->Number);
data/gammu-1.41.0/gammu/misc.c:35:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Network state"));
data/gammu-1.41.0/gammu/misc.c:48:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Network"));
data/gammu-1.41.0/gammu/misc.c:57:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n",
data/gammu-1.41.0/gammu/misc.c:62:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Packet network state"));
data/gammu-1.41.0/gammu/misc.c:75:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Packet network"));
data/gammu-1.41.0/gammu/misc.c:84:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n",
data/gammu-1.41.0/gammu/misc.c:90:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("GPRS"));
data/gammu-1.41.0/gammu/misc.c:106:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Battery level"));
data/gammu-1.41.0/gammu/misc.c:111:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Battery capacity"));
data/gammu-1.41.0/gammu/misc.c:116:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Battery temperature"));
data/gammu-1.41.0/gammu/misc.c:122:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Phone temperature"));
data/gammu-1.41.0/gammu/misc.c:127:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Battery voltage"));
data/gammu-1.41.0/gammu/misc.c:132:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Charge voltage"));
data/gammu-1.41.0/gammu/misc.c:137:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Charge current"));
data/gammu-1.41.0/gammu/misc.c:142:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Phone current"));
data/gammu-1.41.0/gammu/misc.c:147:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Charge state"));
data/gammu-1.41.0/gammu/misc.c:176:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Battery type"));
data/gammu-1.41.0/gammu/misc.c:252:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Device"), curcfg->Device);
data/gammu-1.41.0/gammu/misc.c:256:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Manufacturer"), buffer);
data/gammu-1.41.0/gammu/misc.c:259:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s (%s)\n", _("Model"),
data/gammu-1.41.0/gammu/misc.c:265:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s", _("Firmware"), buffer);
data/gammu-1.41.0/gammu/misc.c:277:26: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
if (error == ERR_NONE) printf(LISTFORMAT "%s\n", _("Hardware"),buffer);
data/gammu-1.41.0/gammu/misc.c:283:26: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
if (error == ERR_NONE) printf(LISTFORMAT "%s\n", _("IMEI"), buffer);
data/gammu-1.41.0/gammu/misc.c:288:27: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
if (error == ERR_NONE) printf(LISTFORMAT "%s\n", _("Original IMEI"), buffer);
data/gammu-1.41.0/gammu/misc.c:295:26: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
if (error == ERR_NONE) printf(LISTFORMAT "%s\n", _("Manufactured"),buffer);
data/gammu-1.41.0/gammu/misc.c:301:26: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
if (error == ERR_NONE) printf(LISTFORMAT "%s\n", _("Product code"),buffer);
data/gammu-1.41.0/gammu/misc.c:311:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("SIM IMSI"),buffer);
data/gammu-1.41.0/gammu/misc.c:395:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fname, argv[2]);
data/gammu-1.41.0/gammu/misc.c:396:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fname, ext);
data/gammu-1.41.0/gammu/misc.c:422:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Call info"));
data/gammu-1.41.0/gammu/misc.c:443:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, name); \
data/gammu-1.41.0/gammu/misc.c:528:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Signal strength"));
data/gammu-1.41.0/gammu/misc.c:533:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Network level"));
data/gammu-1.41.0/gammu/misc.c:538:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Bit error rate"));
data/gammu-1.41.0/gammu/misc.c:546:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("SIM SMS status"));
data/gammu-1.41.0/gammu/misc.c:556:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Phone SMS status"));
data/gammu-1.41.0/gammu/misc.c:850:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n", _("Name"),DecodeUnicodeConsole(bookmark.Title));
data/gammu-1.41.0/gammu/misc.c:851:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n", _("Address"),DecodeUnicodeConsole(bookmark.Address));
data/gammu-1.41.0/gammu/misc.c:898:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n\n", _("Address"),DecodeUnicodeConsole(point.URL));
data/gammu-1.41.0/gammu/misc.c:953:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"", _("Group name"),DecodeUnicodeConsole(MultiBitmap.Bitmap[0].Text));
data/gammu-1.41.0/gammu/misc.c:957:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Ringtone"), _("default"));
data/gammu-1.41.0/gammu/misc.c:959:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%i\n", _("Ringtone"),MultiBitmap.Bitmap[0].RingtoneID);
data/gammu-1.41.0/gammu/misc.c:972:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\" ", _("Ringtone"), DecodeUnicodeString(File.Name));
data/gammu-1.41.0/gammu/misc.c:979:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Ringtone"));
data/gammu-1.41.0/gammu/misc.c:992:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Bitmap"), _("enabled"));
data/gammu-1.41.0/gammu/misc.c:994:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Bitmap"), _("disabled"));
data/gammu-1.41.0/gammu/misc.c:997:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%i\n", _("Bitmap ID"),MultiBitmap.Bitmap[0].PictureID);
data/gammu-1.41.0/gammu/misc.c:1015:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n", _("Text"),DecodeUnicodeConsole(MultiBitmap.Bitmap[0].Text));
data/gammu-1.41.0/gammu/misc.c:1016:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n", _("Sender"),DecodeUnicodeConsole(MultiBitmap.Bitmap[0].Sender));
data/gammu-1.41.0/gammu/misc.c:1018:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n", _("Name"),DecodeUnicodeConsole(MultiBitmap.Bitmap[0].Name));
data/gammu-1.41.0/gammu/misc.c:1130:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Bitmap.NetworkCode,NetInfo.NetworkCode);
data/gammu-1.41.0/gammu/misc.c:1158:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(MultiBitmap.Bitmap[0].NetworkCode,NetInfo.NetworkCode);
data/gammu-1.41.0/gammu/misc.c:1293:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, LISTFORMAT, _("Deleting"));
data/gammu-1.41.0/gammu/misc.c:1317:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, LISTFORMAT, _("Deleting"));
data/gammu-1.41.0/gammu/misc.c:1341:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, LISTFORMAT, _("Deleting"));
data/gammu-1.41.0/gammu/misc.c:1357:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, LISTFORMAT, _("Deleting"));
data/gammu-1.41.0/gammu/misc.c:1375:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, LISTFORMAT, _("Deleting"));
data/gammu-1.41.0/gammu/misc.c:1395:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Connection type"), _("Continuous"));
data/gammu-1.41.0/gammu/misc.c:1397:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Connection type"), _("Temporary"));
data/gammu-1.41.0/gammu/misc.c:1400:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Connection security"), _("On"));
data/gammu-1.41.0/gammu/misc.c:1402:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Connection security"), _("Off"));
data/gammu-1.41.0/gammu/misc.c:1404:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Proxy"));
data/gammu-1.41.0/gammu/misc.c:1407:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Second proxy"));
data/gammu-1.41.0/gammu/misc.c:1412:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s", _("Bearer"), _("SMS"));
data/gammu-1.41.0/gammu/misc.c:1415:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n", _("Server number"),DecodeUnicodeConsole(settings->Settings[j].Server));
data/gammu-1.41.0/gammu/misc.c:1416:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n", _("Service number"),DecodeUnicodeConsole(settings->Settings[j].Service));
data/gammu-1.41.0/gammu/misc.c:1419:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s", _("Bearer"), _("Data (CSD)"));
data/gammu-1.41.0/gammu/misc.c:1422:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n", _("Dial-up number"),DecodeUnicodeConsole(settings->Settings[j].DialUp));
data/gammu-1.41.0/gammu/misc.c:1423:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n", _("IP address"),DecodeUnicodeConsole(settings->Settings[j].IPAddress));
data/gammu-1.41.0/gammu/misc.c:1425:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Login type"), _("Manual"));
data/gammu-1.41.0/gammu/misc.c:1427:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Login type"), _("Automatic"));
data/gammu-1.41.0/gammu/misc.c:1430:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Authentication type"), _("Normal"));
data/gammu-1.41.0/gammu/misc.c:1432:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Authentication type"), _("Secure"));
data/gammu-1.41.0/gammu/misc.c:1435:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Data call type"), _("ISDN"));
data/gammu-1.41.0/gammu/misc.c:1437:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Data call type"), _("Analogue"));
data/gammu-1.41.0/gammu/misc.c:1441:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Data call speed"), "9600");
data/gammu-1.41.0/gammu/misc.c:1444:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Data call speed"), "14400");
data/gammu-1.41.0/gammu/misc.c:1447:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Data call speed"), _("Auto"));
data/gammu-1.41.0/gammu/misc.c:1450:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n", _("User name"),DecodeUnicodeConsole(settings->Settings[j].User));
data/gammu-1.41.0/gammu/misc.c:1451:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n", _("Password"),DecodeUnicodeConsole(settings->Settings[j].Password));
data/gammu-1.41.0/gammu/misc.c:1454:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s", _("Bearer"), _("USSD"));
data/gammu-1.41.0/gammu/misc.c:1457:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n", _("Service code"),DecodeUnicodeConsole(settings->Settings[j].Code));
data/gammu-1.41.0/gammu/misc.c:1459:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Address type"), _("IP address"));
data/gammu-1.41.0/gammu/misc.c:1460:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("IP address"), DecodeUnicodeConsole(settings->Settings[j].Service));
data/gammu-1.41.0/gammu/misc.c:1462:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Address type"), _("Service number"));
data/gammu-1.41.0/gammu/misc.c:1463:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Service number"), DecodeUnicodeConsole(settings->Settings[j].Service));
data/gammu-1.41.0/gammu/misc.c:1467:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s", _("Bearer"), _("GPRS"));
data/gammu-1.41.0/gammu/misc.c:1471:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Login type"), _("Manual"));
data/gammu-1.41.0/gammu/misc.c:1473:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Login type"), _("Automatic"));
data/gammu-1.41.0/gammu/misc.c:1476:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Authentication type"), _("Normal"));
data/gammu-1.41.0/gammu/misc.c:1478:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Authentication type"), _("Secure"));
data/gammu-1.41.0/gammu/misc.c:1480:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n", _("Access point"),DecodeUnicodeConsole(settings->Settings[j].DialUp));
data/gammu-1.41.0/gammu/misc.c:1481:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n", _("IP address"),DecodeUnicodeConsole(settings->Settings[j].IPAddress));
data/gammu-1.41.0/gammu/misc.c:1482:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n", _("User name"),DecodeUnicodeConsole(settings->Settings[j].User));
data/gammu-1.41.0/gammu/misc.c:1483:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n", _("Password"),DecodeUnicodeConsole(settings->Settings[j].Password));
data/gammu-1.41.0/gammu/misc.c:1509:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n", _("User"),DecodeUnicodeConsole(settings.User));
data/gammu-1.41.0/gammu/misc.c:1510:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n", _("Password"),DecodeUnicodeConsole(settings.Password));
data/gammu-1.41.0/gammu/misc.c:1511:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n", _("Phonebook database"),DecodeUnicodeConsole(settings.PhonebookDataBase));
data/gammu-1.41.0/gammu/misc.c:1512:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n", _("Calendar database"),DecodeUnicodeConsole(settings.CalendarDataBase));
data/gammu-1.41.0/gammu/misc.c:1513:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n", _("Server"),DecodeUnicodeConsole(settings.Server));
data/gammu-1.41.0/gammu/misc.c:1514:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Sync. phonebook"));
data/gammu-1.41.0/gammu/misc.c:1517:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Sync. calendar"));
data/gammu-1.41.0/gammu/misc.c:1522:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Connection set name"));
data/gammu-1.41.0/gammu/misc.c:1558:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n", _("Homepage"),DecodeUnicodeConsole(settings.HomePage));
data/gammu-1.41.0/gammu/misc.c:1559:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n", _("User"),DecodeUnicodeConsole(settings.User));
data/gammu-1.41.0/gammu/misc.c:1560:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n", _("Password"),DecodeUnicodeConsole(settings.Password));
data/gammu-1.41.0/gammu/misc.c:1563:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Connection set name"));
data/gammu-1.41.0/gammu/misc.c:1606:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Read only"), _("yes"));
data/gammu-1.41.0/gammu/misc.c:1608:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n", _("Homepage"),
data/gammu-1.41.0/gammu/misc.c:1766:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%i\n", _("Location"),j);
data/gammu-1.41.0/gammu/misc.c:1770:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n\n", _("Name"),DecodeUnicodeConsole(Category.Name));
data/gammu-1.41.0/gammu/misc.c:1799:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%i\n", _("Location"),j);
data/gammu-1.41.0/gammu/misc.c:1809:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n\n", _("Name"),DecodeUnicodeConsole(Category.Name));
data/gammu-1.41.0/gammu/misc.c:1879:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(message, _("Enter %s code: "), argv[2]);
data/gammu-1.41.0/gammu/misc.c:1881:10: [4] (misc) getpass:
This function is obsolete and not portable. It was in SUSv2 but removed by
POSIX.2. What it does exactly varies considerably between systems,
particularly in where its prompt is displayed and where it gets its data
(e.g., /dev/tty, stdin, stderr, etc.). In addition, some implementations
overflow buffers. (CWE-676, CWE-120, CWE-20). Make the specific calls to do
exactly what you want. If you continue to use it, or write your own, be
sure to zero the password as soon as possible to avoid leaving the
cleartext password visible in the process' address space.
pass = getpass(message);
data/gammu-1.41.0/gammu/misc.c:1882:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Code.Code, pass);
data/gammu-1.41.0/gammu/misc.c:1896:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Code.Code,argv[3]);
data/gammu-1.41.0/gammu/misc.c:1903:11: [4] (misc) getpass:
This function is obsolete and not portable. It was in SUSv2 but removed by
POSIX.2. What it does exactly varies considerably between systems,
particularly in where its prompt is displayed and where it gets its data
(e.g., /dev/tty, stdin, stderr, etc.). In addition, some implementations
overflow buffers. (CWE-676, CWE-120, CWE-20). Make the specific calls to do
exactly what you want. If you continue to use it, or write your own, be
sure to zero the password as soon as possible to avoid leaving the
cleartext password visible in the process' address space.
pass = getpass(message);
data/gammu-1.41.0/gammu/misc.c:1904:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Code.Code, pass);
data/gammu-1.41.0/gammu/misc.c:1918:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Code.NewPIN, argv[4]);
data/gammu-1.41.0/gammu/misc.c:1970:6: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Ringtone ID"));
data/gammu-1.41.0/gammu/misc.c:1972:6: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Message alert tone ID"));
data/gammu-1.41.0/gammu/misc.c:1985:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Call alert for"));
data/gammu-1.41.0/gammu/misc.c:2006:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Screen saver number"));
data/gammu-1.41.0/gammu/misc.c:2009:31: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
case Profile_CallAlert : printf(LISTFORMAT, _("Incoming call alert")); break;
data/gammu-1.41.0/gammu/misc.c:2010:35: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
case Profile_RingtoneVolume : printf(LISTFORMAT, _("Ringtone volume")); break;
data/gammu-1.41.0/gammu/misc.c:2011:30: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
case Profile_Vibration : printf(LISTFORMAT, _("Vibrating alert")); break;
data/gammu-1.41.0/gammu/misc.c:2012:31: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
case Profile_MessageTone : printf(LISTFORMAT, _("Message alert tone")); break;
data/gammu-1.41.0/gammu/misc.c:2013:31: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
case Profile_KeypadTone : printf(LISTFORMAT, _("Keypad tones")); break;
data/gammu-1.41.0/gammu/misc.c:2014:31: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
case Profile_WarningTone : printf(LISTFORMAT, _("Warning (games) tones")); break;
data/gammu-1.41.0/gammu/misc.c:2015:31: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
case Profile_ScreenSaver : printf(LISTFORMAT, _("Screen saver")); break;
data/gammu-1.41.0/gammu/misc.c:2016:35: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
case Profile_ScreenSaverTime : printf(LISTFORMAT, _("Screen saver timeout")); break;
data/gammu-1.41.0/gammu/misc.c:2017:31: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
case Profile_AutoAnswer : printf(LISTFORMAT, _("Automatic answer")); break;
data/gammu-1.41.0/gammu/misc.c:2018:27: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
case Profile_Lights : printf(LISTFORMAT, _("Lights")); break;
data/gammu-1.41.0/gammu/misc.c:2089:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%i\n", _("Location"), i);
data/gammu-1.41.0/gammu/misc.c:2104:20: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
if (Name != -1) printf(LISTFORMAT "\"%s\"\n", _("Name"), DecodeUnicodeConsole(Phonebook.Entries[Name].Text));
data/gammu-1.41.0/gammu/misc.c:2105:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\"", _("Number"), DecodeUnicodeConsole(Phonebook.Entries[SpeedDial.MemoryNumberID-1].Text));
data/gammu-1.41.0/gammu/misc.c:2158:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\n", _("Currently shown on the display"));
data/gammu-1.41.0/gammu/misc.c:2213:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%i\n", _("Location"), i);
data/gammu-1.41.0/gammu/misc.c:2219:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n", _("Station name"), DecodeUnicodeConsole(Station.StationName));
data/gammu-1.41.0/gammu/misc.c:2220:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%.1f MHz\n", _("Frequency"), Station.Frequency);
data/gammu-1.41.0/gammu/misc.c:2296:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(" " LISTFORMAT, _("Divert type"));
data/gammu-1.41.0/gammu/misc.c:2317:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(" " LISTFORMAT, _("Call type"));
data/gammu-1.41.0/gammu/misc.c:2343:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(" " LISTFORMAT, _("Divert type"));
data/gammu-1.41.0/gammu/misc.c:2363:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(" " LISTFORMAT, _("Call type"));
data/gammu-1.41.0/gammu/misc.c:2380:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(" " LISTFORMAT, _("Timeout"));
data/gammu-1.41.0/gammu/mms.c:71:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Sender"));
data/gammu-1.41.0/gammu/mms.c:79:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Recipient"));
data/gammu-1.41.0/gammu/mms.c:87:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("CC"));
data/gammu-1.41.0/gammu/mms.c:94:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Message type"), info.MSGType);
data/gammu-1.41.0/gammu/mms.c:95:30: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
if (info.DateTimeAvailable) printf(LISTFORMAT "%s\n", _("Date"), OSDateTime(info.DateTime,0));
data/gammu-1.41.0/gammu/mms.c:97:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Subject"),DecodeUnicodeString(info.Subject));
data/gammu-1.41.0/gammu/mms.c:100:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Delivery report"));
data/gammu-1.41.0/gammu/mms.c:107:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Content type"), DecodeUnicodeString(info.ContentType));
data/gammu-1.41.0/gammu/mms.c:110:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Content type"), DecodeUnicodeString(info.Entries[i].ContentType));
data/gammu-1.41.0/gammu/mms.c:112:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s", _("Name"),DecodeUnicodeString(info.Entries[i].File.Name));
data/gammu-1.41.0/gammu/mms.c:131:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff,"%i_%i_%s",num,i+1,DecodeUnicodeString(info.Entries[i].File.Name));
data/gammu-1.41.0/gammu/mms.c:172:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n", _(" File filesystem ID"),DecodeUnicodeConsole(File.ID_FullName));
data/gammu-1.41.0/gammu/nokia.c:282:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Entry->Name,"%s",DecodeUnicodeString(Files.ID_FullName));
data/gammu-1.41.0/gammu/nokia.c:379:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Files2.Buffer + Files2.Used, "%s%c%c", Entry->Name, 13, 10);
data/gammu-1.41.0/gammu/nokia.c:389:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Buffer2, _("Writing file %s:"), DecodeUnicodeString(Files2.Name));
data/gammu-1.41.0/gammu/nokia.c:562:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "%s.jad", argv[3]);
data/gammu-1.41.0/gammu/nokia.c:569:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "%s.jar", argv[3]);
data/gammu-1.41.0/gammu/nokia.c:686:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"%s.jar",argv[3]);
data/gammu-1.41.0/gammu/nokia.c:692:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"%s.jad",argv[3]);
data/gammu-1.41.0/gammu/nokia.c:757:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer,JAR+i+1);
data/gammu-1.41.0/gammu/nokia.c:758:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(JAR,buffer);
data/gammu-1.41.0/gammu/nokia.c:796:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer,Vendor);
data/gammu-1.41.0/gammu/nokia.c:797:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer,Name);
data/gammu-1.41.0/gammu/nokia.c:825:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer,DecodeUnicodeString(File2.Name));
data/gammu-1.41.0/gammu/nokia.c:861:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer,DecodeUnicodeString(File2.Name));
data/gammu-1.41.0/gammu/nokia.c:885:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer,JAR);
data/gammu-1.41.0/gammu/nokia.c:900:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"%s.jar",argv[3]);
data/gammu-1.41.0/gammu/nokia.c:906:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer,JAR);
data/gammu-1.41.0/gammu/nokia.c:925:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer,argv[3]);
data/gammu-1.41.0/gammu/nokia.c:958:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer,argv[j]);
data/gammu-1.41.0/gammu/search.c:68:8: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
ret = vprintf(format, ap);
data/gammu-1.41.0/gammu/search.c:129:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(smcfg->DebugLevel, globalcfg->DebugLevel);
data/gammu-1.41.0/gammu/sniff.c:212:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Phone->IMEI, IMEI);
data/gammu-1.41.0/gammu/sniff.c:213:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Phone->Model, Model);
data/gammu-1.41.0/gammu/sniff.c:214:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Phone->Version, Version);
data/gammu-1.41.0/gammu/sniff.c:273:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(gsm->CurrentConfig->Model,argv[4]);
data/gammu-1.41.0/gammu/sniff.c:361:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(gsm->CurrentConfig->Model,argv[3]);
data/gammu-1.41.0/helper/formats.h:2:27: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define PRINTSECONDS(num) printf(ngettext("%d second", "%d seconds", num), num);
data/gammu-1.41.0/helper/formats.h:3:27: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define PRINTMINUTES(num) printf(ngettext("%d minute", "%d minutes", num), num);
data/gammu-1.41.0/helper/formats.h:4:25: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define PRINTHOURS(num) printf(ngettext("%d hour", "%d hours", num), num);
data/gammu-1.41.0/helper/formats.h:5:24: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define PRINTDAYS(num) printf(ngettext("%d day", "%d days", num), num);
data/gammu-1.41.0/helper/formats.h:6:25: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define PRINTWEEKS(num) printf(ngettext("%d week", "%d weeks", num), num);
data/gammu-1.41.0/helper/formats.h:7:25: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define PRINTYEARS(num) printf(ngettext("%d year", "%d years", num), num);
data/gammu-1.41.0/helper/memory-display.c:30:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Call length"));
data/gammu-1.41.0/helper/memory-display.c:38:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Date and time"),OSDateTime(entry->Date,FALSE));
data/gammu-1.41.0/helper/memory-display.c:41:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Last modified"), OSDateTime(entry->Date,FALSE));
data/gammu-1.41.0/helper/memory-display.c:45:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n", _("Category"), DecodeUnicodeConsole(entry->Text));
data/gammu-1.41.0/helper/memory-display.c:55:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\" (%i)\n", _("Category"), DecodeUnicodeConsole(Category.Name), entry->Number);
data/gammu-1.41.0/helper/memory-display.c:57:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%i\n", _("Category"), entry->Number);
data/gammu-1.41.0/helper/memory-display.c:62:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Private"), entry->Number == 1 ? "Yes" : "No");
data/gammu-1.41.0/helper/memory-display.c:66:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%d\"\n", _("Caller group"),entry->Number);
data/gammu-1.41.0/helper/memory-display.c:70:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%d\"\n", _("Caller group"),entry->Number);
data/gammu-1.41.0/helper/memory-display.c:79:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%d\"\n", _("Caller group"), entry->Number);
data/gammu-1.41.0/helper/memory-display.c:90:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n", _("Caller group"),DecodeUnicodeConsole(caller[entry->Number-1].Text));
data/gammu-1.41.0/helper/memory-display.c:104:6: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n", _("Ringtone"),DecodeUnicodeConsole(ringtones_info.Ringtone[z].Name));
data/gammu-1.41.0/helper/memory-display.c:109:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%i\n", _("Ringtone ID"),entry->Number);
data/gammu-1.41.0/helper/memory-display.c:113:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("User ID"),DecodeUnicodeString(entry->Text));
data/gammu-1.41.0/helper/memory-display.c:116:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Picture name"),DecodeUnicodeString(entry->Text));
data/gammu-1.41.0/helper/memory-display.c:119:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "0x%x\n", _("Picture ID"),entry->Number);
data/gammu-1.41.0/helper/memory-display.c:122:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Photo"), _("Displaying not supported"));
data/gammu-1.41.0/helper/memory-display.c:124:32: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
case PBK_Number_Messaging : printf(LISTFORMAT, _("Favorite messaging number")); break;
data/gammu-1.41.0/helper/memory-display.c:129:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Home number"));
data/gammu-1.41.0/helper/memory-display.c:132:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Work number"));
data/gammu-1.41.0/helper/memory-display.c:135:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("General number"));
data/gammu-1.41.0/helper/memory-display.c:139:30: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
case PBK_Number_Video : printf(LISTFORMAT, _("Video number")); break;
data/gammu-1.41.0/helper/memory-display.c:144:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Home mobile number"));
data/gammu-1.41.0/helper/memory-display.c:147:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Work mobile number"));
data/gammu-1.41.0/helper/memory-display.c:150:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Mobile number"));
data/gammu-1.41.0/helper/memory-display.c:158:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Home fax number"));
data/gammu-1.41.0/helper/memory-display.c:161:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Work fax number"));
data/gammu-1.41.0/helper/memory-display.c:164:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Fax number"));
data/gammu-1.41.0/helper/memory-display.c:168:32: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
case PBK_Number_Pager : printf(LISTFORMAT, _("Pager number")); break;
data/gammu-1.41.0/helper/memory-display.c:169:32: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
case PBK_Number_Other : printf(LISTFORMAT, _("Other number")); break;
data/gammu-1.41.0/helper/memory-display.c:170:32: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
case PBK_Text_Note : printf(LISTFORMAT, _("Text")); break;
data/gammu-1.41.0/helper/memory-display.c:175:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Home address"));
data/gammu-1.41.0/helper/memory-display.c:178:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Work address"));
data/gammu-1.41.0/helper/memory-display.c:181:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Address"));
data/gammu-1.41.0/helper/memory-display.c:189:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Home email"));
data/gammu-1.41.0/helper/memory-display.c:192:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Work email"));
data/gammu-1.41.0/helper/memory-display.c:195:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Email"));
data/gammu-1.41.0/helper/memory-display.c:199:32: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
case PBK_Text_Email2 : printf(LISTFORMAT, _("Email address 2")); break;
data/gammu-1.41.0/helper/memory-display.c:204:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Home website"));
data/gammu-1.41.0/helper/memory-display.c:207:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Work website"));
data/gammu-1.41.0/helper/memory-display.c:210:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Website"));
data/gammu-1.41.0/helper/memory-display.c:214:32: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
case PBK_Text_LUID : printf(LISTFORMAT, _("LUID")); break;
data/gammu-1.41.0/helper/memory-display.c:215:32: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
case PBK_Text_VOIP : printf(LISTFORMAT, _("VOIP")); break;
data/gammu-1.41.0/helper/memory-display.c:216:32: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
case PBK_Text_SWIS : printf(LISTFORMAT, _("SWIS")); break;
data/gammu-1.41.0/helper/memory-display.c:217:32: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
case PBK_Text_WVID : printf(LISTFORMAT, _("WVID")); break;
data/gammu-1.41.0/helper/memory-display.c:218:31: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
case PBK_Text_SIP : printf(LISTFORMAT, _("SIP")); break;
data/gammu-1.41.0/helper/memory-display.c:219:32: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
case PBK_Text_DTMF : printf(LISTFORMAT, _("DTMF")); break;
data/gammu-1.41.0/helper/memory-display.c:220:32: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
case PBK_Text_Name : printf(LISTFORMAT, _("Name")); break;
data/gammu-1.41.0/helper/memory-display.c:221:32: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
case PBK_Text_LastName : printf(LISTFORMAT, _("Last name")); break;
data/gammu-1.41.0/helper/memory-display.c:222:32: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
case PBK_Text_FirstName : printf(LISTFORMAT, _("First name")); break;
data/gammu-1.41.0/helper/memory-display.c:223:33: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
case PBK_Text_SecondName : printf(LISTFORMAT, _("Second name")); break;
data/gammu-1.41.0/helper/memory-display.c:224:33: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
case PBK_Text_FormalName : printf(LISTFORMAT, _("Formal name")); break;
data/gammu-1.41.0/helper/memory-display.c:225:33: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
case PBK_Text_NamePrefix : printf(LISTFORMAT, _("Name prefix")); break;
data/gammu-1.41.0/helper/memory-display.c:226:33: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
case PBK_Text_NameSuffix : printf(LISTFORMAT, _("Name suffix")); break;
data/gammu-1.41.0/helper/memory-display.c:227:31: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
case PBK_Text_NickName : printf(LISTFORMAT, _("Nick name")); break;
data/gammu-1.41.0/helper/memory-display.c:228:32: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
case PBK_Text_Company : printf(LISTFORMAT, _("Company")); break;
data/gammu-1.41.0/helper/memory-display.c:229:32: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
case PBK_Text_JobTitle : printf(LISTFORMAT, _("Job title")); break;
data/gammu-1.41.0/helper/memory-display.c:230:32: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
case PBK_Text_StreetAddress : printf(LISTFORMAT, _("Street address")); break;
data/gammu-1.41.0/helper/memory-display.c:231:32: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
case PBK_Text_City : printf(LISTFORMAT, _("City")); break;
data/gammu-1.41.0/helper/memory-display.c:232:32: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
case PBK_Text_State : printf(LISTFORMAT, _("State")); break;
data/gammu-1.41.0/helper/memory-display.c:233:32: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
case PBK_Text_Zip : printf(LISTFORMAT, _("Zip code")); break;
data/gammu-1.41.0/helper/memory-display.c:234:32: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
case PBK_Text_Country : printf(LISTFORMAT, _("Country")); break;
data/gammu-1.41.0/helper/memory-display.c:235:32: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
case PBK_Text_Custom1 : printf(LISTFORMAT, _("Custom text 1")); break;
data/gammu-1.41.0/helper/memory-display.c:236:32: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
case PBK_Text_Custom2 : printf(LISTFORMAT, _("Custom text 2")); break;
data/gammu-1.41.0/helper/memory-display.c:237:32: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
case PBK_Text_Custom3 : printf(LISTFORMAT, _("Custom text 3")); break;
data/gammu-1.41.0/helper/memory-display.c:238:32: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
case PBK_Text_Custom4 : printf(LISTFORMAT, _("Custom text 4")); break;
data/gammu-1.41.0/helper/memory-display.c:239:32: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
case PBK_PushToTalkID : printf(LISTFORMAT, _("Push to talk ID")); break;
data/gammu-1.41.0/helper/message-cmdline.c:247:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(MMSInfo.Address, argv[0 + startarg]);
data/gammu-1.41.0/helper/message-cmdline.c:248:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(MMSInfo.Title, argv[1 + startarg]);
data/gammu-1.41.0/helper/message-cmdline.c:249:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(MMSInfo.Sender, argv[2 + startarg]);
data/gammu-1.41.0/helper/message-cmdline.c:264:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(MMSInfo.Address, argv[0 + startarg]);
data/gammu-1.41.0/helper/message-cmdline.c:265:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(MMSInfo.Title, argv[1 + startarg]);
data/gammu-1.41.0/helper/message-cmdline.c:1389:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(bitmap[0]->Bitmap[0].NetworkCode,NetInfo.NetworkCode);
data/gammu-1.41.0/helper/message-display.c:167:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Status"));
data/gammu-1.41.0/helper/message-display.c:176:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Remote number"));
data/gammu-1.41.0/helper/message-display.c:180:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%d\n", _("Reference number"),sms->MessageReference);
data/gammu-1.41.0/helper/message-display.c:181:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Sent"),OSDateTime(sms->DateTime,TRUE));
data/gammu-1.41.0/helper/message-display.c:182:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n", _("SMSC number"),DecodeUnicodeConsole(sms->SMSC.Number));
data/gammu-1.41.0/helper/message-display.c:183:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("SMSC response"),OSDateTime(sms->SMSCTime,TRUE));
data/gammu-1.41.0/helper/message-display.c:184:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Delivery status"),DecodeUnicodeConsole(sms->Text));
data/gammu-1.41.0/helper/message-display.c:185:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Details"));
data/gammu-1.41.0/helper/message-display.c:228:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Saved"), OSDateTime(sms->DateTime,TRUE));
data/gammu-1.41.0/helper/message-display.c:230:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"", _("SMSC number"), DecodeUnicodeConsole(sms->SMSC.Number));
data/gammu-1.41.0/helper/message-display.c:233:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Sent"), OSDateTime(sms->DateTime,TRUE));
data/gammu-1.41.0/helper/message-display.c:241:33: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
if (sms->ReplaceMessage != 0) printf(LISTFORMAT "%i\n", _("SMS replacing ID"),sms->ReplaceMessage);
data/gammu-1.41.0/helper/message-display.c:246:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%d\n", _("Reference number"),sms->MessageReference);
data/gammu-1.41.0/helper/message-display.c:249:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Sent"), OSDateTime(sms->DateTime,TRUE));
data/gammu-1.41.0/helper/message-display.c:253:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n", _("Name"),DecodeUnicodeConsole(sms->Name));
data/gammu-1.41.0/helper/message-display.c:256:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%i\n", _("Class"),sms->Class);
data/gammu-1.41.0/helper/message-display.c:258:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Coding"));
data/gammu-1.41.0/helper/message-display.c:280:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, ngettext("Remote number", "Remote numbers", sms->OtherNumbersNum + 1));
data/gammu-1.41.0/helper/message-display.c:288:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("Status"));
data/gammu-1.41.0/helper/message-display.c:297:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT, _("User Data Header"));
data/gammu-1.41.0/helper/message-display.c:446:5: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "\"%s\"\n\n", _("Text"),DecodeUnicodeConsole(SMSInfo.Entries[i].Bitmap->Bitmap[0].Text));
data/gammu-1.41.0/helper/message-display.c:477:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Sender"),SMSInfo.Entries[i].MMSIndicator->Sender);
data/gammu-1.41.0/helper/message-display.c:478:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Subject"),SMSInfo.Entries[i].MMSIndicator->Title);
data/gammu-1.41.0/helper/message-display.c:479:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Address"),SMSInfo.Entries[i].MMSIndicator->Address);
data/gammu-1.41.0/helper/message-display.c:480:4: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%li\n", _("Message size"), (long)SMSInfo.Entries[i].MMSIndicator->MessageSize);
data/gammu-1.41.0/helper/message-display.c:546:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Data PDU"), hexmsg);
data/gammu-1.41.0/helper/message-display.c:547:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%d\n", _("Number of bits"),
data/gammu-1.41.0/helper/message-display.c:549:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("UDH"), hexudh);
data/gammu-1.41.0/helper/message-display.c:565:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(LISTFORMAT "%s\n", _("Whole PDU"), hexreq);
data/gammu-1.41.0/helper/printing.c:21:8: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
ret = vprintf(format, ap);
data/gammu-1.41.0/helper/printing.c:37:8: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
ret = vprintf(format, ap);
data/gammu-1.41.0/helper/printing.c:53:8: [4] (format) vprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
ret = vprintf(format, ap);
data/gammu-1.41.0/include/gammu-misc.h:129:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/gammu-1.41.0/include/gammu-misc.h:129:18: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/gammu-1.41.0/libgammu/api.c:81:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(value, s->Phone.Data.Manufacturer);
data/gammu-1.41.0/libgammu/api.c:99:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(value, s->Phone.Data.Model);
data/gammu-1.41.0/libgammu/api.c:117:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(value, s->Phone.Data.Version);
data/gammu-1.41.0/libgammu/api.c:120:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(date, s->Phone.Data.VerDate);
data/gammu-1.41.0/libgammu/api.c:141:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(value, s->Phone.Data.IMEI);
data/gammu-1.41.0/libgammu/debug.c:70:11: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
result = vsnprintf(buffer, sizeof(buffer) - 1, format, argp);
data/gammu-1.41.0/libgammu/debug.c:83:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(timestamp, "%s %4d/%02d/%02d %02d:%02d:%02d: ",
data/gammu-1.41.0/libgammu/device/devfunc.c:245:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(lock_file, lock_path);
data/gammu-1.41.0/libgammu/device/devfunc.c:246:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(lock_file, aux);
data/gammu-1.41.0/libgammu/device/irda/irda.c:106:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(state->Phone.Data.Model,GetModelData(state, NULL,NULL,list->Device[i].irdaDeviceName)->number);
data/gammu-1.41.0/libgammu/device/proxy/proxy.c:95:3: [4] (shell) execv:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execv(argv[0], (char **)argv);
data/gammu-1.41.0/libgammu/device/serial/ser_w32.c:105:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(DeviceName2,s->CurrentConfig->Device);
data/gammu-1.41.0/libgammu/device/serial/ser_w32.c:121:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(DeviceName2,DeviceInterfaceDetailData->DevicePath);
data/gammu-1.41.0/libgammu/device/serial/ser_w32.c:142:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(DeviceName2,DeviceInterfaceDetailData->DevicePath);
data/gammu-1.41.0/libgammu/device/serial/ser_w32.c:196:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(DeviceName,DeviceName2);
data/gammu-1.41.0/libgammu/gsmstate.c:1334:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(configfile, GAMMURC_NAME);
data/gammu-1.41.0/libgammu/gsmstate.c:1344:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(configfile, envpath);
data/gammu-1.41.0/libgammu/gsmstate.c:1345:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(configfile, XDG_GAMMURC_NAME);
data/gammu-1.41.0/libgammu/gsmstate.c:1352:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(configfile, envpath);
data/gammu-1.41.0/libgammu/gsmstate.c:1354:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(configfile, XDG_GAMMURC_NAME);
data/gammu-1.41.0/libgammu/gsmstate.c:1364:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(configfile, envpath);
data/gammu-1.41.0/libgammu/gsmstate.c:1365:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(configfile, GAMMURC_NAME);
data/gammu-1.41.0/libgammu/gsmstate.c:1375:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(configfile, pwent->pw_dir);
data/gammu-1.41.0/libgammu/gsmstate.c:1376:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(configfile, GAMMURC_NAME);
data/gammu-1.41.0/libgammu/gsmstate.c:1391:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(configfile, envpath);
data/gammu-1.41.0/libgammu/gsmstate.c:1396:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(configfile, envpath);
data/gammu-1.41.0/libgammu/gsmstate.c:1397:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(configfile, GAMMURC_NAME);
data/gammu-1.41.0/libgammu/gsmstate.c:1449:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmp, home);
data/gammu-1.41.0/libgammu/gsmstate.c:1450:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(tmp, *string + 1);
data/gammu-1.41.0/libgammu/gsmstate.c:1598:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cfg->Model,DEFAULT_MODEL);
data/gammu-1.41.0/libgammu/gsmstate.c:1602:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cfg->Model,Temp);
data/gammu-1.41.0/libgammu/gsmstate.c:1609:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cfg->DebugLevel,DEFAULT_DEBUG_LEVEL);
data/gammu-1.41.0/libgammu/gsmstate.c:1613:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cfg->DebugLevel,Temp);
data/gammu-1.41.0/libgammu/gsmstate.c:1628:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cfg->TextReminder,Temp);
data/gammu-1.41.0/libgammu/gsmstate.c:1638:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cfg->TextMeeting,Temp);
data/gammu-1.41.0/libgammu/gsmstate.c:1648:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cfg->TextCall,Temp);
data/gammu-1.41.0/libgammu/gsmstate.c:1658:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cfg->TextBirthday,Temp);
data/gammu-1.41.0/libgammu/gsmstate.c:1668:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cfg->TextMemo,Temp);
data/gammu-1.41.0/libgammu/gsmstate.c:1701:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cfg->Model,DEFAULT_MODEL);
data/gammu-1.41.0/libgammu/gsmstate.c:1702:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cfg->DebugLevel,DEFAULT_DEBUG_LEVEL);
data/gammu-1.41.0/libgammu/misc/coding/coding.c:2140:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(tmp, lastpos);
data/gammu-1.41.0/libgammu/misc/coding/md5-glib.c:12:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(checksum, ret);
data/gammu-1.41.0/libgammu/misc/misc.c:322:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(retval2,retval);
data/gammu-1.41.0/libgammu/misc/misc.c:331:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(retval2,retval);
data/gammu-1.41.0/libgammu/misc/misc.c:375:15: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(retval2,retval);
data/gammu-1.41.0/libgammu/misc/win32-dirent.c:39:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (dir->dd_name, name);
data/gammu-1.41.0/libgammu/misc/win32-dirent.c:67:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (dirname, dir->dd_name);
data/gammu-1.41.0/libgammu/phone/alcatel/alcatel.c:3946:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(value, s->Phone.Data.ModelInfo->model);
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:54:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(smscCmdReq, "AT+CSCA=\"%s\"\r",DecodeUnicodeString(smsc->Number));
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:1204:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Priv->SMSCache[Priv->SMSCount - 1].PDU, str);
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:1919:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
len = sprintf(buffer, "AT+CMGW=\"123\",,\"%s\"\r",statetxt);
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:1921:18: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
len = sprintf(buffer, "AT+CMGW=\"%s\",,\"%s\"\r",DecodeUnicodeString(sms->Number),statetxt);
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:1924:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
len = sprintf(buffer, "AT+CMGW=\"%s\",,\"%s\"\r",DecodeUnicodeString(sms->Number),statetxt);
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:2073:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
len = sprintf(buffer, "AT+CMGS=\"%s\"\r",DecodeUnicodeString(sms->Number));
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1376:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(out_us, buffer);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1393:8: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, buffer2);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1997:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s->Phone.Data.Manufacturer, vendor->name);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:2636:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
len = sprintf(buffer, "AT+CSCS=\"%s\"\r", buffer3);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:2638:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
len = sprintf(buffer, "AT+CSCS=\"%s\"\r", AT_Charsets[i].text);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:2805:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
len = sprintf(req, "AT+CCLK=\"%04i/%02i/%02i,%02i:%02i:%02i%s\"\r",
data/gammu-1.41.0/libgammu/phone/at/atgen.c:2814:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
len = sprintf(req, "AT+CCLK=\"%02i/%02i/%02i,%02i:%02i:%02i%s\"\r",
data/gammu-1.41.0/libgammu/phone/at/atgen.c:4481:8: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
len = sprintf(req, format, s->Phone.Data.EnableIncomingUSSD ? 1 : 0, encoded);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:4509:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
length = sprintf(buffer, "ATDT%s;\r", number);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:4514:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
length = sprintf(buffer, "ATD%s;\r", number);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:4553:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
len = sprintf(req, "AT+CPIN2=\"%s\"\r", Code->Code);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:4568:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
len = sprintf(req, "AT+CPIN=\"%s\",\"%s\"\r" , Code->Code, Code->NewPIN);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:4570:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
len = sprintf(req, "AT+CPIN=\"%s\"\r" , Code->Code);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5005:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "AT+CCFC=%d,3,\"%s\",129,\"\",128,%d\r",
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5013:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "AT+CCFC=%d,3,\"%s\"\r",
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5224:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(number, "%s", DecodeUnicodeString(entry->Entries[Number].Text));
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5245:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
reqlen = sprintf(req, "AT+CPBW=%d,\"%s\",%i,\"", entry->Location + Priv->FirstMemoryEntry - 1, number, NumberType);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5961:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(frame, key);
data/gammu-1.41.0/libgammu/phone/at/samsung.c:331:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
len = sprintf(req, "AT+IMGW=0,\"%s\",2,0,0,0,0,100,%ld,%u\r", name,
data/gammu-1.41.0/libgammu/phone/at/samsung.c:441:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
len = sprintf(req, "AT+MELW=0,\"%s\",4,%ld,%u\r", name,
data/gammu-1.41.0/libgammu/phone/at/siemens.c:84:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
reqlen = sprintf(req, "AT^SBNW=\"%s\",%i,%i,%i\r",templ,Location,CurrentFrame+1,MaxFrame);
data/gammu-1.41.0/libgammu/phone/atobex/atobex.c:285:8: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(value, s->Phone.Data.Model);
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:84:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(log_file, s->CurrentConfig->Device);
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:86:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(log_file, filename);
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:101:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, s->CurrentConfig->Device);
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:103:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(path, filename);
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:115:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(path, Priv->dirnames[depth]);
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:117:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(path, filename);
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:133:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(full_name, "%s/%s/%d", s->CurrentConfig->Device, dirname, i);
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:153:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(full_name, "%s/%s/%d", s->CurrentConfig->Device, dirname, i);
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:172:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(full_name, "%s/%s/%d", s->CurrentConfig->Device, dirname, i);
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:197:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(full_name, "%s/%s/%d", s->CurrentConfig->Device, dirname, i);
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:231:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(path, "pbk/%s/%d", GSM_MemoryTypeToString(entry->MemoryType), entry->Location);
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:329:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s->Phone.Data.Version, GAMMU_VERSION);
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:444:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s->Phone.Data.Version, GAMMU_VERSION);
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:1194:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Priv->dirnames[DUMMY_MAX_FS_DEPTH], path);
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:1261:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Priv->dirnames[Priv->fs_depth], path);
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:1285:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Priv->dirnames[0], path);
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:1355:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Priv->dirnames[Priv->fs_depth], path);
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:1428:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dirname, "pbk/%s", GSM_MemoryTypeToString(Status->MemoryType));
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:1493:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dirname, "pbk/%s", GSM_MemoryTypeToString(entry->MemoryType));
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:1544:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dirname, "pbk/%s", GSM_MemoryTypeToString(entry->MemoryType));
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:1556:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(dirname, "pbk/%s", GSM_MemoryTypeToString(type));
data/gammu-1.41.0/libgammu/phone/nokia/dct3/dct3func.c:1276:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s->Phone.Data.Netmonitor,msg->Buffer+4);
data/gammu-1.41.0/libgammu/phone/nokia/dct3/dct3func.c:1314:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(value,s->Phone.Data.ProductCodeCache);
data/gammu-1.41.0/libgammu/phone/nokia/dct3/dct3func.c:1337:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(value,s->Phone.Data.HardwareCache);
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:205:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Data->IMEI, "%s", msg->Buffer+9);
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:206:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Data->HardwareCache, "%s", msg->Buffer+39);
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:207:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Data->ProductCodeCache, "%s", msg->Buffer+31);
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:1666:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf,"c:/%s",DecodeUnicodeString(File->ID_FullName));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:2403:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(req+pos,"%s",DecodeUnicodeString(settings->Proxy));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:2407:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(req+pos,"%s",DecodeUnicodeString(settings->Proxy2));
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:1039:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s->Phone.Data.PhoneString, msg->Buffer+s->Phone.Data.StartPhoneString);
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:1548:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Data->Model,GetLineString(msg->Buffer, &lines, 4));
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:1552:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Data->VerDate,GetLineString(msg->Buffer, &lines, 3));
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:1555:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Data->Version,GetLineString(msg->Buffer, &lines, 2));
data/gammu-1.41.0/libgammu/phone/nokia/wd2/n3650.c:69:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(req+10,"%s",File->ID_FullName);
data/gammu-1.41.0/libgammu/phone/nokia/wd2/n3650.c:142:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(
data/gammu-1.41.0/libgammu/phone/nokia/wd2/n3650.c:175:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(req+10,"%s", File->ID_FullName);
data/gammu-1.41.0/libgammu/phone/nokia/wd2/n3650.c:233:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(File->ID_FullName,Priv->Files[Priv->FilesLocationsCurrent]->ID_FullName);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:1183:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Line2,Line);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:1209:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Line2,Line);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:1232:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Line2,Line);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:1237:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Line2,Line);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:1879:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(path, "telecom/pb/luid/%s.vcf", Priv->PbLUID[Entry->Location]);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:2079:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(path, "telecom/pb/luid/%s.vcf", Priv->PbLUID[Entry->Location]);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:2357:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(path, "telecom/cal/luid/%s.vcs", Priv->CalLUID[Entry->Location]);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:2551:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(path, "telecom/cal/luid/%s.vcs", Priv->CalLUID[Entry->Location]);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:2776:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(path, "telecom/cal/luid/%s.vcs", Priv->TodoLUID[Entry->Location]);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:2973:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(path, "telecom/cal/luid/%s.vcs", Priv->TodoLUID[Entry->Location]);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:3215:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(path, "telecom/nt/luid/%s.vnt", Priv->NoteLUID[Entry->Location]);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:3393:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(path, "telecom/nt/luid/%s.vnt", Priv->NoteLUID[Entry->Location]);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:3539:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(match, Name);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:3568:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(match, Name);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:3578:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(match, Name);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:3603:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(match, Name);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:3611:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(match, Attrib);
data/gammu-1.41.0/libgammu/phone/pfunc.c:154:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(path, "%s/%s", ExtraPath, filename);
data/gammu-1.41.0/libgammu/phone/pfunc.c:164:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(path, "%s/%s", GAMMU_DATA_PATH, filename);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:105:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cfg->DebugLevel, s->CurrentConfig->DebugLevel);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:382:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s->Phone.Data.NetworkInfo->CID, cellid);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:383:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s->Phone.Data.NetworkInfo->NetworkCode, mcc);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:385:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(s->Phone.Data.NetworkInfo->NetworkCode, mnc);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:387:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s->Phone.Data.NetworkInfo->LAC, lac);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:428:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s->Phone.Data.IMEI, Priv->MessageParts[1]);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:433:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s->Phone.Data.Manufacturer, pos + 3);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:440:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s->Phone.Data.Model, pos + 1);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:446:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s->Phone.Data.Model, Priv->MessageParts[1]);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:449:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s->Phone.Data.Model, Priv->MessageParts[1]);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:466:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s->Phone.Data.Version, Priv->MessageParts[1]);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:468:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(s->Phone.Data.Version, Priv->MessageParts[2]);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1308:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "%d%s", Entry->Location, NUM_SEPERATOR_STR);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1327:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "%s%s", type, NUM_SEPERATOR_STR);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1340:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, NUM_SEPERATOR_STR);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1346:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, NUM_SEPERATOR_STR);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1352:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, NUM_SEPERATOR_STR);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1358:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, NUM_SEPERATOR_STR);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1368:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, NUM_SEPERATOR_STR);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1377:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, NUM_SEPERATOR_STR);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1381:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, NUM_SEPERATOR_STR);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1384:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, NUM_SEPERATOR_STR); /* Type */
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1385:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, NUM_SEPERATOR_STR); /* Days */
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1386:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, NUM_SEPERATOR_STR); /* Exceptions */
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1392:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, NUM_SEPERATOR_STR);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1398:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, NUM_SEPERATOR_STR);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1404:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, NUM_SEPERATOR_STR);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1639:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "%d%s", Entry->Location, NUM_SEPERATOR_STR);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1641:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "%s%s", "todo", NUM_SEPERATOR_STR);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1651:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, NUM_SEPERATOR_STR);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1657:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, NUM_SEPERATOR_STR);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1663:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, NUM_SEPERATOR_STR);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1669:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, NUM_SEPERATOR_STR);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1679:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, NUM_SEPERATOR_STR);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1688:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, NUM_SEPERATOR_STR);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1692:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, NUM_SEPERATOR_STR);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1694:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, NUM_SEPERATOR_STR); /* Type */
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1695:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, NUM_SEPERATOR_STR); /* Days */
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1696:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, NUM_SEPERATOR_STR); /* Exceptions */
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1697:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, NUM_SEPERATOR_STR); /* Start */
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1698:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, NUM_SEPERATOR_STR); /* End */
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1699:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, NUM_SEPERATOR_STR); /* Frequency */
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1937:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, NUM_SEPERATOR_STR);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1939:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, NUM_SEPERATOR_STR);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1953:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, NUM_SEPERATOR_STR);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1956:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, NUM_SEPERATOR_STR);
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:70:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cfg->DebugLevel, s->CurrentConfig->DebugLevel);
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:701:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(NetInfo.NetworkCode,"%s",DecodeUnicodeString(buf));
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:720:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Data->NetworkInfo->NetworkCode,"%s",DecodeUnicodeString(buf));
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:1651:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s->Phone.Data.HardwareCache,DecodeUnicodeString(buff));
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:1663:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(value,s->Phone.Data.HardwareCache);
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:1669:25: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if (error == ERR_NONE) strcpy(value,s->Phone.Data.HardwareCache);
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:1686:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s->Phone.Data.Manufacturer,DecodeUnicodeString(buff));
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:1711:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s->Phone.Data.IMEI,DecodeUnicodeString(buff));
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:1740:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Data->Model,GetLineString(DecodeUnicodeString(msg->Buffer+6), &lines, 4));
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:1744:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Data->VerDate,GetLineString(DecodeUnicodeString(msg->Buffer+6), &lines, 3));
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:1747:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Data->Version,GetLineString(DecodeUnicodeString(msg->Buffer+6), &lines, 2));
data/gammu-1.41.0/libgammu/service/backup/backldif.c:248:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buff,Start);
data/gammu-1.41.0/libgammu/service/backup/backldif.c:257:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buff,Start);
data/gammu-1.41.0/libgammu/service/backup/backldif.c:286:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Buff2,"%s",DecodeUnicodeString(Buff));
data/gammu-1.41.0/libgammu/service/backup/backtext.c:67:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer+len,h->SectionName);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:72:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer+len,e->EntryName);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:75:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer+len,e->EntryValue);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:119:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer3,"%s%02i = %s%c%c",myname,w,buffer2,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:143:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer2, "%s%02i", myname, i);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:155:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(result + pos, readvalue);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:175:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "%s = \"", myname);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:259:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(paramname,myname);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:273:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(paramname,myname);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1092:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer2,"Bitmap%02i = \"%s\"%c%c",(int)y,buffer,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1278:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"Network = \"%s\"%c%c", bitmap->NetworkCode,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1338:10: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"Completed = %s%c%c",ToDo->Entries[j].Number == 1 ? "yes" : "no" ,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1611:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buffer, BACKUP_MAIN_HEADER "%c%c", 13, 10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1614:2: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buffer, BACKUP_INFO_HEADER "%c%c", 13, 10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1620:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"IMEI = \"%s\"%c%c",backup->IMEI,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1623:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"Phone = \"%s\"%c%c",backup->Model,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1627:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"Creator = \"%s\"%c%c",backup->Creator,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1807:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"MD5=%s%c%c",checksum,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1832:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"%s",DecodeUnicodeString(e->EntryName));
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1834:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"%s",e->EntryName);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2790:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"%s",DecodeUnicodeString(e->EntryName));
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2792:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"%s",e->EntryName);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2956:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"%s",DecodeUnicodeString(e->EntryName));
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2958:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"%s",e->EntryName);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:3268:23: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if (readvalue!=NULL) strcpy(backup->MD5Original,readvalue);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:3996:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "%s", DecodeUnicodeString(comment));
data/gammu-1.41.0/libgammu/service/backup/backtext.c:4033:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(file, BACKUP_MAIN_HEADER "\n");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:4034:2: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(file, BACKUP_INFO_HEADER "\n");
data/gammu-1.41.0/libgammu/service/gsmdata.c:170:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"%s",DecodeUnicodeString(settings->HomePage));
data/gammu-1.41.0/libgammu/service/gsmdata.c:292:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
*Length+=sprintf(Buffer+(*Length), "TITLE:%s%c%c",DecodeUnicodeString(bookmark->Title),13,10);
data/gammu-1.41.0/libgammu/service/gsmdata.c:293:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
*Length+=sprintf(Buffer+(*Length), "URL:%s%c%c",DecodeUnicodeString(bookmark->Address),13,10);
data/gammu-1.41.0/libgammu/service/gsmdata.c:297:11: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
*Length+=sprintf(Buffer+(*Length), "URL=%s%c%c",DecodeUnicodeString(bookmark->Address),13,10);
data/gammu-1.41.0/libgammu/service/gsmdata.c:345:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Buffer+(*Length),Indicator->Address+i+1);
data/gammu-1.41.0/libgammu/service/gsmdata.c:390:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer,"%s/TYPE=PLMN",Indicator->Sender);
data/gammu-1.41.0/libgammu/service/gsmdata.c:395:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Buffer+(*Length),buffer);
data/gammu-1.41.0/libgammu/service/gsmdata.c:402:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Buffer+(*Length),Indicator->Title);
data/gammu-1.41.0/libgammu/service/gsmdata.c:411:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Buffer+(*Length),Indicator->Address);
data/gammu-1.41.0/libgammu/service/gsmdata.c:464:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buffer, tmpbuf);
data/gammu-1.41.0/libgammu/service/gsmmisc.c:130:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Value,Line+Pos);
data/gammu-1.41.0/libgammu/service/gsmmisc.c:193:11: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
result = vsnprintf(Buffer + (*Pos), buff_len - *Pos - 1, format, argp);
data/gammu-1.41.0/libgammu/service/gsmmisc.c:214:11: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
result = vsnprintf(Buffer + (*Pos), buff_len - *Pos - 1, format, argp);
data/gammu-1.41.0/libgammu/service/gsmmisc.c:319:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buff,Start);
data/gammu-1.41.0/libgammu/service/gsmmisc.c:342:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fullstart, Start);
data/gammu-1.41.0/libgammu/service/gsmmisc.c:348:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(fullstart, Start);
data/gammu-1.41.0/libgammu/service/gsmnet.c:2779:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(NetworkCodeFull, "%c%c%c %s", NetworkCode[0], NetworkCode[1], NetworkCode[2], pos);
data/gammu-1.41.0/libgammu/service/gsmpbk.c:628:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf+1,"%s",DecodeUnicodeString(Number)); /* leave 1 free char before the number, we'll need it */
data/gammu-1.41.0/libgammu/service/gsmring.c:1591:16: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
*maxlength+=sprintf(package+(*maxlength),"NAME:%s%c%c",DecodeUnicodeString(ringtone->Name),13,10);
data/gammu-1.41.0/libgammu/service/sms/gsmmulti.c:1069:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Info->Entries[0].MMSIndicator->Sender, Buffer + i + 4);
data/gammu-1.41.0/libgammu/service/sms/gsmmulti.c:1071:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Info->Entries[0].MMSIndicator->Sender, Buffer + i + 2);
data/gammu-1.41.0/libgammu/service/sms/gsmmulti.c:1080:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Info->Entries[0].MMSIndicator->Title, Buffer + i + 3);
data/gammu-1.41.0/libgammu/service/sms/gsmmulti.c:1083:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Info->Entries[0].MMSIndicator->Title, Buffer + i + 1);
data/gammu-1.41.0/libgammu/service/sms/gsmmulti.c:1118:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Info->Entries[0].MMSIndicator->Address, Buffer + i + 1);
data/gammu-1.41.0/smsd/core.c:282:2: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(Buffer,format, argp);
data/gammu-1.41.0/smsd/core.c:385:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(Config->gammu_log_buffer + pos, text);
data/gammu-1.41.0/smsd/core.c:750:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
len = sprintf(Config->map_key, "Gammu-smsd-%s", config_name);
data/gammu-1.41.0/smsd/core.c:1016:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(SecurityCode.Code, code);
data/gammu-1.41.0/smsd/core.c:1287:2: [4] (shell) execl:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
execl("/bin/sh", "sh", "-c", cmdline, NULL);
data/gammu-1.41.0/smsd/core.c:1931:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(Config->Status->Client, "Gammu %s on %s compiler %s",
data/gammu-1.41.0/smsd/services/dbi.c:309:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "\"%s\"", id);
data/gammu-1.41.0/smsd/services/files.c:93:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(FileName,
data/gammu-1.41.0/smsd/services/files.c:97:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(FullName, Config->inboxpath);
data/gammu-1.41.0/smsd/services/files.c:98:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(FullName, FileName);
data/gammu-1.41.0/smsd/services/files.c:116:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buffer, DecodeUnicodeString(sms->SMS[i].Number));
data/gammu-1.41.0/smsd/services/files.c:128:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(*Locations, FileName);
data/gammu-1.41.0/smsd/services/files.c:225:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(FullName, Config->outboxpath);
data/gammu-1.41.0/smsd/services/files.c:229:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(FullName, Config->outboxpath);
data/gammu-1.41.0/smsd/services/files.c:237:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(FileName, c_file.name);
data/gammu-1.41.0/smsd/services/files.c:245:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(FullName, Config->outboxpath);
data/gammu-1.41.0/smsd/services/files.c:278:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(FileName, namelist[cur_file]->d_name);
data/gammu-1.41.0/smsd/services/files.c:293:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(FullName, Config->outboxpath);
data/gammu-1.41.0/smsd/services/files.c:294:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(FullName, FileName);
data/gammu-1.41.0/smsd/services/files.c:304:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ID, FileName);
data/gammu-1.41.0/smsd/services/files.c:419:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ID, FileName);
data/gammu-1.41.0/smsd/services/files.c:507:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ifilename, sourcepath);
data/gammu-1.41.0/smsd/services/files.c:508:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(ifilename, ID);
data/gammu-1.41.0/smsd/services/files.c:510:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ofilename, destpath);
data/gammu-1.41.0/smsd/services/files.c:511:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(ofilename, ID);
data/gammu-1.41.0/smsd/services/files.c:596:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(FileName,
data/gammu-1.41.0/smsd/services/files.c:599:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(FullName, Config->outboxpath);
data/gammu-1.41.0/smsd/services/files.c:600:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(FullName, FileName);
data/gammu-1.41.0/smsd/services/files.c:671:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(NewID, FullName);
data/gammu-1.41.0/smsd/services/files.c:697:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(FullPath, Config->outboxpath);
data/gammu-1.41.0/smsd/services/files.c:698:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(FullPath, Config->SMSID);
data/gammu-1.41.0/smsd/services/pgsql.c:89:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "host = '%s' user = '%s' password = '%s' dbname = '%s' port = %d", Config->host, Config->user, Config->password, Config->database, port);
data/gammu-1.41.0/smsd/services/sql.c:64:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(result, now_plus_mysql, seconds);
data/gammu-1.41.0/smsd/services/sql.c:66:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(result, now_plus_pgsql, seconds);
data/gammu-1.41.0/smsd/services/sql.c:68:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(result, now_plus_sqlite, seconds);
data/gammu-1.41.0/smsd/services/sql.c:70:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(result, now_plus_freetds, seconds);
data/gammu-1.41.0/smsd/services/sql.c:72:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(result, now_plus_access, seconds);
data/gammu-1.41.0/smsd/services/sql.c:74:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(result, now_plus_oracle, seconds);
data/gammu-1.41.0/smsd/services/sql.c:76:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(result, now_plus_odbc, seconds);
data/gammu-1.41.0/smsd/services/sql.c:78:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(result, now_plus_fallback, seconds);
data/gammu-1.41.0/smsd/services/sql.c:130:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(result, count);
data/gammu-1.41.0/smsd/services/sql.c:150:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(result, top_clause_access);
data/gammu-1.41.0/smsd/services/sql.c:152:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(result, count);
data/gammu-1.41.0/smsd/services/sql.c:173:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(result, limit_clause_fallback);
data/gammu-1.41.0/smsd/services/sql.c:175:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(result, count);
data/gammu-1.41.0/smsd/services/sql.c:566:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(
data/gammu-1.41.0/smsd/services/sql.c:658:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "SELECT %sVersion%s FROM %s", escape_char, escape_char, Config->table_gammu);
data/gammu-1.41.0/smsd/services/sql.c:1171:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(creator, "Gammu %s",GAMMU_VERSION); /* %1 */
data/gammu-1.41.0/smsd/winservice.c:146:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(commandline, "\"%s\" -S -c \"%s\" -n \"%s\" -f %d",
data/gammu-1.41.0/smsd/winservice.c:149:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(service_display_name, "Gammu SMSD Service (%s)", smsd_service_name);
data/gammu-1.41.0/tests/statemachine-init.c:30:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(smcfg->Model, model);
data/gammu-1.41.0/contrib/coveragehelper/coveragehelper.c:123:11: [3] (shell) CreateProcess:
This causes a new process to execute and is difficult to use safely
(CWE-78). Specify the application path in the first argument, NOT as part
of the second, or embedded spaces could allow an attacker to force a
different program to run.
result = CreateProcess(NULL, /* No module name (use command line) */
data/gammu-1.41.0/contrib/coveragehelper/coveragehelper.c:123:11: [3] (shell) CreateProcess:
This causes a new process to execute and is difficult to use safely
(CWE-78). Specify the application path in the first argument, NOT as part
of the second, or embedded spaces could allow an attacker to force a
different program to run.
result = CreateProcess(NULL, /* No module name (use command line) */
data/gammu-1.41.0/gammu/gammu.c:920:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
columns = getenv("COLUMNS");
data/gammu-1.41.0/libgammu/device/proxy/proxy.c:49:15: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((shell = getenv("SHELL")) == NULL || *shell == '\0') {
data/gammu-1.41.0/libgammu/gsmstate.c:1342:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
envpath = getenv("XDG_CONFIG_HOME");
data/gammu-1.41.0/libgammu/gsmstate.c:1350:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
envpath = getenv("HOME");
data/gammu-1.41.0/libgammu/gsmstate.c:1362:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
envpath = getenv("HOME");
data/gammu-1.41.0/libgammu/gsmstate.c:1389:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
envpath = getenv("HOMEDRIVE");
data/gammu-1.41.0/libgammu/gsmstate.c:1394:12: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
envpath = getenv("HOMEPATH");
data/gammu-1.41.0/libgammu/gsmstate.c:1441:9: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
home = getenv("HOME");
data/gammu-1.41.0/libgammu/misc/misc.c:35:21: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char* has_value = getenv(name);
data/gammu-1.41.0/libgammu/misc/misc.c:235:7: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
tz = getenv("TZ");
data/gammu-1.41.0/smsd/core.c:733:13: [3] (buffer) realpath:
This function does not protect against buffer overflows, and some
implementations can overflow internally (CWE-120/CWE-785!). Ensure that the
destination buffer is at least of size MAXPATHLEN, andto protect against
implementation problems, the input argument should also be checked to
ensure it is no larger than MAXPATHLEN.
} else if (realpath(filename, fullpath) == NULL) {
data/gammu-1.41.0/smsd/core.c:1153:8: [3] (shell) CreateProcess:
This causes a new process to execute and is difficult to use safely
(CWE-78). Specify the application path in the first argument, NOT as part
of the second, or embedded spaces could allow an attacker to force a
different program to run.
ret = CreateProcess(NULL, /* No module name (use command line) */
data/gammu-1.41.0/smsd/core.c:1153:8: [3] (shell) CreateProcess:
This causes a new process to execute and is difficult to use safely
(CWE-78). Specify the application path in the first argument, NOT as part
of the second, or embedded spaces could allow an attacker to force a
different program to run.
ret = CreateProcess(NULL, /* No module name (use command line) */
data/gammu-1.41.0/smsd/inject.c:117:3: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
getopt_long(argc, argv, "+hvc:lL", long_options,
data/gammu-1.41.0/smsd/inject.c:120:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt(argc, argv, "+hvc:lL")) != -1) {
data/gammu-1.41.0/smsd/main.c:223:16: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt_long(argc, argv, "hvdc:p:iusSkU:G:n:X:f:lLeE", long_options, &option_index)) != -1) {
data/gammu-1.41.0/smsd/main.c:225:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt(argc, argv, "hvdc:p:iusSkU:G:n:X:f:lLeE")) != -1) {
data/gammu-1.41.0/smsd/monitor.c:130:3: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
getopt_long(argc, argv, "+hvc:d:n:ClL", long_options,
data/gammu-1.41.0/smsd/monitor.c:133:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((opt = getopt(argc, argv, "+hvc:d:n:ClL")) != -1) {
data/gammu-1.41.0/contrib/convert/makeconverttable.c:9:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char InputBuffer[10000], Buffer[10000];
data/gammu-1.41.0/contrib/convert/makeconverttable.c:18:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(argv[1], "rb");
data/gammu-1.41.0/contrib/coveragehelper/coveragehelper.c:33:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char logname[1000];
data/gammu-1.41.0/contrib/coveragehelper/coveragehelper.c:74:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
handle = fopen(logfile, "w");
data/gammu-1.41.0/contrib/smscgi/sms_cgi.c:43:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cgi_path[200];
data/gammu-1.41.0/contrib/smscgi/sms_cgi.c:44:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[400]; /**< decode buffer */
data/gammu-1.41.0/contrib/smscgi/sms_cgi.c:45:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer2[400]; /**< decode buffer */
data/gammu-1.41.0/contrib/smscgi/sms_cgi.c:46:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer3[400]; /**< decode buffer */
data/gammu-1.41.0/contrib/smscgi/sms_cgi.c:68:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
errfd = open(err_file, O_APPEND);
data/gammu-1.41.0/contrib/smscgi/sms_cgi.c:80:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char script_name[300];
data/gammu-1.41.0/contrib/smscgi/sms_cgi.c:81:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *params[2];
data/gammu-1.41.0/contrib/smscgi/sms_cgi.c:88:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(script_name, "error");
data/gammu-1.41.0/contrib/smscgi/sms_cgi.c:137:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(script_name, "default");
data/gammu-1.41.0/contrib/smscgi/sms_cgi.c:177:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer3, "\r\n");
data/gammu-1.41.0/contrib/smscgi/sms_cgi.h:28:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char cgi_path[200];
data/gammu-1.41.0/contrib/sqlreply/c/michal.c:26:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Pass[50];
data/gammu-1.41.0/contrib/sqlreply/c/michal.c:27:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char User[50];
data/gammu-1.41.0/contrib/sqlreply/c/michal.c:28:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char DBName[50];
data/gammu-1.41.0/contrib/sqlreply/c/michal.c:29:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char PC[50];
data/gammu-1.41.0/contrib/sqlreply/c/michal.c:85:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf4[5000];
data/gammu-1.41.0/contrib/sqlreply/c/michal.c:88:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *args[10];
data/gammu-1.41.0/contrib/sqlreply/c/michal.c:89:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffe[10][200];
data/gammu-1.41.0/contrib/sqlreply/c/michal.c:106:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num2 = atoi(b);
data/gammu-1.41.0/contrib/sqlreply/c/michal.c:112:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num2 = atoi(b);
data/gammu-1.41.0/contrib/sqlreply/c/michal.c:125:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num2 = atoi(b);
data/gammu-1.41.0/contrib/sqlreply/c/michal.c:131:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num2 = atoi(b);
data/gammu-1.41.0/contrib/sqlreply/c/michal.c:167:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[5000];
data/gammu-1.41.0/contrib/sqlreply/c/michal.c:187:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf3[5000], buf4[5000];
data/gammu-1.41.0/contrib/sqlreply/c/michal.c:246:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[5000];
data/gammu-1.41.0/contrib/sqlreply/c/michal.c:268:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "select ID from rules group by ID");
data/gammu-1.41.0/contrib/symbian/gnapplet/gnapplet.cpp:48:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[64], key[64], value[64];
data/gammu-1.41.0/contrib/symbian/gnapplet/gnapplet.cpp:53:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((f = fopen(file, "rt")) == NULL) return;
data/gammu-1.41.0/contrib/win32/smsd_mfc/main.cpp:35:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[1000],buf2[1000];
data/gammu-1.41.0/contrib/win32/smsd_mfc/main.cpp:57:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[100];
data/gammu-1.41.0/contrib/win32/smsd_mfc/main.cpp:62:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%c%c%c%c-%c%c-%c%c %c%c:%c%c:%c%c",
data/gammu-1.41.0/contrib/win32/smsd_mfc/main.cpp:76:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buffer[100];
data/gammu-1.41.0/contrib/win32/smsd_mfc/main.cpp:79:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"default");
data/gammu-1.41.0/contrib/win32/smsd_mfc/main.cpp:81:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"5 minutes");
data/gammu-1.41.0/contrib/win32/smsd_mfc/main.cpp:83:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"max. time");
data/gammu-1.41.0/contrib/win32/smsd_mfc/main.cpp:110:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = atoi( pport );
data/gammu-1.41.0/contrib/win32/smsd_mfc/main.cpp:190:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(Row[0]) != 4) {
data/gammu-1.41.0/contrib/win32/smsd_mfc/main.cpp:260:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char something[1000];
data/gammu-1.41.0/contrib/win32/smsd_mfc/main.cpp:340:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(something+strlen(something)," and SequencePosition=%i limit 1",i);
data/gammu-1.41.0/contrib/win32/smsd_mfc/main.cpp:474:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char something[1000];
data/gammu-1.41.0/contrib/win32/smsd_mfc/sendsms.cpp:44:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *text[20000];
data/gammu-1.41.0/contrib/win32/smsd_mfc/sendsms.cpp:45:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *text2[41000];
data/gammu-1.41.0/contrib/win32/smsd_mfc/sendsms.cpp:47:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1000];
data/gammu-1.41.0/contrib/win32/smsd_mfc/sendsms.cpp:60:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf,"SMS text (%i chars left/%i SMS)",CharsLeft,SMSNum);
data/gammu-1.41.0/docs/examples/custom-config.c:12:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/gammu-1.41.0/docs/examples/long-sms.c:53:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char message_unicode[(sizeof(message_text) + 1) * 2];
data/gammu-1.41.0/docs/examples/phone-info.c:8:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/gammu-1.41.0/gammu-detect/bluez.c:39:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char bluez_prefix[9];
data/gammu-1.41.0/gammu-detect/bluez.c:475:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addr[19] = { 0 };
data/gammu-1.41.0/gammu-detect/bluez.c:476:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[248] = { 0 };
data/gammu-1.41.0/gammu-detect/bluez.c:502:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(name, "[unknown]");
data/gammu-1.41.0/gammu-detect/udev.c:40:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char real_fmt[1000] = "; ";
data/gammu-1.41.0/gammu-detect/udev.c:63:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char propstr[500];
data/gammu-1.41.0/gammu-detect/udev.c:186:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *subsys[2] = { "tty", NULL };
data/gammu-1.41.0/gammu-detect/win32-serial.c:35:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[65535];
data/gammu-1.41.0/gammu/backup.c:43:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Buffer[100000];
data/gammu-1.41.0/gammu/backup.c:185:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(argv[3],"wb");
data/gammu-1.41.0/gammu/backup.c:349:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[GSM_MAX_INFO_LENGTH];
data/gammu-1.41.0/gammu/backup.c:358:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Backup.Creator+strlen(Backup.Creator),", ");
data/gammu-1.41.0/gammu/backup.c:362:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Backup.Creator+strlen(Backup.Creator),", ");
data/gammu-1.41.0/gammu/backup.c:385:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(Backup.Model," (");
data/gammu-1.41.0/gammu/backupsms.c:215:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(SMS->SMS[0]), Backup->SMS[smsnum], sizeof(GSM_SMSMessage));
data/gammu-1.41.0/gammu/calendar.c:159:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&DateTime, &Note->Entries[i].Date,
data/gammu-1.41.0/gammu/calendar.c:166:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&DateTime, &Note->Entries[i].Date,
data/gammu-1.41.0/gammu/calendar.c:192:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&Alarm, &Note->Entries[i].Date,
data/gammu-1.41.0/gammu/calendar.c:213:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&Alarm, &Note->Entries[i].Date,
data/gammu-1.41.0/gammu/calendar.c:878:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Text[(GSM_MAX_CATEGORY_NAME_LENGTH + 1) * 2];
data/gammu-1.41.0/gammu/common.c:74:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char result[100];
data/gammu-1.41.0/gammu/common.c:78:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(result, _("January"));
data/gammu-1.41.0/gammu/common.c:81:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(result, _("February"));
data/gammu-1.41.0/gammu/common.c:84:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(result, _("March"));
data/gammu-1.41.0/gammu/common.c:87:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(result, _("April"));
data/gammu-1.41.0/gammu/common.c:90:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(result, _("May"));
data/gammu-1.41.0/gammu/common.c:93:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(result, _("June"));
data/gammu-1.41.0/gammu/common.c:96:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(result, _("July"));
data/gammu-1.41.0/gammu/common.c:99:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(result, _("August"));
data/gammu-1.41.0/gammu/common.c:102:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(result, _("September"));
data/gammu-1.41.0/gammu/common.c:105:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(result, _("October"));
data/gammu-1.41.0/gammu/common.c:108:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(result, _("November"));
data/gammu-1.41.0/gammu/common.c:111:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(result, _("December"));
data/gammu-1.41.0/gammu/common.c:114:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(result, _("Bad month!"));
data/gammu-1.41.0/gammu/common.c:122:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char result[100];
data/gammu-1.41.0/gammu/common.c:126:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(result, _("Monday"));
data/gammu-1.41.0/gammu/common.c:129:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(result, _("Tuesday"));
data/gammu-1.41.0/gammu/common.c:132:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(result, _("Wednesday"));
data/gammu-1.41.0/gammu/common.c:135:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(result, _("Thursday"));
data/gammu-1.41.0/gammu/common.c:138:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(result, _("Friday"));
data/gammu-1.41.0/gammu/common.c:141:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(result, _("Saturday"));
data/gammu-1.41.0/gammu/common.c:144:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(result, _("Sunday"));
data/gammu-1.41.0/gammu/common.c:147:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(result, _("Bad day!"));
data/gammu-1.41.0/gammu/common.c:212:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(file->Buffer + file->Used, ptr, realsize);
data/gammu-1.41.0/gammu/common.c:345:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ans[99];
data/gammu-1.41.0/gammu/common.c:346:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1000];
data/gammu-1.41.0/gammu/depend/nokia/dct3.c:70:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ans[99];
data/gammu-1.41.0/gammu/depend/nokia/dct3.c:109:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
DCT3T9File = fopen("T9", "w");
data/gammu-1.41.0/gammu/depend/nokia/dct3.c:125:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ans[200];
data/gammu-1.41.0/gammu/depend/nokia/dct3.c:126:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char SetLevel[4] = {0x00, 0x01, 0xA3,
data/gammu-1.41.0/gammu/depend/nokia/dct3.c:193:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[3] = {0x00,0x01,0xcf};
data/gammu-1.41.0/gammu/depend/nokia/dct3.c:194:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer3[8] = {0x00,0x01,0xce,0x1d,0xfe,0x23,0x00,0x00};
data/gammu-1.41.0/gammu/depend/nokia/dct3.c:249:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char DCT3ADCBuf[200];
data/gammu-1.41.0/gammu/depend/nokia/dct3.c:256:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(DCT3ADCBuf,msg->Buffer+4,msg->Length-4);
data/gammu-1.41.0/gammu/depend/nokia/dct3.c:309:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ans[200];
data/gammu-1.41.0/gammu/depend/nokia/dct3.c:340:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[100];
data/gammu-1.41.0/gammu/depend/nokia/dct3.c:372:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uni[100], buffer[50];
data/gammu-1.41.0/gammu/depend/nokia/dct3.c:503:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char PPS[32]; /* Product Profile Settings */
data/gammu-1.41.0/gammu/depend/nokia/dct3.c:539:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[100];
data/gammu-1.41.0/gammu/depend/nokia/dct3.c:664:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[10];
data/gammu-1.41.0/gammu/depend/nokia/dct3.c:706:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[256] = {0x00,0x01,0x8b,0x00,
data/gammu-1.41.0/gammu/depend/nokia/dct3.c:739:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[100];
data/gammu-1.41.0/gammu/depend/nokia/dct3.c:744:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf,msg->Buffer+8,msg->Buffer[7]*2);
data/gammu-1.41.0/gammu/depend/nokia/dct3trac/wmx-gsm.c:274:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[80];
data/gammu-1.41.0/gammu/depend/nokia/dct3trac/wmx-list.c:78:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[256];
data/gammu-1.41.0/gammu/depend/nokia/dct3trac/wmx-list.c:83:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(listfile, "r");
data/gammu-1.41.0/gammu/depend/nokia/dct3trac/wmx.c:368:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
xout = fopen("out.xml", "w");
data/gammu-1.41.0/gammu/depend/nokia/dct4.c:77:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ans[99];
data/gammu-1.41.0/gammu/depend/nokia/dct4.c:272:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char reqSet[200] = {
data/gammu-1.41.0/gammu/depend/nokia/dct4.c:391:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char GetDoneST[6] = {0x00, 0x08, 0x01, 0x04, 0x01, 0x00};
data/gammu-1.41.0/gammu/depend/nokia/dct4.c:392:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char GetDoneST2[6] = {0x00, 0x08, 0x02, 0x04, 0x02, 0x00};
data/gammu-1.41.0/gammu/depend/nokia/dct4.c:393:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char GetNames[6] = {0x00, 0x08, 0x03, 0x06, 0x03, 0x00};
data/gammu-1.41.0/gammu/depend/nokia/dct4.c:394:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char GetStatus[6] = {0x00, 0x08, 0x04, 0x02, 0x03, 0x00};
data/gammu-1.41.0/gammu/depend/nokia/dct4.c:396:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char RunALL[6] = {0x00, 0x06, 0x04, 0x00, 0x03, 0x00};
data/gammu-1.41.0/gammu/depend/nokia/dct4.c:438:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Control[6] = {N7110_FRAME_HEADER,0x0C,
data/gammu-1.41.0/gammu/depend/nokia/dct4.c:453:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char SetLevel[6] = {N7110_FRAME_HEADER,0x0E,
data/gammu-1.41.0/gammu/depend/nokia/dct4.c:487:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ans[200];
data/gammu-1.41.0/gammu/depend/nokia/dct4.c:522:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ResetCode[30] = {0x00,0x06,0x03,0x04,0x01,
data/gammu-1.41.0/gammu/depend/nokia/dct4.c:538:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ResetCode+5,"%i",i);
data/gammu-1.41.0/gammu/depend/nokia/dct4.c:539:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ResetCode+16,"12345");
data/gammu-1.41.0/gammu/depend/nokia/dct4.c:593:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Buffer[100];
data/gammu-1.41.0/gammu/depend/nokia/dct4.c:620:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Buffer,msg->Buffer+(j+1),msg->Buffer[j]);
data/gammu-1.41.0/gammu/depend/nokia/dct4.c:642:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ReqNames[200] = {
data/gammu-1.41.0/gammu/depend/nokia/dct4.c:646:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ReqToken[200] = {
data/gammu-1.41.0/gammu/depend/nokia/dct4.c:651:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ReqGet[200] = {
data/gammu-1.41.0/gammu/depend/nokia/dct4.c:679:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char FileName[100], Buffer[10000], Token;
data/gammu-1.41.0/gammu/depend/nokia/dct4.c:712:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
WAVFile = fopen(FileName, "wb");
data/gammu-1.41.0/gammu/depend/nokia/dct4.c:809:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buff[7];
data/gammu-1.41.0/gammu/depend/nokia/dct4.c:818:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buff,"%02x%02x%02x",msg->Buffer[14],msg->Buffer[15],msg->Buffer[16]);
data/gammu-1.41.0/gammu/depend/nokia/dct4.c:858:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char GetBTAddress[8] = {N6110_FRAME_HEADER, 0x09, 0x19, 0x01, 0x03, 0x06};
data/gammu-1.41.0/gammu/depend/nokia/dct4.c:859:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char GetSimlock[5] = {N6110_FRAME_HEADER, 0x12, 0x0D};
data/gammu-1.41.0/gammu/depend/nokia/dct4.c:860:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char value[10];
data/gammu-1.41.0/gammu/depend/nokia/dct4.c:918:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
T9File = fopen("T9", "w");
data/gammu-1.41.0/gammu/depend/nokia/dct4.c:989:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ans[200];
data/gammu-1.41.0/gammu/depend/nokia/dct4.c:1090:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char RadioName[100];
data/gammu-1.41.0/gammu/depend/nokia/dct4.c:1095:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char name[100];
data/gammu-1.41.0/gammu/depend/nokia/dct4.c:1102:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name,msg->Buffer+18,length*2);
data/gammu-1.41.0/gammu/depend/nokia/dct4.c:1208:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&FMStat,&FMStation[i],sizeof(GSM_FMStation));
data/gammu-1.41.0/gammu/depend/nokia/dct4.c:1209:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&FMStation[i],&FMStation[i+1],sizeof(GSM_FMStation));
data/gammu-1.41.0/gammu/depend/nokia/dct4.c:1210:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&FMStation[i+1],&FMStat,sizeof(GSM_FMStation));
data/gammu-1.41.0/gammu/depend/nokia/dct4.c:1293:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char MakeShot[200] = {N6110_FRAME_HEADER, 0x06, 0x01, 0x06,
data/gammu-1.41.0/gammu/depend/nokia/dct4.h:89:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Name[100];
data/gammu-1.41.0/gammu/depend/siemens/chiffre.c:7:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key1[4] = {0x57, 0xF9, 0x3A, 0xC1}; /* Level 1 key */
data/gammu-1.41.0/gammu/depend/siemens/chiffre.c:8:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char key2[4] = {0xA4, 0xD3, 0x67, 0x9C}; /* Level 2 key */
data/gammu-1.41.0/gammu/depend/siemens/chiffre.c:11:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sbox_h[0x10] =
data/gammu-1.41.0/gammu/depend/siemens/chiffre.c:14:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sbox_l[0x10] =
data/gammu-1.41.0/gammu/depend/siemens/chiffre.c:18:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sbox[0x100]; /* 8-bit substitution box */
data/gammu-1.41.0/gammu/depend/siemens/chiffre.c:89:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bc[0x20], bs[0x10], bx[0x10];
data/gammu-1.41.0/gammu/depend/siemens/chiffre.c:104:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bc[0x20], bs[0x10], bx[0x10];
data/gammu-1.41.0/gammu/depend/siemens/chiffre.c:118:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bc[0x20], bs[0x10], bx[0x10];
data/gammu-1.41.0/gammu/depend/siemens/chiffre.c:149:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char array[8];
data/gammu-1.41.0/gammu/depend/siemens/chiffre.c:150:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char xcode[8];
data/gammu-1.41.0/gammu/depend/siemens/chiffre.c:151:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char test[8];
data/gammu-1.41.0/gammu/depend/siemens/dsiemens.c:34:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[256];
data/gammu-1.41.0/gammu/depend/siemens/dsiemens.c:248:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char req[32];
data/gammu-1.41.0/gammu/depend/siemens/dsiemens.c:253:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(req, "AT^SSTK=?\r");
data/gammu-1.41.0/gammu/depend/siemens/dsiemens.c:260:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(req, "AT^SSTK=%i,1\r",len/2);
data/gammu-1.41.0/gammu/depend/siemens/dsiemens.c:278:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[32];
data/gammu-1.41.0/gammu/depend/siemens/dsiemens.c:281:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(req, "AT^S^MI=%d\r",test_no);
data/gammu-1.41.0/gammu/depend/siemens/dsiemens.c:289:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char req[32];
data/gammu-1.41.0/gammu/depend/siemens/dsiemens.c:293:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(req, "AT\r");
data/gammu-1.41.0/gammu/depend/siemens/dsiemens.c:306:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imsi[15], NetMonCode[32];
data/gammu-1.41.0/gammu/depend/siemens/dsiemens.c:333:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(NetMonCode, "Net Monitor");
data/gammu-1.41.0/gammu/files.c:82:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char FolderName[2*GSM_MAX_FILENAME_ID_LENGTH], IDUTF[200];
data/gammu-1.41.0/gammu/files.c:271:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char IDUTF[200];
data/gammu-1.41.0/gammu/files.c:294:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char IDUTF[200];
data/gammu-1.41.0/gammu/files.c:349:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[5000];
data/gammu-1.41.0/gammu/files.c:441:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(buffer, "wb");
data/gammu-1.41.0/gammu/files.c:445:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(buffer, "wb");
data/gammu-1.41.0/gammu/files.c:448:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "file%i", i);
data/gammu-1.41.0/gammu/files.c:449:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(buffer, "wb");
data/gammu-1.41.0/gammu/files.c:505:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char IDUTF[200];
data/gammu-1.41.0/gammu/files.c:638:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char IDUTF[200];
data/gammu-1.41.0/gammu/files.c:766:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char IDUTF[200];
data/gammu-1.41.0/gammu/files.c:786:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[500];
data/gammu-1.41.0/gammu/files.c:802:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[500];
data/gammu-1.41.0/gammu/gammu.c:245:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
retval = atoi(Buffer) * 10000;
data/gammu-1.41.0/gammu/gammu.c:253:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
retval += atoi(Buffer + pos) * 100;
data/gammu-1.41.0/gammu/gammu.c:261:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return retval + atoi(Buffer + pos);
data/gammu-1.41.0/gammu/gammu.c:273:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char new_version[20];
data/gammu-1.41.0/gammu/gammu.c:363:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ln[2000], token;
data/gammu-1.41.0/gammu/gammu.c:366:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *argsv[20];
data/gammu-1.41.0/gammu/gammu.c:375:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bf = fopen(argv[2], "r");
data/gammu-1.41.0/gammu/gammu.c:816:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char spaces[50], buffer[500];
data/gammu-1.41.0/gammu/gammu.c:922:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cols = atoi(columns);
data/gammu-1.41.0/gammu/memory.c:308:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Text[(GSM_PHONEBOOK_TEXT_LENGTH+1)*2];
data/gammu-1.41.0/gammu/memory.c:369:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Text[(GSM_MAX_CATEGORY_NAME_LENGTH+1)*2];
data/gammu-1.41.0/gammu/message.c:453:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(GetSMSData[GetSMSNumber],&sms,sizeof(GSM_MultiSMSMessage));
data/gammu-1.41.0/gammu/message.c:679:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[200];
data/gammu-1.41.0/gammu/misc.c:242:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[GSM_MAX_INFO_LENGTH];
data/gammu-1.41.0/gammu/misc.c:243:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char date[GSM_MAX_VERSION_DATE_LENGTH];
data/gammu-1.41.0/gammu/misc.c:394:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
fname = (char *)malloc(strlen(argv[2]) + strlen(ext) + 1);
data/gammu-1.41.0/gammu/misc.c:398:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(fname, "w");
data/gammu-1.41.0/gammu/misc.c:914:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[10];
data/gammu-1.41.0/gammu/misc.c:961:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%i",MultiBitmap.Bitmap[0].RingtoneID);
data/gammu-1.41.0/gammu/misc.c:1058:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&Bitmap,&MultiBitmap.Bitmap[0],sizeof(GSM_Bitmap));
data/gammu-1.41.0/gammu/misc.c:1089:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&Bitmap,&MultiBitmap.Bitmap[0],sizeof(GSM_Bitmap));
data/gammu-1.41.0/gammu/misc.c:1112:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&Bitmap,&MultiBitmap.Bitmap[0],sizeof(GSM_Bitmap));
data/gammu-1.41.0/gammu/misc.c:1120:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Bitmap.NetworkCode,"000 00");
data/gammu-1.41.0/gammu/misc.c:1147:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(MultiBitmap.Bitmap[0].NetworkCode,"000 00");
data/gammu-1.41.0/gammu/misc.c:1161:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&Bitmap,&MultiBitmap.Bitmap[0],sizeof(GSM_Bitmap));
data/gammu-1.41.0/gammu/misc.c:1862:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[200];
data/gammu-1.41.0/gammu/misc.c:1901:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(message, _("Enter new PIN code: "));
data/gammu-1.41.0/gammu/mms.c:41:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[200];
data/gammu-1.41.0/gammu/mms.c:50:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buff,"%i_0",num);
data/gammu-1.41.0/gammu/mms.c:51:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file2 = fopen(buff,"wb");
data/gammu-1.41.0/gammu/mms.c:132:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file2 = fopen(buff,"wb");
data/gammu-1.41.0/gammu/nokia.c:246:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Buffer[20],Buffer2[500];
data/gammu-1.41.0/gammu/nokia.c:332:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(Buffer, "%ld", (long)i);
data/gammu-1.41.0/gammu/nokia.c:374:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(Files2.Buffer,"#EXTM3U%c%c",13,10);
data/gammu-1.41.0/gammu/nokia.c:429:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[20],buffer2[20],IDFolder[100];
data/gammu-1.41.0/gammu/nokia.c:540:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[10000],JAR[500],Vendor[500],Name[500],Version[500],FileID[400];
data/gammu-1.41.0/gammu/nokia.c:563:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(buffer, "rb");
data/gammu-1.41.0/gammu/nokia.c:570:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(buffer, "rb");
data/gammu-1.41.0/gammu/nokia.c:577:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(argv[3],"rb");
data/gammu-1.41.0/gammu/nokia.c:638:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Files.Level == atoi(Folder[i].level)) {
data/gammu-1.41.0/gammu/nokia.c:656:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Files.Level == atoi(Folder[i].level)) {
data/gammu-1.41.0/gammu/nokia.c:743:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"\nMIDlet-Jar-Size: %i",Size2);
data/gammu-1.41.0/gammu/nokia.c:745:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(File.Buffer+File.Used,buffer,strlen(buffer));
data/gammu-1.41.0/gammu/nokia.c:782:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(File.Buffer,buffer,Pos);
data/gammu-1.41.0/gammu/search.c:36:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Connection[50];
data/gammu-1.41.0/gammu/search.c:46:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Device[50];
data/gammu-1.41.0/gammu/search.c:77:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[GSM_MAX_INFO_LENGTH];
data/gammu-1.41.0/gammu/search.c:209:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(SearchDevices[dev].Connections[0].Connection, "irdaphonet");
data/gammu-1.41.0/gammu/search.c:210:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(SearchDevices[dev].Connections[1].Connection, "irdaat");
data/gammu-1.41.0/gammu/search.c:214:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(SearchDevices[dev].Device, "com%i:", i + 1);
data/gammu-1.41.0/gammu/search.c:215:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(SearchDevices[dev].Connections[0].Connection,
data/gammu-1.41.0/gammu/search.c:217:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(SearchDevices[dev].Connections[1].Connection, "fbus");
data/gammu-1.41.0/gammu/search.c:218:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(SearchDevices[dev].Connections[2].Connection,
data/gammu-1.41.0/gammu/search.c:220:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(SearchDevices[dev].Connections[3].Connection, "mbus");
data/gammu-1.41.0/gammu/search.c:226:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(SearchDevices[dev].Device, "/dev/ircomm%i", i);
data/gammu-1.41.0/gammu/search.c:227:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(SearchDevices[dev].Device, O_RDWR);
data/gammu-1.41.0/gammu/search.c:230:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(SearchDevices[dev].Connections[0].Connection,
data/gammu-1.41.0/gammu/search.c:232:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(SearchDevices[dev].Connections[1].Connection,
data/gammu-1.41.0/gammu/search.c:238:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(SearchDevices[dev].Device, "/dev/ttyS%i", i);
data/gammu-1.41.0/gammu/search.c:239:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(SearchDevices[dev].Device, O_RDWR);
data/gammu-1.41.0/gammu/search.c:242:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(SearchDevices[dev].Connections[0].Connection,
data/gammu-1.41.0/gammu/search.c:244:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(SearchDevices[dev].Connections[1].Connection, "fbus");
data/gammu-1.41.0/gammu/search.c:245:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(SearchDevices[dev].Connections[2].Connection,
data/gammu-1.41.0/gammu/search.c:247:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(SearchDevices[dev].Connections[3].Connection, "mbus");
data/gammu-1.41.0/gammu/search.c:252:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(SearchDevices[dev].Device, "/dev/ttyD00%i", i);
data/gammu-1.41.0/gammu/search.c:253:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(SearchDevices[dev].Device, O_RDWR);
data/gammu-1.41.0/gammu/search.c:256:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(SearchDevices[dev].Connections[0].Connection,
data/gammu-1.41.0/gammu/search.c:258:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(SearchDevices[dev].Connections[1].Connection, "fbus");
data/gammu-1.41.0/gammu/search.c:259:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(SearchDevices[dev].Connections[2].Connection,
data/gammu-1.41.0/gammu/search.c:261:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(SearchDevices[dev].Connections[3].Connection, "mbus");
data/gammu-1.41.0/gammu/search.c:266:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(SearchDevices[dev].Device, "/dev/usb/tts/%i", i);
data/gammu-1.41.0/gammu/search.c:267:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(SearchDevices[dev].Device, O_RDWR);
data/gammu-1.41.0/gammu/search.c:270:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(SearchDevices[dev].Connections[0].Connection,
data/gammu-1.41.0/gammu/search.c:272:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(SearchDevices[dev].Connections[1].Connection, "fbus");
data/gammu-1.41.0/gammu/search.c:273:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(SearchDevices[dev].Connections[2].Connection,
data/gammu-1.41.0/gammu/search.c:275:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(SearchDevices[dev].Connections[3].Connection, "mbus");
data/gammu-1.41.0/gammu/sniff.c:184:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char IMEI[50];
data/gammu-1.41.0/gammu/sniff.c:202:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char PhoneString[500];
data/gammu-1.41.0/gammu/sniff.c:204:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char Model[50];
data/gammu-1.41.0/gammu/sniff.c:205:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char Version[50];
data/gammu-1.41.0/gammu/sniff.c:252:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Buffer[65536]={'\0'},Buffer2[65536]={'\0'};
data/gammu-1.41.0/gammu/sniff.c:266:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(argv[3], "rb");
data/gammu-1.41.0/gammu/sniff.c:354:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Buffer[65536]={'\0'},type=0;
data/gammu-1.41.0/gammu/sniff.c:365:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(argv[2], "rb");
data/gammu-1.41.0/gammu/sniff.c:394:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msg.Buffer,Buffer+i,len);
data/gammu-1.41.0/helper/message-cmdline.c:118:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ReplaceBuffer2 [200],ReplaceBuffer[200];
data/gammu-1.41.0/helper/message-cmdline.c:119:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char InputBuffer [SEND_SAVE_SMS_BUFFER_SIZE/2+1];
data/gammu-1.41.0/helper/message-cmdline.c:120:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Buffer [GSM_MAX_MULTI_SMS][SEND_SAVE_SMS_BUFFER_SIZE];
data/gammu-1.41.0/helper/message-cmdline.c:143:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char RemoteNumber[(GSM_MAX_NUMBER_LENGTH + 1) * 2];
data/gammu-1.41.0/helper/message-cmdline.c:147:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Name[(GSM_MAX_SMS_NAME_LENGTH + 1) * 2];
data/gammu-1.41.0/helper/message-cmdline.c:151:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char SMSC[(GSM_MAX_NUMBER_LENGTH + 1) * 2];
data/gammu-1.41.0/helper/message-cmdline.c:295:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(bitmap[0]->Bitmap[0].NetworkCode,"000 00");
data/gammu-1.41.0/helper/message-cmdline.c:342:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&bitmap[0]->Bitmap[bitmap[0]->Number],&bitmap2.Bitmap[j],sizeof(GSM_Bitmap));
data/gammu-1.41.0/helper/message-cmdline.c:1110:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ReplaceFileHadle = fopen(argv[i], "rb");
data/gammu-1.41.0/helper/message-cmdline.c:1197:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&bitmap[SMSInfo.EntriesNum]->Bitmap[bitmap[SMSInfo.EntriesNum]->Number],&bitmap2.Bitmap[j],sizeof(GSM_Bitmap));
data/gammu-1.41.0/helper/message-cmdline.c:1207:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(argv[i],"rb");
data/gammu-1.41.0/helper/message-display.c:527:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[1000], buffer[1000], hexreq[1000];
data/gammu-1.41.0/helper/message-display.c:528:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hexmsg[1000], hexudh[1000];
data/gammu-1.41.0/include/gammu-backup.h:213:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char IMEI[GSM_MAX_IMEI_LENGTH];
data/gammu-1.41.0/include/gammu-backup.h:217:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Model[GSM_MAX_MODEL_LENGTH + GSM_MAX_VERSION_LENGTH];
data/gammu-1.41.0/include/gammu-backup.h:221:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Creator[80];
data/gammu-1.41.0/include/gammu-backup.h:233:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char MD5Original[100];
data/gammu-1.41.0/include/gammu-backup.h:237:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char MD5Calculated[100];
data/gammu-1.41.0/include/gammu-bitmap.h:118:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Text[2 * (GSM_BITMAP_TEXT_LENGTH + 1)];
data/gammu-1.41.0/include/gammu-bitmap.h:148:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char BitmapPoints[GSM_BITMAP_SIZE];
data/gammu-1.41.0/include/gammu-bitmap.h:160:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char NetworkCode[10];
data/gammu-1.41.0/include/gammu-bitmap.h:164:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Sender[2 * (GSM_MAX_NUMBER_LENGTH + 1)];
data/gammu-1.41.0/include/gammu-bitmap.h:176:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Name[2 * (GSM_BITMAP_TEXT_LENGTH + 1)];
data/gammu-1.41.0/include/gammu-calendar.h:322:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Text[(GSM_MAX_CALENDAR_TEXT_LENGTH + 1) * 2];
data/gammu-1.41.0/include/gammu-calendar.h:462:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Text[(GSM_MAX_TODO_TEXT_LENGTH + 1) * 2];
data/gammu-1.41.0/include/gammu-calendar.h:506:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Text[(GSM_MAX_NOTE_TEXT_LENGTH + 1) * 2];
data/gammu-1.41.0/include/gammu-calendar.h:530:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Text[(GSM_MAX_CALENDAR_TEXT_LENGTH + 1) * 2];
data/gammu-1.41.0/include/gammu-call.h:102:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char PhoneNumber[(GSM_MAX_NUMBER_LENGTH + 1) * 2];
data/gammu-1.41.0/include/gammu-call.h:174:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Number[(GSM_MAX_NUMBER_LENGTH + 1) * 2];
data/gammu-1.41.0/include/gammu-category.h:55:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Name[(GSM_MAX_CATEGORY_NAME_LENGTH + 1) * 2];
data/gammu-1.41.0/include/gammu-file.h:74:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Name[2 * (GSM_MAX_FILENAME_LENGTH + 1)];
data/gammu-1.41.0/include/gammu-file.h:90:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ID_FullName[2 * (GSM_MAX_FILENAME_ID_LENGTH + 1)];
data/gammu-1.41.0/include/gammu-info.h:43:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char Code[8];
data/gammu-1.41.0/include/gammu-info.h:44:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char Name[64];
data/gammu-1.41.0/include/gammu-info.h:118:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char CID[10];
data/gammu-1.41.0/include/gammu-info.h:122:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char NetworkCode[10];
data/gammu-1.41.0/include/gammu-info.h:131:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char LAC[10];
data/gammu-1.41.0/include/gammu-info.h:137:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char NetworkName[20 * 2];
data/gammu-1.41.0/include/gammu-info.h:145:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char PacketCID[10];
data/gammu-1.41.0/include/gammu-info.h:154:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char PacketLAC[10];
data/gammu-1.41.0/include/gammu-memory.h:404:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Text[(GSM_PHONEBOOK_TEXT_LENGTH + 1) * 2];
data/gammu-1.41.0/include/gammu-message.h:90:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Address[500];
data/gammu-1.41.0/include/gammu-message.h:94:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Title[200];
data/gammu-1.41.0/include/gammu-message.h:98:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Sender[200];
data/gammu-1.41.0/include/gammu-message.h:122:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Text[300];
data/gammu-1.41.0/include/gammu-message.h:170:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Text[2 * (GSM_MAX_USSD_LENGTH + 1)];
data/gammu-1.41.0/include/gammu-message.h:280:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Name[(GSM_MAX_SMSC_NAME_LENGTH + 1) * 2];
data/gammu-1.41.0/include/gammu-message.h:284:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Number[(GSM_MAX_NUMBER_LENGTH + 1) * 2];
data/gammu-1.41.0/include/gammu-message.h:296:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char DefaultNumber[(GSM_MAX_NUMBER_LENGTH + 1) * 2];
data/gammu-1.41.0/include/gammu-message.h:398:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Text[GSM_MAX_UDH_LENGTH];
data/gammu-1.41.0/include/gammu-message.h:471:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Number[(GSM_MAX_NUMBER_LENGTH + 1) * 2];
data/gammu-1.41.0/include/gammu-message.h:473:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char
data/gammu-1.41.0/include/gammu-message.h:508:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Name[(GSM_MAX_SMS_NAME_LENGTH + 1) * 2];
data/gammu-1.41.0/include/gammu-message.h:512:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Text[(GSM_MAX_SMS_LENGTH + 1) * 2];
data/gammu-1.41.0/include/gammu-message.h:733:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Name[(GSM_MAX_SMS_FOLDER_NAME_LEN + 1) * 2];
data/gammu-1.41.0/include/gammu-message.h:763:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char DataType[10];
data/gammu-1.41.0/include/gammu-message.h:764:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char DataName[40];
data/gammu-1.41.0/include/gammu-message.h:766:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Data[140];
data/gammu-1.41.0/include/gammu-message.h:811:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Name[(GSM_MAX_MMS_FOLDER_NAME_LEN + 1) * 2];
data/gammu-1.41.0/include/gammu-message.h:1118:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ContentType[400];
data/gammu-1.41.0/include/gammu-message.h:1122:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char SMIL[400];
data/gammu-1.41.0/include/gammu-message.h:1136:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Source[200];
data/gammu-1.41.0/include/gammu-message.h:1141:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Destination[200];
data/gammu-1.41.0/include/gammu-message.h:1146:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char CC[200];
data/gammu-1.41.0/include/gammu-message.h:1152:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Subject[200];
data/gammu-1.41.0/include/gammu-message.h:1156:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ContentType[400];
data/gammu-1.41.0/include/gammu-message.h:1160:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char MSGType[50];
data/gammu-1.41.0/include/gammu-ringtone.h:140:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Frame[50000];
data/gammu-1.41.0/include/gammu-ringtone.h:173:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Name[(GSM_MAX_RINGTONE_NAME_LENGTH + 1) * 2];
data/gammu-1.41.0/include/gammu-ringtone.h:186:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Name[30 * 2];
data/gammu-1.41.0/include/gammu-security.h:76:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Code[GSM_SECURITY_CODE_LEN + 1];
data/gammu-1.41.0/include/gammu-security.h:83:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char NewPIN[GSM_SECURITY_CODE_LEN + 1];
data/gammu-1.41.0/include/gammu-settings.h:27:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Name[(20 + 1) * 2];
data/gammu-1.41.0/include/gammu-settings.h:28:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char PhonebookDataBase[(50 + 1) * 2];
data/gammu-1.41.0/include/gammu-settings.h:29:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char CalendarDataBase[(50 + 1) * 2];
data/gammu-1.41.0/include/gammu-settings.h:30:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char User[(30 + 1) * 2];
data/gammu-1.41.0/include/gammu-settings.h:31:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Password[(20 + 1) * 2];
data/gammu-1.41.0/include/gammu-settings.h:32:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Server[(128 + 1) * 2];
data/gammu-1.41.0/include/gammu-settings.h:47:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Name[(50 + 1) * 2];
data/gammu-1.41.0/include/gammu-settings.h:48:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char HomePage[(200 + 1) * 2];
data/gammu-1.41.0/include/gammu-settings.h:49:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char User[(50 + 1) * 2];
data/gammu-1.41.0/include/gammu-settings.h:50:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Password[(50 + 1) * 2];
data/gammu-1.41.0/include/gammu-settings.h:128:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Name[40 * 2];
data/gammu-1.41.0/include/gammu-settings.h:146:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char StationName[(GSM_MAX_FMSTATION_LENGTH + 1) * 2];
data/gammu-1.41.0/include/gammu-settings.h:152:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Name[(GSM_MAX_GPRS_AP_NAME_LENGTH + 1) * 2];
data/gammu-1.41.0/include/gammu-settings.h:153:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char URL[(GSM_MAX_GPRS_AP_URL_LENGTH + 1) * 2];
data/gammu-1.41.0/include/gammu-smsd.h:50:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char PhoneID[SMSD_TEXT_LENGTH + 1];
data/gammu-1.41.0/include/gammu-smsd.h:54:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Client[SMSD_TEXT_LENGTH + 1];
data/gammu-1.41.0/include/gammu-smsd.h:78:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char IMEI[GSM_MAX_IMEI_LENGTH + 1];
data/gammu-1.41.0/include/gammu-smsd.h:82:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char IMSI[GSM_MAX_INFO_LENGTH + 1];
data/gammu-1.41.0/include/gammu-statemachine.h:53:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Model[50];
data/gammu-1.41.0/include/gammu-statemachine.h:57:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char DebugLevel[50];
data/gammu-1.41.0/include/gammu-statemachine.h:89:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char TextReminder[32];
data/gammu-1.41.0/include/gammu-statemachine.h:93:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char TextMeeting[32];
data/gammu-1.41.0/include/gammu-statemachine.h:97:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char TextCall[32];
data/gammu-1.41.0/include/gammu-statemachine.h:101:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char TextBirthday[32];
data/gammu-1.41.0/include/gammu-statemachine.h:105:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char TextMemo[32];
data/gammu-1.41.0/include/gammu-wap.h:38:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Address[(255 + 1) * 2];
data/gammu-1.41.0/include/gammu-wap.h:42:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Title[(50 + 1) * 2];
data/gammu-1.41.0/include/gammu-wap.h:79:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Title[(20 + 1) * 2];
data/gammu-1.41.0/include/gammu-wap.h:83:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char HomePage[(100 + 1) * 2];
data/gammu-1.41.0/include/gammu-wap.h:109:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Server[(21 + 1) * 2];
data/gammu-1.41.0/include/gammu-wap.h:114:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Service[(20 + 1) * 2];
data/gammu-1.41.0/include/gammu-wap.h:123:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Code[(10 + 1) * 2];
data/gammu-1.41.0/include/gammu-wap.h:128:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char IPAddress[(20 + 1) * 2];
data/gammu-1.41.0/include/gammu-wap.h:136:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char DialUp[(20 + 1) * 2];
data/gammu-1.41.0/include/gammu-wap.h:142:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char User[(50 + 1) * 2];
data/gammu-1.41.0/include/gammu-wap.h:148:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Password[(50 + 1) * 2];
data/gammu-1.41.0/include/gammu-wap.h:184:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Proxy[(100 + 1) * 2];
data/gammu-1.41.0/include/gammu-wap.h:192:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Proxy2[(100 + 1) * 2];
data/gammu-1.41.0/libgammu/debug.c:60:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[3000], timestamp[60];
data/gammu-1.41.0/libgammu/debug.c:152:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
testfile = fopen(info,"wb" COMMIT_FLAG);
data/gammu-1.41.0/libgammu/debug.c:156:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
testfile = fopen(info,"a" COMMIT_FLAG);
data/gammu-1.41.0/libgammu/debug.c:161:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
testfile = fopen(info,"w" COMMIT_FLAG);
data/gammu-1.41.0/libgammu/debug.c:166:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
testfile = fopen(info,"w" COMMIT_FLAG);
data/gammu-1.41.0/libgammu/debug.c:315:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[(CHARS_PER_LINE * 5) + 1];
data/gammu-1.41.0/libgammu/device/bluetooth/blue_bsd.c:40:27: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define bdaddr_copy(d, s) memcpy((d), (s), sizeof(bdaddr_t))
data/gammu-1.41.0/libgammu/device/bluetooth/blue_osx.c:60:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pBuffer, data, length);
data/gammu-1.41.0/libgammu/device/bluetooth/blue_osx.c:213:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(((char *)buffer) + nOffset, pDataBlock->pData, size);
data/gammu-1.41.0/libgammu/device/bluetooth/blue_osx.c:227:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(((char *)buffer) + nOffset, pDataBlock->pData, size);
data/gammu-1.41.0/libgammu/device/bluetooth/blue_osx.c:233:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(((char *)buffer) + nOffset, pDataBlock->pData, pDataBlock->nSize);
data/gammu-1.41.0/libgammu/device/bluetooth/blue_w32.c:130:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addressAsString[1000];
data/gammu-1.41.0/libgammu/device/bluetooth/blue_w32.c:167:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
found = atoi(addressAsString+i+1);
data/gammu-1.41.0/libgammu/device/bluetooth/blue_w32.c:189:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char addressAsString[1000];
data/gammu-1.41.0/libgammu/device/bluetooth/bluetooth.c:93:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
channel_id = atoi(channel);
data/gammu-1.41.0/libgammu/device/bluetooth/bluez.c:108:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[20];
data/gammu-1.41.0/libgammu/device/bluetooth/bluez.c:110:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[1000];
data/gammu-1.41.0/libgammu/device/devfunc.c:215:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[max_buf_len];
data/gammu-1.41.0/libgammu/device/devfunc.c:220:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[max_buf_len];
data/gammu-1.41.0/libgammu/device/devfunc.c:250:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(lock_file, O_RDONLY)) >= 0) {
data/gammu-1.41.0/libgammu/device/devfunc.c:297:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(lock_file, O_CREAT | O_EXCL | O_WRONLY, 0644);
data/gammu-1.41.0/libgammu/device/devfunc.c:314:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%10ld gammu\n", (long)getpid());
data/gammu-1.41.0/libgammu/device/devfunc.c:369:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
switch (atoi(buffer)) {
data/gammu-1.41.0/libgammu/device/irda/irda.c:171:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(d->peer.irdaServiceName, "IrDA:IrCOMM");
data/gammu-1.41.0/libgammu/device/irda/irda.c:178:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(d->peer.irdaServiceName, "Nokia:PhoNet");
data/gammu-1.41.0/libgammu/device/irda/irda.c:181:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(d->peer.irdaServiceName, "OBEX");
data/gammu-1.41.0/libgammu/device/irda/irda.c:195:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(d->peer.irdaServiceName, "IrDA:OBEX");
data/gammu-1.41.0/libgammu/device/irda/irda.c:199:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(d->peer.irdaServiceName, "OBEX:IrXfer");
data/gammu-1.41.0/libgammu/device/irda/irda_unx.h:41:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char irdaServiceName[25]; /* Usually <service>:IrDA:TinyTP */
data/gammu-1.41.0/libgammu/device/irda/irda_unx.h:47:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char irdaDeviceName[22]; /* Description */
data/gammu-1.41.0/libgammu/device/irda/irda_w32.h:14:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char irdaDeviceID[4];
data/gammu-1.41.0/libgammu/device/irda/irda_w32.h:15:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char irdaServiceName[25];
data/gammu-1.41.0/libgammu/device/irda/irda_w32.h:19:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char irdaDeviceID[4];
data/gammu-1.41.0/libgammu/device/irda/irda_w32.h:20:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char irdaDeviceName[22];
data/gammu-1.41.0/libgammu/device/proxy/proxy.c:67:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * argv[10];
data/gammu-1.41.0/libgammu/device/serial/ser_djg.c:61:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned volatile char RecBuffer[BufSize] = { 0 };
data/gammu-1.41.0/libgammu/device/serial/ser_unx.c:181:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
d->hPhone = open(s->CurrentConfig->Device, O_RDWR | O_NOCTTY | O_NONBLOCK);
data/gammu-1.41.0/libgammu/device/serial/ser_w32.c:87:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char DeviceName[256],DeviceName2[256];
data/gammu-1.41.0/libgammu/device/serial/ser_w32.c:97:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char KeyName2[256];
data/gammu-1.41.0/libgammu/device/serial/ser_w32.c:102:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char KeyName[256];
data/gammu-1.41.0/libgammu/device/serial/ser_w32.c:194:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(DeviceName,"\\\\.\\COM%i",atoi(DeviceName2+3));
data/gammu-1.41.0/libgammu/device/serial/ser_w32.c:194:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sprintf(DeviceName,"\\\\.\\COM%i",atoi(DeviceName2+3));
data/gammu-1.41.0/libgammu/device/serial/ser_w32.c:240:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dcb, &d->old_settings, sizeof(DCB));
data/gammu-1.41.0/libgammu/device/usb/usb.c:221:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[300];
data/gammu-1.41.0/libgammu/gsmphones.c:27:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_FEATURE_NAME_LEN + 1];
data/gammu-1.41.0/libgammu/gsmstate.c:471:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(s->Phone.Data.Model + 3) > 167) {
data/gammu-1.41.0/libgammu/gsmstate.c:484:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(s->Phone.Data.Model + 3) > 63) {
data/gammu-1.41.0/libgammu/gsmstate.c:925:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buff[65536]={'\0'};
data/gammu-1.41.0/libgammu/gsmstate.c:1001:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sentmsg.Buffer, buffer, length);
data/gammu-1.41.0/libgammu/gsmstate.c:1318:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char configfile[PATH_MAX + 1];
data/gammu-1.41.0/libgammu/gsmstate.c:1353:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(configfile, "/.config");
data/gammu-1.41.0/libgammu/gsmstate.c:1522:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char section[50]={0};
data/gammu-1.41.0/libgammu/gsmstate.c:1624:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cfg->TextReminder,"Reminder");
data/gammu-1.41.0/libgammu/gsmstate.c:1634:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cfg->TextMeeting,"Meeting");
data/gammu-1.41.0/libgammu/gsmstate.c:1644:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cfg->TextCall,"Call");
data/gammu-1.41.0/libgammu/gsmstate.c:1654:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cfg->TextBirthday,"Birthday");
data/gammu-1.41.0/libgammu/gsmstate.c:1664:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cfg->TextMemo,"Memo");
data/gammu-1.41.0/libgammu/gsmstate.c:1704:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cfg->TextReminder,"Reminder");
data/gammu-1.41.0/libgammu/gsmstate.c:1705:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cfg->TextMeeting,"Meeting");
data/gammu-1.41.0/libgammu/gsmstate.c:1706:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cfg->TextCall,"Call");
data/gammu-1.41.0/libgammu/gsmstate.c:1707:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cfg->TextBirthday,"Birthday");
data/gammu-1.41.0/libgammu/gsmstate.c:1708:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cfg->TextMemo,"Memo");
data/gammu-1.41.0/libgammu/gsmstate.h:501:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char IMEI[GSM_MAX_IMEI_LENGTH + 1];
data/gammu-1.41.0/libgammu/gsmstate.h:505:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Manufacturer[GSM_MAX_MANUFACTURER_LENGTH + 1];
data/gammu-1.41.0/libgammu/gsmstate.h:509:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Model[GSM_MAX_MODEL_LENGTH + 1];
data/gammu-1.41.0/libgammu/gsmstate.h:518:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Version[GSM_MAX_VERSION_LENGTH + 1];
data/gammu-1.41.0/libgammu/gsmstate.h:522:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char VerDate[GSM_MAX_VERSION_DATE_LENGTH + 1];
data/gammu-1.41.0/libgammu/gsmstate.h:530:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char HardwareCache[50];
data/gammu-1.41.0/libgammu/gsmstate.h:534:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ProductCodeCache[50];
data/gammu-1.41.0/libgammu/misc/cfg.c:30:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ch[3], *buffer = NULL;
data/gammu-1.41.0/libgammu/misc/cfg.c:42:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(FileName,"rb");
data/gammu-1.41.0/libgammu/misc/cfg.c:145:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(heading->SectionName,buffer1,buffer1used);
data/gammu-1.41.0/libgammu/misc/cfg.c:291:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(entry->EntryName,buffer1,buffer1used);
data/gammu-1.41.0/libgammu/misc/cfg.c:298:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(entry->EntryValue,buffer2,buffer2used);
data/gammu-1.41.0/libgammu/misc/cfg.c:335:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return atoi(str);
data/gammu-1.41.0/libgammu/misc/coding/coding.c:254:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char dest[500];
data/gammu-1.41.0/libgammu/misc/coding/coding.c:265:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char dest[500];
data/gammu-1.41.0/libgammu/misc/coding/coding.c:474:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char GSM_DefaultAlphabetUnicode[128+1][2] =
data/gammu-1.41.0/libgammu/misc/coding/coding.c:1066:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Buffer[GSM_MAX_NUMBER_LENGTH + 1];
data/gammu-1.41.0/libgammu/misc/coding/coding.c:1078:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Buffer, "<NOT DECODED>");
data/gammu-1.41.0/libgammu/misc/coding/coding.c:1513:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dest[10];
data/gammu-1.41.0/libgammu/misc/coding/coding.c:1836:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mychar[8];
data/gammu-1.41.0/libgammu/misc/coding/coding.c:1859:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dest + j, "=%02X", mychar[0]);
data/gammu-1.41.0/libgammu/misc/coding/coding.c:1862:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest + j, mychar, z);
data/gammu-1.41.0/libgammu/misc/coding/coding.c:1867:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dest + j, "=%02X", mychar[w]);
data/gammu-1.41.0/libgammu/misc/coding/coding.c:1882:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mychar[8];
data/gammu-1.41.0/libgammu/misc/coding/coding.c:1904:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest + j, mychar, z);
data/gammu-1.41.0/libgammu/misc/coding/coding.c:2005:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mychar[10];
data/gammu-1.41.0/libgammu/misc/coding/coding.c:2208:46: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void EncodeBASE64Block(const unsigned char in[3], char out[4], const size_t len)
data/gammu-1.41.0/libgammu/misc/coding/coding.c:2208:58: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void EncodeBASE64Block(const unsigned char in[3], char out[4], const size_t len)
data/gammu-1.41.0/libgammu/misc/coding/coding.c:2221:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char in[3], out[4];
data/gammu-1.41.0/libgammu/misc/coding/coding.c:2243:37: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void DecodeBASE64Block(const char in[4], unsigned char out[3])
data/gammu-1.41.0/libgammu/misc/coding/coding.c:2243:58: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void DecodeBASE64Block(const char in[4], unsigned char out[3])
data/gammu-1.41.0/libgammu/misc/coding/coding.c:2253:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char in[4], out[3], v;
data/gammu-1.41.0/libgammu/misc/coding/md5.c:29:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char in[64];
data/gammu-1.41.0/libgammu/misc/coding/md5.c:34:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void MD5Final(unsigned char digest[16], struct MD5Context *);
data/gammu-1.41.0/libgammu/misc/coding/md5.c:106:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, buf, len);
data/gammu-1.41.0/libgammu/misc/coding/md5.c:109:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, buf, t);
data/gammu-1.41.0/libgammu/misc/coding/md5.c:118:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ctx->in, buf, 64);
data/gammu-1.41.0/libgammu/misc/coding/md5.c:127:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ctx->in, buf, len);
data/gammu-1.41.0/libgammu/misc/coding/md5.c:134:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void MD5Final(unsigned char digest[16], struct MD5Context *ctx)
data/gammu-1.41.0/libgammu/misc/coding/md5.c:171:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(digest, ctx->buf, 16);
data/gammu-1.41.0/libgammu/misc/coding/md5.c:279:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char signature[16];
data/gammu-1.41.0/libgammu/misc/coding/md5.c:286:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(checksum + i * 2, "%02X", signature[i]);
data/gammu-1.41.0/libgammu/misc/misc.c:34:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char env_var[_MAX_ENV];
data/gammu-1.41.0/libgammu/misc/misc.c:149:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char DayOfWeekChar[10];
data/gammu-1.41.0/libgammu/misc/misc.c:153:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 0: strcpy(DayOfWeekChar,"Sun"); break;
data/gammu-1.41.0/libgammu/misc/misc.c:154:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 1: strcpy(DayOfWeekChar,"Mon"); break;
data/gammu-1.41.0/libgammu/misc/misc.c:155:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 2: strcpy(DayOfWeekChar,"Tue"); break;
data/gammu-1.41.0/libgammu/misc/misc.c:156:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 3: strcpy(DayOfWeekChar,"Wed"); break;
data/gammu-1.41.0/libgammu/misc/misc.c:157:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 4: strcpy(DayOfWeekChar,"Thu"); break;
data/gammu-1.41.0/libgammu/misc/misc.c:158:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 5: strcpy(DayOfWeekChar,"Fri"); break;
data/gammu-1.41.0/libgammu/misc/misc.c:159:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 6: strcpy(DayOfWeekChar,"Sat"); break;
data/gammu-1.41.0/libgammu/misc/misc.c:180:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(str, "%ld", (long)timet);
data/gammu-1.41.0/libgammu/misc/misc.c:305:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char retval[200],retval2[200];
data/gammu-1.41.0/libgammu/misc/misc.c:330:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(retval2," (");
data/gammu-1.41.0/libgammu/misc/misc.c:346:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char retval[200],retval2[200];
data/gammu-1.41.0/libgammu/misc/misc.c:374:15: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(retval2," (");
data/gammu-1.41.0/libgammu/misc/misc.c:548:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lines->retval, pos, len);
data/gammu-1.41.0/libgammu/misc/misc.c:571:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, pos, len);
data/gammu-1.41.0/libgammu/misc/misc.c:585:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char Buffer[240] = {0x00};
data/gammu-1.41.0/libgammu/misc/misc.c:699:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char Buffer[100] = {0x00};
data/gammu-1.41.0/libgammu/misc/string.c:109:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dest[10];
data/gammu-1.41.0/libgammu/misc/strptime.c:48:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *abday[7];
data/gammu-1.41.0/libgammu/misc/strptime.c:49:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *day[7];
data/gammu-1.41.0/libgammu/misc/strptime.c:50:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *abmon[12];
data/gammu-1.41.0/libgammu/misc/strptime.c:51:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *mon[12];
data/gammu-1.41.0/libgammu/misc/strptime.c:52:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *am_pm[2];
data/gammu-1.41.0/libgammu/misc/tzfile.h:41:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tzh_magic[4]; /* TZ_MAGIC */
data/gammu-1.41.0/libgammu/misc/tzfile.h:42:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tzh_version[1]; /* '\0' or '2' as of 2005 */
data/gammu-1.41.0/libgammu/misc/tzfile.h:43:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tzh_reserved[15]; /* reserved--must be zero */
data/gammu-1.41.0/libgammu/misc/tzfile.h:44:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tzh_ttisgmtcnt[4]; /* coded number of trans. time flags */
data/gammu-1.41.0/libgammu/misc/tzfile.h:45:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tzh_ttisstdcnt[4]; /* coded number of trans. time flags */
data/gammu-1.41.0/libgammu/misc/tzfile.h:46:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tzh_leapcnt[4]; /* coded number of leap seconds */
data/gammu-1.41.0/libgammu/misc/tzfile.h:47:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tzh_timecnt[4]; /* coded number of transition times */
data/gammu-1.41.0/libgammu/misc/tzfile.h:48:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tzh_typecnt[4]; /* coded number of local time types */
data/gammu-1.41.0/libgammu/misc/tzfile.h:49:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tzh_charcnt[4]; /* coded number of abbr. chars */
data/gammu-1.41.0/libgammu/misc/win32-dirent.c:68:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (dirname + n, "\\*.*");
data/gammu-1.41.0/libgammu/misc/win32-dirent.h:39:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d_name[FILENAME_MAX];
data/gammu-1.41.0/libgammu/misc/win32-dirent.h:48:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dd_name[1];
data/gammu-1.41.0/libgammu/phone/alcatel/alcatel.c:854:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(target, buffer + 2, len);
data/gammu-1.41.0/libgammu/phone/alcatel/alcatel.c:873:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char text[2*(GSM_PHONEBOOK_TEXT_LENGTH + 1)];
data/gammu-1.41.0/libgammu/phone/alcatel/alcatel.c:874:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char utext[2*(GSM_PHONEBOOK_TEXT_LENGTH + 1)];
data/gammu-1.41.0/libgammu/phone/alcatel/alcatel.c:911:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(target + 2, buffer, len * 2 + 2);
data/gammu-1.41.0/libgammu/phone/alcatel/alcatel.c:1116:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[200] = {0x00, 0x04, 0x00 /*type*/, 0x0d, 0x00 /*list*/, 0x0b };
data/gammu-1.41.0/libgammu/phone/alcatel/alcatel.c:1367:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[200] =
data/gammu-1.41.0/libgammu/phone/alcatel/alcatel.c:1400:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[50 + GSM_PHONEBOOK_TEXT_LENGTH] =
data/gammu-1.41.0/libgammu/phone/alcatel/alcatel.c:1439:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s->Phone.Data.Manufacturer, "Alcatel");
data/gammu-1.41.0/libgammu/phone/alcatel/alcatel.h:219:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ReturnString[(GSM_PHONEBOOK_TEXT_LENGTH+1)*2];
data/gammu-1.41.0/libgammu/phone/alcatel/alcatel.h:284:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char CurrentCategoriesCache[ALCATEL_MAX_CATEGORIES+1][(GSM_MAX_CATEGORY_NAME_LENGTH + 1)*2];
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:48:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char smscCmdReq[GSM_MAX_NUMBER_LENGTH + 12]={'\0'};
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:385:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char command[20];
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:673:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[3000] = {'\0'}, firstbyte = 0, TPDCS = 0, TPUDL = 0, TPStatus = 0, TPPID = 0;
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:832:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
firstbyte = atoi(buffer);
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:855:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
TPStatus = atoi(buffer);
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:906:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
firstbyte = atoi(buffer);
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:914:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
TPPID = atoi(buffer);
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:918:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
TPDCS = atoi(buffer);
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:946:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
TPUDL = atoi(buffer);
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:1048:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[20] = {'\0'}, folderid = 0;
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:1074:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
length = sprintf(req, "AT+CMGR=%i\r", location + add);
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:1488:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[50] = {'\0'};
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:1681:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[1000] = {'\0'}, buffer[1000] = {'\0'};
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:1777:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(buffer, "AT+CSMP=%i,%i,%i,%i\r",
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:1786:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(buffer, "AT+CSMP=%i,,%i,%i\r",
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:1830:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[1000] = {'\0'}, hexreq[1000] = {'\0'},folderid = 0;
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:1900:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(buffer, "AT+CMGW=%i,%i\r",current,state);
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:2049:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[1000] = {'\0'}, hexreq[1000] = {'\0'};
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:2070:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(buffer, "AT+CMGS=%i\r",current);
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:2124:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[100] = {'\0'}, smsfolder = 0;
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:2157:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(req, "AT+CMSS=%i\r",location);
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:2269:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[20] = {'\0'}, folderid = 0;
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:2289:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
length = sprintf(req, "AT+CMGD=%i\r",location);
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:2367:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mem_tag[3]; // eg: "SM\0"
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:2425:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[300] = {'\0'}, smsframe[800] = {'\0'};
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:2478:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[300] = {'\0'};
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:2770:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:2790:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
length = sprintf(
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:2853:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Buffer[300] = {'\0'},Buffer2[300] = {'\0'};
data/gammu-1.41.0/libgammu/phone/at/atgen.c:88:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Text[60];
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1004:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[100]={'\0'};
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1006:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer_unicode[200]={'\0'};
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1007:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char input[100]={'\0'};
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1082:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dt->Year = atoi(date_start);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1086:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dt->Month = atoi(pos);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1090:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dt->Day = atoi(pos);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1116:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dt->Hour = atoi(time_start);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1120:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dt->Minute = atoi(pos);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1125:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dt->Second = atoi(pos);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1136:43: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dt->Timezone = (*pos == '+' ? 1 : -1) * atoi(pos+1) * 3600 / 4;
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1557:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Priv->ErrorCode = atoi(err);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1575:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Priv->ErrorCode = atoi(&(err[j]));
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1653:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hex_encoded[2 * (GSM_MAX_USSD_LENGTH + 1)] = {0};
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1654:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char packed[GSM_MAX_USSD_LENGTH + 1] = {0};
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1655:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char decoded[GSM_MAX_USSD_LENGTH + 1] = {0};
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1943:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[20];
data/gammu-1.41.0/libgammu/phone/at/atgen.c:2004:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s->Phone.Data.Model,"A2D");
data/gammu-1.41.0/libgammu/phone/at/atgen.c:2055:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s->Phone.Data.Version, "Unknown");
data/gammu-1.41.0/libgammu/phone/at/atgen.c:2169:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[2]={0};
data/gammu-1.41.0/libgammu/phone/at/atgen.c:2559:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/gammu-1.41.0/libgammu/phone/at/atgen.c:2560:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer2[100];
data/gammu-1.41.0/libgammu/phone/at/atgen.c:2561:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer3[100];
data/gammu-1.41.0/libgammu/phone/at/atgen.c:2713:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[100];
data/gammu-1.41.0/libgammu/phone/at/atgen.c:2795:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tz[8] = "";
data/gammu-1.41.0/libgammu/phone/at/atgen.c:2796:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char req[128];
data/gammu-1.41.0/libgammu/phone/at/atgen.c:2801:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tz, "%+03i", date_time->Timezone / 3600);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:2880:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char req[20]={0};
data/gammu-1.41.0/libgammu/phone/at/atgen.c:2895:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
length = sprintf(req, "AT+CALA=\"%02i:%02i\"\r",Alarm->DateTime.Hour,Alarm->DateTime.Minute);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:2906:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rac[8];
data/gammu-1.41.0/libgammu/phone/at/atgen.c:3471:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s->Phone.Data.Priv.ATGEN.PBKMemories, "\"ME\",\"SM\",\"DC\",\"ON\",\"LD\",\"FD\",\"MC\",\"RC\"");
data/gammu-1.41.0/libgammu/phone/at/atgen.c:3547:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmp[200]={0};
data/gammu-1.41.0/libgammu/phone/at/atgen.c:3779:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char req[20]={'\0'};
data/gammu-1.41.0/libgammu/phone/at/atgen.c:3860:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(req, "AT+CPBR=%i\r", start);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:3862:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(req, "AT+CPBR=%i,%i\r", start, end);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:3930:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[500];
data/gammu-1.41.0/libgammu/phone/at/atgen.c:4248:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char req[20];
data/gammu-1.41.0/libgammu/phone/at/atgen.c:4270:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(req, "AT^SBNR=\"vcf\",%i\r",entry->Location - 1);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:4278:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(req, "AT+SPBR=%i\r", entry->Location);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:4292:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(req, "AT+MPBR=%i\r", entry->Location + Priv->MotorolaFirstMemoryEntry - 1);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:4306:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(req, "AT+CPBR=%i\r", entry->Location + Priv->FirstMemoryEntry - 1);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:4308:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(req, "AT+CPBR=%i,%i\r", entry->Location + Priv->FirstMemoryEntry - 1, endlocation + Priv->FirstMemoryEntry - 1);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:4377:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[100];
data/gammu-1.41.0/libgammu/phone/at/atgen.c:4398:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(req, "AT+CPBW=%d\r",i);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:4494:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[GSM_MAX_NUMBER_LENGTH + 6] = {'\0'};
data/gammu-1.41.0/libgammu/phone/at/atgen.c:4548:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[GSM_SECURITY_CODE_LEN + 30] = {'\0'};
data/gammu-1.41.0/libgammu/phone/at/atgen.c:4584:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char status[100] = {'\0'};
data/gammu-1.41.0/libgammu/phone/at/atgen.c:4817:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ignore_buf[100];
data/gammu-1.41.0/libgammu/phone/at/atgen.c:4922:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[50];
data/gammu-1.41.0/libgammu/phone/at/atgen.c:4952:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "AT+CCFC=%d,2\r", reason);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:4963:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[50 + 2 * GSM_MAX_NUMBER_LENGTH], number[2 * GSM_MAX_NUMBER_LENGTH + 1];
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5025:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "AT+CCFC=%d,1\r", reason);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5034:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char req[50] = "AT+VTS=";
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5085:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[100] = {'\0'};
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5103:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(req, "AT+CPBW=%d\r",entry->Location + Priv->FirstMemoryEntry - 1);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5124:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[REQUEST_SIZE + 1] = {'\0'};
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5125:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char name[2*(GSM_PHONEBOOK_TEXT_LENGTH + 1)] = {'\0'};
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5126:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char uname[2*(GSM_PHONEBOOK_TEXT_LENGTH + 1)] = {'\0'};
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5127:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char number[GSM_PHONEBOOK_TEXT_LENGTH + 1] = {'\0'};
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5128:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char unumber[2*(GSM_PHONEBOOK_TEXT_LENGTH + 1)] = {'\0'};
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5252:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(req + reqlen, name, len);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5256:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(req + reqlen, "\"", 1);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5261:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(req + reqlen, ",0", 2);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5265:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(req + reqlen, "\r", 1);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5453:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
level = atoi(p + 5);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5468:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
level = atoi(p + 7);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5876:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char frame[40] = {'\0'}, unicode_key[20] = {'\0'};
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5877:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char key[20] = {'\0'};
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5893:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(frame, "AT+CKPD=\"");
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5922:28: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case GSM_KEY_JOYSTICK : strcpy(key, ":J"); break;
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5923:26: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case GSM_KEY_CAMERA : strcpy(key, ":C"); break;
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5924:28: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case GSM_KEY_OPERATOR : strcpy(key, ":O"); break;
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5925:26: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case GSM_KEY_RETURN : strcpy(key, ":R"); break;
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5927:25: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case GSM_KEY_MEDIA : strcpy(key, ":S"); break;
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5928:27: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case GSM_KEY_DESKTOP : strcpy(key, ":D"); break;
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5962:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(frame, "\"\r");
data/gammu-1.41.0/libgammu/phone/at/atgen.c:6010:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char protocol_version[100] = {'\0'};
data/gammu-1.41.0/libgammu/phone/at/atgen.c:6051:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char protocol_version[100] = {'\0'};
data/gammu-1.41.0/libgammu/phone/at/atgen.h:228:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char PDU[GSM_AT_MAXPDULEN];
data/gammu-1.41.0/libgammu/phone/at/atgen.h:274:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char PBKMemories[AT_PBK_MAX_MEMORIES + 1];
data/gammu-1.41.0/libgammu/phone/at/motorola.c:28:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Command[20];
data/gammu-1.41.0/libgammu/phone/at/motorola.c:127:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[30]={0};
data/gammu-1.41.0/libgammu/phone/at/motorola.c:165:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(buffer, "AT+MODE=%d\r", cmd->Mode);
data/gammu-1.41.0/libgammu/phone/at/motorola.c:570:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char req[50];
data/gammu-1.41.0/libgammu/phone/at/motorola.c:579:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(req, "AT+MDBR=%d\r", Note->Location - 1);
data/gammu-1.41.0/libgammu/phone/at/motorola.c:593:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char req[50];
data/gammu-1.41.0/libgammu/phone/at/motorola.c:600:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(req, "AT+MDBWE=%d,0,0\r", Note->Location);
data/gammu-1.41.0/libgammu/phone/at/samsung.c:127:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char readbuf[100]={0};
data/gammu-1.41.0/libgammu/phone/at/samsung.c:218:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[32];
data/gammu-1.41.0/libgammu/phone/at/samsung.c:231:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
location = atoi(pos);
data/gammu-1.41.0/libgammu/phone/at/samsung.c:269:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[100];
data/gammu-1.41.0/libgammu/phone/at/samsung.c:274:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(req, "AT+IMGR=%d\r", Bitmap->Location-1);
data/gammu-1.41.0/libgammu/phone/at/samsung.c:280:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[100];
data/gammu-1.41.0/libgammu/phone/at/samsung.c:283:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[50], *dot;
data/gammu-1.41.0/libgammu/phone/at/samsung.c:348:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[32];
data/gammu-1.41.0/libgammu/phone/at/samsung.c:361:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
location = atoi(pos);
data/gammu-1.41.0/libgammu/phone/at/samsung.c:382:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
length = atoi(pos);
data/gammu-1.41.0/libgammu/phone/at/samsung.c:404:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[100];
data/gammu-1.41.0/libgammu/phone/at/samsung.c:409:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(req, "AT+MELR=%d\r", Ringtone->Location-1);
data/gammu-1.41.0/libgammu/phone/at/samsung.c:421:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[100];
data/gammu-1.41.0/libgammu/phone/at/samsung.c:424:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[50], *dot;
data/gammu-1.41.0/libgammu/phone/at/samsung.c:827:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ignorestring[10];
data/gammu-1.41.0/libgammu/phone/at/samsung.c:899:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ignorestring[10];
data/gammu-1.41.0/libgammu/phone/at/samsung.c:961:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ignorestring[10];
data/gammu-1.41.0/libgammu/phone/at/samsung.c:1129:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char req[50];
data/gammu-1.41.0/libgammu/phone/at/samsung.c:1141:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(req, "AT+ORGR=%d\r", Note->Location - 1);
data/gammu-1.41.0/libgammu/phone/at/samsung.c:1143:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(req, "AT+SSHR=%d\r", Note->Location);
data/gammu-1.41.0/libgammu/phone/at/samsung.c:1159:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char req[50];
data/gammu-1.41.0/libgammu/phone/at/samsung.c:1169:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(req, "AT+ORGD=%d\r", Note->Location - 1);
data/gammu-1.41.0/libgammu/phone/at/samsung.c:1171:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(req, "AT+SSHD=%d\r", Note->Location);
data/gammu-1.41.0/libgammu/phone/at/siemens.c:26:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[512];
data/gammu-1.41.0/libgammu/phone/at/siemens.c:42:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buffer+pos,buf,length);
data/gammu-1.41.0/libgammu/phone/at/siemens.c:56:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[60],req1[512],hexreq[10000];
data/gammu-1.41.0/libgammu/phone/at/siemens.c:94:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(req1, hexreq + pos, sz);
data/gammu-1.41.0/libgammu/phone/at/siemens.c:120:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[4096];
data/gammu-1.41.0/libgammu/phone/at/siemens.c:155:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[32];
data/gammu-1.41.0/libgammu/phone/at/siemens.c:161:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(req, "AT^SBNR=\"bmp\",%i\r", Bitmap->Location-1);
data/gammu-1.41.0/libgammu/phone/at/siemens.c:168:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[4096];
data/gammu-1.41.0/libgammu/phone/at/siemens.c:202:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[32];
data/gammu-1.41.0/libgammu/phone/at/siemens.c:206:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(req, "AT^SBNR=\"mid\",%i\r", Ringtone->Location-1);
data/gammu-1.41.0/libgammu/phone/at/siemens.c:236:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[354];
data/gammu-1.41.0/libgammu/phone/at/siemens.c:267:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[32];
data/gammu-1.41.0/libgammu/phone/at/siemens.c:280:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(req, "AT^SBNR=\"vcs\",%i\r",Location);
data/gammu-1.41.0/libgammu/phone/at/siemens.c:300:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[32];
data/gammu-1.41.0/libgammu/phone/at/siemens.c:306:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(req, "AT^SBNR=\"vcs\",%i\r",Note->Location);
data/gammu-1.41.0/libgammu/phone/at/siemens.c:340:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[32];
data/gammu-1.41.0/libgammu/phone/at/siemens.c:345:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(req, "AT^SBNW=\"vcs\",%i,0\r",Note->Location);
data/gammu-1.41.0/libgammu/phone/at/siemens.c:355:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[500];
data/gammu-1.41.0/libgammu/phone/at/siemens.c:371:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[500], req1[32];
data/gammu-1.41.0/libgammu/phone/at/siemens.c:390:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(req1, "AT^SBNR=\"vcs\",%i\r",Location);
data/gammu-1.41.0/libgammu/phone/at/siemens.c:408:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096];
data/gammu-1.41.0/libgammu/phone/at/siemens.c:456:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Priv->FirstMemoryEntry = atoi(pos);
data/gammu-1.41.0/libgammu/phone/at/siemens.c:463:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Priv->MemorySize = atoi(pos) + 1 - Priv->FirstMemoryEntry;
data/gammu-1.41.0/libgammu/phone/at/siemens.c:483:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[5000];
data/gammu-1.41.0/libgammu/phone/atobex/atobex.c:1170:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
format = atoi(pos + 7);
data/gammu-1.41.0/libgammu/phone/atobex/atobex.c:1220:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
format = atoi(pos + 7);
data/gammu-1.41.0/libgammu/phone/atobex/atobex.c:1266:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char req[12];
data/gammu-1.41.0/libgammu/phone/atobex/atobex.c:1281:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(req,"AT*ESDF=%i\r",format);
data/gammu-1.41.0/libgammu/phone/atobex/atobex.c:1287:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(req,"AT*ESTF=%i\r",format);
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:102:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(path, "/fs/");
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:134:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(full_name, "r");
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:173:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(full_name, "r");
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:198:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(full_name, "r");
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:213:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char smspath[100]={0};
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:224:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(smspath, "sms/%d/%d", sms->Folder, sms->Location);
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:230:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[100];
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:237:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[100];
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:238:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(path, "todo/%d", entry->Location);
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:244:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[100];
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:245:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(path, "note/%d", entry->Location);
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:251:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[100];
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:252:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(path, "calendar/%d", entry->Location);
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:258:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[100];
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:259:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(path, "alarm/%d", entry->Location);
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:314:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
Priv->log_file = fopen(log_file, "w");
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:326:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s->Phone.Data.IMEI, "999999999999999");
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:327:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s->Phone.Data.Manufacturer, "Gammu");
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:328:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s->Phone.Data.Model, "Dummy");
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:330:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s->Phone.Data.VerDate, "20150101");
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:408:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(value, "DUMMY-001");
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:414:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s->Phone.Data.IMEI, "999999999999999");
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:420:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(value, "666666666666666");
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:426:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(value, "April");
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:432:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(value, "FOO DUMMY BAR");
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:438:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(value, "EN CS");
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:445:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s->Phone.Data.VerDate, "20150101");
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:452:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s->Phone.Data.Model, "Dummy");
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:576:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirname[20]={0};
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:578:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dirname, "sms/%d", sms->Folder);
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:619:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirname[20]={0};
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:634:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dirname, "sms/%d", sms->SMS[0].Folder);
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:649:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirname[20];
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:650:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dirname, "sms/%d", 5);
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:653:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dirname, "sms/%d", 1);
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:655:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dirname, "sms/%d", 2);
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:660:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dirname, "sms/%d", 3);
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:662:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dirname, "sms/%d", 4);
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:683:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ussd_text[GSM_MAX_USSD_LENGTH + 1];
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:712:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(netinfo->CID, "FACE");
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:713:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(netinfo->PacketCID, "DEAD");
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:714:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(netinfo->NetworkCode, "999 99");
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:716:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(netinfo->LAC, "B00B");
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:717:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(netinfo->PacketLAC, "BEEF");
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:779:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[1000] = {'\0'};
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:864:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(IMSI, "994299429942994");
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:936:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s->Phone.Data.Manufacturer, "Gammu");
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:1120:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(path, "w");
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:1427:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirname[20];
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:1468:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(entry->Entries[i].Picture.Buffer, Backup.PhonePhonebook[0]->Entries[i].Picture.Buffer, entry->Entries[i].Picture.Length);
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:1470:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(entry->Entries[i].Picture.Buffer, Backup.SIMPhonebook[0]->Entries[i].Picture.Buffer, entry->Entries[i].Picture.Length);
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:1483:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirname[20]={0};
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:1542:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirname[20]={0};
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:1554:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirname[20];
data/gammu-1.41.0/libgammu/phone/dummy/dummy.h:47:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dirnames[DUMMY_MAX_FS_DEPTH + 1][PATH_MAX];
data/gammu-1.41.0/libgammu/phone/nokia/dct3/dct3func.c:129:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Buffer[300];
data/gammu-1.41.0/libgammu/phone/nokia/dct3/dct3func.c:196:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[100] = {N6110_FRAME_HEADER, 0x30, 0x64};
data/gammu-1.41.0/libgammu/phone/nokia/dct3/dct3func.c:221:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(req + 34, DecodeUnicodeString(smsc->Name),UnicodeLength(smsc->Name));
data/gammu-1.41.0/libgammu/phone/nokia/dct3/dct3func.c:260:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s->Phone.Data.IMEI,msg->Buffer + 4, 16);
data/gammu-1.41.0/libgammu/phone/nokia/dct3/dct3func.c:474:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[100];
data/gammu-1.41.0/libgammu/phone/nokia/dct3/dct3func.c:489:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(NetInfo.CID, "%02X%02X", msg->Buffer[10], msg->Buffer[11]);
data/gammu-1.41.0/libgammu/phone/nokia/dct3/dct3func.c:492:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(NetInfo.LAC, "%02X%02X", msg->Buffer[12], msg->Buffer[13]);
data/gammu-1.41.0/libgammu/phone/nokia/dct3/dct3func.c:504:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name,msg->Buffer+18,msg->Buffer[17]*2);
data/gammu-1.41.0/libgammu/phone/nokia/dct3/dct3func.c:511:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name+1,msg->Buffer+18,msg->Buffer[17]*2);
data/gammu-1.41.0/libgammu/phone/nokia/dct3/dct3func.c:532:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Data->NetworkInfo->NetworkName,msg->Buffer+18,msg->Buffer[17]*2);
data/gammu-1.41.0/libgammu/phone/nokia/dct3/dct3func.c:538:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Data->NetworkInfo->NetworkName+1,msg->Buffer+18,msg->Buffer[17]*2);
data/gammu-1.41.0/libgammu/phone/nokia/dct3/dct3func.c:543:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(Data->NetworkInfo->CID, "%02X%02X", msg->Buffer[10], msg->Buffer[11]);
data/gammu-1.41.0/libgammu/phone/nokia/dct3/dct3func.c:544:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(Data->NetworkInfo->LAC, "%02X%02X", msg->Buffer[12], msg->Buffer[13]);
data/gammu-1.41.0/libgammu/phone/nokia/dct3/dct3func.c:564:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Data->Bitmap->NetworkCode,"000 00");
data/gammu-1.41.0/libgammu/phone/nokia/dct3/dct3func.c:590:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[100] = {0x00, 0x01, 0x7c,
data/gammu-1.41.0/libgammu/phone/nokia/dct3/dct3func.c:662:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[600] = {N6110_FRAME_HEADER, 0x09};
data/gammu-1.41.0/libgammu/phone/nokia/dct3/dct3func.c:995:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char SetReq[200] = {N7110_FRAME_HEADER, 0x18,
data/gammu-1.41.0/libgammu/phone/nokia/dct3/dct3func.c:997:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char SetReq2[200] = {N7110_FRAME_HEADER, 0x1e,
data/gammu-1.41.0/libgammu/phone/nokia/dct3/dct3func.c:1141:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(SetReq + pos, "\x01\x80\x00\x00\x00\x00\x00\x00\x00", 9);
data/gammu-1.41.0/libgammu/phone/nokia/dct3/dct3func.c:1185:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(SetReq2 + pos, "\x80\x00\x00\x00\x00\x00\x00\x00", 8);
data/gammu-1.41.0/libgammu/phone/nokia/dct3/dct3func.c:1204:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(SetReq2 + pos, "\x80\x00\x00\x00\x00\x00\x00\x00", 8);
data/gammu-1.41.0/libgammu/phone/nokia/dct3/dct3func.c:1227:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(SetReq2 + pos, "\x80\x00\x00\x00\x00\x00\x00\x00", 8);
data/gammu-1.41.0/libgammu/phone/nokia/dct3/dct3func.c:1258:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[256] = {N6110_FRAME_HEADER, 0x01, 0x02, 0x00};
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:161:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Temp[16]; /* This is our temporary working area. */
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:328:33: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Data->Memory->Entries[Data->Memory->EntriesNum].Text,
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:643:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[100];
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:668:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[100];
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:717:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[256] = {N6110_FRAME_HEADER, 0x04,
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:796:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[1000] = {N6110_FRAME_HEADER, 0x36,
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:799:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char reqBin[1000] = {0x00,0x01,0xa0,0x00,0x00,0x0c,0x01,0x2c};
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:815:33: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(req+2,UDHHeader.Text,UDHHeader.Length);
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:834:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(reqBin+current,DecodeUnicodeString(Ringtone->Name),UnicodeLength(Ringtone->Name));
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:839:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(reqBin+current,Ringtone->NokiaBinary.Frame,Ringtone->NokiaBinary.Length);
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:998:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Data->Bitmap->Text,msg->Buffer+count+2,i);
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:1028:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[10] = {N6110_FRAME_HEADER};
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:1108:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char reqPreview[1000] = {0x0c,0x01};
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:1109:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[600] = {N6110_FRAME_HEADER};
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:1127:33: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(reqPreview+2,UDHHeader.Text,UDHHeader.Length);
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:1195:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(req + count,DecodeUnicodeString(Bitmap->Text),textlen);
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:1207:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(req+count,DecodeUnicodeString(Bitmap->Text),textlen);
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:1262:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(req+count,DecodeUnicodeString(Bitmap->Text),textlen);
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:1274:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(req+count,Bitmap->Text,textlen);
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:1440:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[128] = {N6110_FRAME_HEADER, 0x04,
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:1461:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(req+current,DecodeUnicodeString(entry->Entries[Name].Text),UnicodeLength(entry->Entries[Name].Text));
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:1468:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(req+current,entry->Entries[Name].Text,UnicodeLength(entry->Entries[Name].Text)*2);
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:1478:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(req+current,DecodeUnicodeString(entry->Entries[Number].Text),UnicodeLength(entry->Entries[Number].Text));
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:1510:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[2000];
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:1519:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer,msg->Buffer,msg->Length);
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:1559:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Data->Ringtone->NokiaBinary.Frame,msg->Buffer+start,end-start);
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:1639:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[4] = {N6110_FRAME_HEADER, 0x07};
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:1670:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[15] = {N6110_FRAME_HEADER, 0x0a,
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:1676:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(req+5,Code->Code,len);
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:2141:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[200] = {N6110_FRAME_HEADER, 0x64, 0x01, 0x10,
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:2203:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(req+current,Note->Entries[Text].Text,UnicodeLength(Note->Entries[Text].Text)*2);
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:2231:33: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(req+current,DecodeUnicodeString(Note->Entries[Text].Text),UnicodeLength(Note->Entries[Text].Text));
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:2240:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(req+current,DecodeUnicodeString(Note->Entries[Phone].Text),UnicodeLength(Note->Entries[Phone].Text));
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:2402:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Entry->Entries[Entry->EntriesNum].Text,msg->Buffer+24,msg->Buffer[23]);
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:2481:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[2000];
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:2523:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[100] = {N6110_FRAME_HEADER,0x01,
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:2529:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(req+pos,number,strlen(number));
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.h:16:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char MagicBytes[4];
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n7110.c:139:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[200];
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n7110.c:254:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char output[500], output2[500];
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n7110.c:322:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(output+i,msg->Buffer+51,PHONE_GetBitmapSize(GSM_NokiaPictureImage,0,0));
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n7110.c:519:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Data->Ringtone->Name,msg->Buffer+6,tmp*2);
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n7110.c:534:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Data->Ringtone->NokiaBinary.Frame,msg->Buffer+37,i-37);
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n7110.c:683:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[1000] = {0x7C, 0x01, 0x00, 0x0D, 0x00,
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n7110.c:686:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req2[4000] = {N7110_FRAME_HEADER, 0x1F, 0x00,
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n7110.c:711:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dest,Ringtone,sizeof(GSM_Ringtone));
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n7110.c:718:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(req2+37,dest.NokiaBinary.Frame,dest.NokiaBinary.Length);
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n7110.c:774:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[256] = {N6110_FRAME_HEADER, 0x04,
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n7110.c:779:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char NameReq[200] = {N6110_FRAME_HEADER, 0x83};
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n7110.c:878:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[500];
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n7110.c:879:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[500] = {N6110_FRAME_HEADER, 0x0b, 0x00,
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n7110.c:912:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(string + 1, bitmap->Text, i);
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n7110.c:950:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[500] = {N6110_FRAME_HEADER, 0x50, 0x07,
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n7110.c:1022:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char reqStartup[1000] = {N7110_FRAME_HEADER, 0xec,
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n7110.c:1029:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char reqOp[1000] = {N7110_FRAME_HEADER, 0xa3, 0x01,
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n7110.c:1039:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char reqStartupText[500] = {N7110_FRAME_HEADER, 0xec,
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n7110.c:1127:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[5000] = {N7110_FRAME_HEADER, 0x0b, 0x00,
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n7110.c:1249:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Features[12] = {0x00,0x02,0x03,0x04,0x05,0x06,
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n9210.c:53:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[600] = { N7110_FRAME_HEADER };
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n9210.c:54:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char reqStartup[1000] = {
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n9210.c:60:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char reqStartupText[500] = {
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n9210.c:101:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(req+count, "\x00\x00\x00\x00\x00\x00", 6);
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510cal.c:185:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&entry->Entries[entry->EntriesNum].Date,&entry->Entries[0].Date,sizeof(GSM_DateTime));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510cal.c:214:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(entry->Entries[entry->EntriesNum].Text,
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510cal.c:224:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(entry->Entries[entry->EntriesNum].Text, msg->Buffer+(54+msg->Buffer[51]*2), msg->Buffer[52]*2);
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510cal.c:231:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(entry->Entries[entry->EntriesNum].Text, msg->Buffer+(54+msg->Buffer[51]*2), msg->Buffer[52]*2);
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510cal.c:377:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&LastCalendar1,&Priv->LastCalendar,sizeof(GSM_NOKIACalToDoLocations));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510cal.c:402:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&LastCalendar2,&Priv->LastCalendar,sizeof(GSM_NOKIACalToDoLocations));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510cal.c:454:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[5000] = {
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510cal.c:508:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&DT,&Note->Entries[Time].Date,sizeof(GSM_DateTime));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510cal.c:539:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (EndTime != -1) memcpy(&DT,&Note->Entries[EndTime].Date,sizeof(GSM_DateTime));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510cal.c:555:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&DT,&Note->Entries[Time].Date,sizeof(GSM_DateTime));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510cal.c:685:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s->Phone.Data.Note->Text,
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510cal.c:753:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[GSM_MAX_NOTE_TEXT_LENGTH + 500] = {
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510cal.c:965:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Last->Entries[0].Text,
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510cal.c:985:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&Last->Entries[1].Date, &Date, sizeof(GSM_DateTime));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510cal.c:1016:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&Last->Entries[Last->EntriesNum].Date,&Date,sizeof(GSM_DateTime));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510cal.c:1130:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char reqSet[500] = {
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510cal.c:1186:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[GSM_MAX_TODO_TEXT_LENGTH + 500] = {
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510cal.c:1222:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&Note.Entries[0].Date,&DT,sizeof(GSM_DateTime));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510cal.c:1224:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&Note.Entries[1].Date,&DT,sizeof(GSM_DateTime));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510cal.c:1246:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&DT,&ToDo->Entries[EndTime].Date,sizeof(GSM_DateTime));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:37:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&Priv->FilesCache[i], &Priv->FilesCache[i - move], sizeof(GSM_File));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:42:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&Priv->FilesCache[i + move], &Priv->FilesCache[i], sizeof(GSM_File));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:113:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s->Phone.Data.File->Buffer+old,msg->Buffer+10,s->Phone.Data.File->Used-old);
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:134:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
GetCRC[8] = atoi(DecodeUnicodeString(id)) / 256;
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:135:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
GetCRC[9] = atoi(DecodeUnicodeString(id)) % 256;
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:145:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[500];
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:236:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%i",msg->Buffer[13+i*4-1]*256 + msg->Buffer[13+i*4]);
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:255:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[10] = {
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:263:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
req[8] = atoi(DecodeUnicodeString(File->ID_FullName)) / 256;
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:264:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
req[9] = atoi(DecodeUnicodeString(File->ID_FullName)) % 256;
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:294:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[5];
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:302:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%i",0x01);
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:355:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[10] = {
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:405:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
req[8] = atoi(DecodeUnicodeString(File->ID_FullName)) / 256;
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:406:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
req[9] = atoi(DecodeUnicodeString(File->ID_FullName)) % 256;
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:439:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
SetAttr[8] = atoi(DecodeUnicodeString(ID)) / 256;
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:440:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
SetAttr[9] = atoi(DecodeUnicodeString(ID)) % 256;
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:482:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(BackupCache, Priv->FilesCache, sizeof(GSM_File) * Priv->FilesLocationsUsed);
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:507:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(NewFiles, Priv->FilesCache, sizeof(GSM_File) * Priv->FilesLocationsUsed);
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:511:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Priv->FilesCache, BackupCache, sizeof(GSM_File) * FilesLocationsUsed);
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:548:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[8];
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:553:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%i",msg->Buffer[8]*256+msg->Buffer[9]);
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:573:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Header[20 + (2 * (GSM_MAX_FILENAME_ID_LENGTH + 1))] = {
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:577:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Add[15000] = {
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:582:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char end[30] = {
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:596:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Header[8] = atoi(DecodeUnicodeString(File->ID_FullName)) / 256;
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:597:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Header[9] = atoi(DecodeUnicodeString(File->ID_FullName)) % 256;
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:628:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Header[236] = atoi(DecodeUnicodeString(File->ID_FullName)) / 256;
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:629:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Header[237] = atoi(DecodeUnicodeString(File->ID_FullName)) % 256;
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:640:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Add[ 8] = atoi(DecodeUnicodeString(File->ID_FullName)) / 256;
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:641:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Add[ 9] = atoi(DecodeUnicodeString(File->ID_FullName)) % 256;
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:644:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Add+14,File->Buffer+(*Pos),j);
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:652:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
end[8] = atoi(DecodeUnicodeString(File->ID_FullName)) / 256;
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:653:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
end[9] = atoi(DecodeUnicodeString(File->ID_FullName)) % 256;
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:667:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Header[8] = atoi(DecodeUnicodeString(File->ID_FullName)) / 256;
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:668:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Header[9] = atoi(DecodeUnicodeString(File->ID_FullName)) % 256;
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:747:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Delete[40] = {
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:769:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Delete[8] = atoi(DecodeUnicodeString(ID)) / 256;
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:770:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Delete[9] = atoi(DecodeUnicodeString(ID)) % 256;
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:787:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[8];
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:789:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%i",msg->Buffer[8]*256+msg->Buffer[9]);
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:798:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Header[20 + (2 * (GSM_MAX_FILENAME_ID_LENGTH + 1))] = {
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:810:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Header[8] = atoi(DecodeUnicodeString(File->ID_FullName)) / 256;
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:811:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Header[9] = atoi(DecodeUnicodeString(File->ID_FullName)) % 256;
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:816:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Header[236] = atoi(DecodeUnicodeString(File->ID_FullName)) / 256;
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:817:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Header[237] = atoi(DecodeUnicodeString(File->ID_FullName)) % 256;
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:852:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(File,&Priv->FilesCache[0],sizeof(GSM_File));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:892:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[20 + (2 * (GSM_MAX_FILENAME_ID_LENGTH + 1))] =
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:918:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[200] = {N6110_FRAME_HEADER, 0x74, 0x00, 0x00,
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:932:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req2[15000] = {
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:1064:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[20 + (2 * (GSM_MAX_FILENAME_ID_LENGTH + 1))] = {
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:1087:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[20 + (2 * (GSM_MAX_FILENAME_ID_LENGTH + 1))] = {
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:1167:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(File,&Priv->FilesCache[0],sizeof(GSM_File));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:1174:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(File,&Priv->FilesCache[0],sizeof(GSM_File));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:1178:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(File,&Priv->FilesCache[0],sizeof(GSM_File));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:1276:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Header2[20 + (2 * (GSM_MAX_FILENAME_ID_LENGTH + 1))] = {
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:1280:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&File2,File,sizeof(GSM_File));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:1327:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[15000] = {
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:1331:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Header[20 + (2 * (GSM_MAX_FILENAME_ID_LENGTH + 1))] = {
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:1366:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(req+14,File->Buffer+(*Pos),j);
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:1447:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(File,&Priv->FilesCache[0],sizeof(GSM_File));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:1455:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(File,&Priv->FilesCache[0],sizeof(GSM_File));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:1482:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[20 + (2 * (GSM_MAX_FILENAME_ID_LENGTH + 1))] = {
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:1528:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[20 + (2 * (GSM_MAX_FILENAME_ID_LENGTH + 1))] = {
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:1554:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (error == ERR_NONE) memcpy(File->ID_FullName,req+6,Pos);
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:1576:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[20 + (2 * (GSM_MAX_FILENAME_ID_LENGTH + 1))] = {
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:1621:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&File2,File,sizeof(GSM_File));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:1624:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(File,&File2,sizeof(GSM_File));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:1642:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20 + (2 * (GSM_MAX_FILENAME_ID_LENGTH + 1))];
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:1687:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20 + (2 * (GSM_MAX_FILENAME_ID_LENGTH + 1))];
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:1698:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&File2,File,sizeof(GSM_File));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:1702:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(File,&File2,sizeof(GSM_File));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:1728:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&File2,File,sizeof(GSM_File));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:1731:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(File,&File2,sizeof(GSM_File));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:1779:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&File2,File,sizeof(GSM_File));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:1782:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(File,&File2,sizeof(GSM_File));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:1834:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20 + (2 * (GSM_MAX_FILENAME_ID_LENGTH + 1))];
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:1845:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&File2,File,sizeof(GSM_File));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:1849:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(File,&File2,sizeof(GSM_File));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:1865:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[5];
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:1889:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%i",0x01);
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:1899:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(File,&File2,sizeof(GSM_File));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:1903:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"c:\\%i",0x01);
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:1920:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(File,&File2,sizeof(GSM_File));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:1924:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"c:\\%i",0x01);
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:274:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[256] = {N6110_FRAME_HEADER,
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:391:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(network_info->LAC, "%02X%02X", msg->Buffer[current+1], msg->Buffer[current+2]);
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:393:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(network_info->CID, "%02X%02X", msg->Buffer[current+5], msg->Buffer[current+6]);
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:767:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char output[500]; /* output2[500]; */
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:814:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(output+i,msg->Buffer+30,PHONE_GetBitmapSize(GSM_NokiaPictureImage,0,0));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:860:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char folderid,namebuffer[200];
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:1059:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Bitmap,&bitmap,sizeof(GSM_Bitmap));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:1251:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[5000] = {
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:1324:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[500];
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:1328:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[500] = {
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:1388:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(string + 1, bitmap->Text, i);
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:1429:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char reqStartup[1000] = {
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:1435:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char reqColourWallPaper[200] = {
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:1440:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char reqColourStartup[200] = {
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:1442:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char reqOp[1000] = {
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:1449:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char reqColourOp[200] = {
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:1456:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char reqNote[200] = {N6110_FRAME_HEADER, 0x04, 0x01};
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:1457:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char reqPicture[2000] = {
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:1598:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char SetPreviewReq[1000] = {
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:1603:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char AddBinaryReq[33000] = {
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:1629:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(AddBinaryReq+current,Ringtone->NokiaBinary.Frame,Ringtone->NokiaBinary.Length);
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:1640:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(AddBinaryReq+current,Ringtone->NokiaBinary.Frame,Ringtone->NokiaBinary.Length);
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:1738:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buff[2000];
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:1926:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buff,msg->Buffer+tmp+10,msg->Buffer[tmp+4]);
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:1932:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buff,msg->Buffer+tmp+10+msg->Buffer[tmp+4],msg->Buffer[tmp+5]);
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:1943:32: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (msg->Buffer[tmp+2]!=0) memcpy(buff,msg->Buffer+tmp+9,msg->Buffer[tmp+2]*2);
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:2127:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Sett->Name,msg->Buffer+20,msg->Buffer[12]*2);
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:2130:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Sett->HomePage,msg->Buffer+20+msg->Buffer[12]*2,msg->Buffer[15]*2);
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:2134:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Sett->User,msg->Buffer+i+3,msg->Buffer[i]*2);
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:2137:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Sett->Password,msg->Buffer+i+3+msg->Buffer[i]*2,msg->Buffer[i+1]*2);
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:2202:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[2000] = {N6110_FRAME_HEADER, 0x18,
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:2204:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Lock[5] = {N6110_FRAME_HEADER, 0x27,
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:2206:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char UnLock[5] = {N6110_FRAME_HEADER, 0x2A,
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:2295:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(req + pos, "\x01\x00", 2); pos += 2;
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:2344:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(req + pos, "\x03\x00", 2); pos += 2;
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:2476:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(req + pos, "\x80\x00\x00\x0c", 4); pos += 4;
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:2681:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req [300] = {
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:2719:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[5] = {N6110_FRAME_HEADER, 0x11, 0x00};
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:2750:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[15] = {N6110_FRAME_HEADER, 0x07,
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:2760:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(req+5,Code->Code,len);
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:2824:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req [300] = {
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:2830:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char NameReq[200] = {
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:3011:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s->Phone.Data.PhoneString,"%02i/%04i",msg->Buffer[13],msg->Buffer[14]*256+msg->Buffer[15]);
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:3018:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[6] = {0x00, 0x05, 0x02, 0x01, 0x00, 0x02};
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:3110:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Data->RingtonesInfo->Ringtone[i].Name,msg->Buffer+tmp+8,(msg->Buffer[tmp+6]*256+msg->Buffer[tmp+7])*2);
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:3123:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char UserReq[8] = {N7110_FRAME_HEADER, 0x07, 0x00, 0x00, 0x00, 0x02};
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:3125:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char All_Req[8] = {N7110_FRAME_HEADER, 0x07, 0x00, 0x00, 0x00, 0x00};
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:3152:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Data->Ringtone->Name,msg->Buffer+8,msg->Buffer[7]*2);
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:3177:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Data->Ringtone->NokiaBinary.Frame,msg->Buffer+tmp,i-tmp);
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:3186:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req2[6] = {N7110_FRAME_HEADER, 0x12,
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:3321:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[6] = {N6110_FRAME_HEADER, 0x07, 0x01, 0x00};
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:3416:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[150] = {N6110_FRAME_HEADER, 0x01, 0x01, 0x0C, 0x01};
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:3500:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[150] = {N6110_FRAME_HEADER, 0x03, 0x01,
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:3527:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(req + length + 4, "\x00\x00\x01", 3);
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:3584:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req2[100] = {N6110_FRAME_HEADER,0x01,
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:3590:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[100] = {N6110_FRAME_HEADER,0x01,
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:3660:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s->Phone.Data.Priv.N6510.FMStatus,msg->Buffer,msg->Length);
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:3667:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[7] = {N6110_FRAME_HEADER, 0x0d, 0x00, 0x00, 0x01};
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:3675:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char name[GSM_MAX_FMSTATION_LENGTH*2+2];
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:3687:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name,msg->Buffer+18,length*2);
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:3708:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[7] = {N6110_FRAME_HEADER, 0x05,
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:3742:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[7] = {N6110_FRAME_HEADER, 0x03,0x0f,0x00,0x01};
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:3754:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char setstatus[36] = {N6110_FRAME_HEADER,0x11,0x00,0x01,0x01,
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:3759:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[64] = {N6110_FRAME_HEADER, 0x12,0x00,0x01,0x00,
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:3777:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(setstatus+14,s->Phone.Data.Priv.N6510.FMStatus+14,20);
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:3790:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (req+18,FMStation->StationName,len*2);
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:3807:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[14] = {
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:3908:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s->Phone.Data.Priv.N6510.GPRSPoints,msg->Buffer,msg->Length);
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:4060:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[200] = {N6110_FRAME_HEADER, 0x10, 0x01, 0x00, 0x01,
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:4075:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[600] = {N6110_FRAME_HEADER, 0x09};
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:4142:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s->Phone.Data.Picture->Buffer + s->Phone.Data.Picture->Length, msg->Buffer + 10, len);
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:4212:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(picture->Buffer, bmp_header, sizeof(bmp_header));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.h:27:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char CalendarIcons[10];
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.h:53:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char FMStatus[4000];
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.h:56:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char GPRSPoints[4000];
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.h:63:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char MMSFoldersID2[10][80];
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/dct4func.c:39:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char PhoneMode[10];
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/dct4func.c:66:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s->Phone.Data.IMEI,msg->Buffer + 10, 16);
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/dct4func.c:73:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[5] = {N6110_FRAME_HEADER, 0x00, 0x41};
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/n3320.h:20:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char CalendarIcons[10];
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:48:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(block+5, buf, size);
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:57:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char string[500];
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:349:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(entry->Entries[entry->EntriesNum].Text, src, length);
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:494:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(entry->Entries[entry->EntriesNum].Text,Block+6,Block[5]);
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:509:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bitmap->Text,Block+6,Block[5]);
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:1058:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(s->Phone.Data.Manufacturer,"Nokia");
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:1074:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(output,input+(*current+2),length);
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:1078:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(output,input+(*current+1),length);
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:1239:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[55] = {N6110_FRAME_HEADER, 0x01,
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:1291:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[55] = {N6110_FRAME_HEADER, 0x01,
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:1344:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[100] = {N6110_FRAME_HEADER, 0x50,
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:1352:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(req+5,DTMFSequence,strlen(DTMFSequence));
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:1566:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[5] = {N6110_FRAME_HEADER, 0x03, 0x00};
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:1586:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[5] = {N6110_FRAME_HEADER, 0x03, 0x00};
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:1830:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[2000];
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:1835:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer,msg->Buffer+8,msg->Buffer[7]);
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:1884:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[200];
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:2049:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[5000] = {
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:2097:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&Date,&Note->Entries[Time].Date,sizeof(GSM_DateTime));
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:2235:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[5000] = {
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:2268:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&DT,&Note->Entries[Time].Date,sizeof(GSM_DateTime));
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:2496:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&entry->Entries[1].Date,&entry->Entries[0].Date,sizeof(GSM_DateTime));
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:2503:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(entry->Entries[entry->EntriesNum].Text, msg->Buffer+20, msg->Buffer[18]*2);
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:2517:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&entry->Entries[1].Date,&entry->Entries[0].Date,sizeof(GSM_DateTime));
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:2526:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(entry->Entries[entry->EntriesNum].Text, msg->Buffer+20, i);
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:2534:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(entry->Entries[entry->EntriesNum].Text, msg->Buffer+20+i, msg->Buffer[19]*2);
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:2555:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&entry->Entries[1].Date,&entry->Entries[0].Date,sizeof(GSM_DateTime));
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:2569:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(entry->Entries[entry->EntriesNum].Text, msg->Buffer+22, msg->Buffer[21]*2);
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:2596:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(entry->Entries[entry->EntriesNum].Text, msg->Buffer+16, msg->Buffer[14]*2);
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:2658:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[50] = {N6110_FRAME_HEADER, 0x10,
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:2662:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer+5,buff,len);
data/gammu-1.41.0/libgammu/phone/nokia/nfuncold.c:22:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&entry->Entries[entry->EntriesNum].Date,&entry->Entries[DT].Date,sizeof(GSM_DateTime));
data/gammu-1.41.0/libgammu/phone/nokia/nfuncold.c:109:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&entry->Entries[0].Date,&Date,sizeof(GSM_DateTime));
data/gammu-1.41.0/libgammu/phone/nokia/nfuncold.c:115:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(entry->Entries[entry->EntriesNum].Text, msg->Buffer+30, msg->Buffer[28]*2);
data/gammu-1.41.0/libgammu/phone/nokia/nfuncold.c:124:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&entry->Entries[0].Date,&Date,sizeof(GSM_DateTime));
data/gammu-1.41.0/libgammu/phone/nokia/nfuncold.c:132:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(entry->Entries[entry->EntriesNum].Text, msg->Buffer+30, i);
data/gammu-1.41.0/libgammu/phone/nokia/nfuncold.c:140:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(entry->Entries[entry->EntriesNum].Text, msg->Buffer+30+i, msg->Buffer[29]*2);
data/gammu-1.41.0/libgammu/phone/nokia/nfuncold.c:167:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(entry->Entries[entry->EntriesNum].Text, msg->Buffer+32, msg->Buffer[31]*2);
data/gammu-1.41.0/libgammu/phone/nokia/wd2/n3650.c:41:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s->Phone.Data.File->Buffer+old,msg->Buffer+18,s->Phone.Data.File->Used-old);
data/gammu-1.41.0/libgammu/phone/nokia/wd2/n3650.c:51:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned const char StartReq[11] = {
data/gammu-1.41.0/libgammu/phone/nokia/wd2/n3650.c:66:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(req, StartReq, sizeof(StartReq));
data/gammu-1.41.0/libgammu/phone/nokia/wd2/n3650.c:120:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Priv->Files[i+msg->Buffer[5]],Priv->Files[i],sizeof(GSM_File));
data/gammu-1.41.0/libgammu/phone/nokia/wd2/n3650.c:161:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned const char template[11] = {
data/gammu-1.41.0/libgammu/phone/nokia/wd2/n3650.c:172:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(req, template, sizeof(template));
data/gammu-1.41.0/libgammu/phone/obex/mobex.c:46:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char appdata[1];
data/gammu-1.41.0/libgammu/phone/obex/mobex.c:83:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char appdata[1];
data/gammu-1.41.0/libgammu/phone/obex/mobex.c:109:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char appdata[3];
data/gammu-1.41.0/libgammu/phone/obex/mobex.c:136:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char appdata[3];
data/gammu-1.41.0/libgammu/phone/obex/mobex.c:232:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char appdata[3];
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:137:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Priv->connection_id, msg->Buffer + i + 1, 4);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:186:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req2[200];
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:187:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[200] = {
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:559:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[400];
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:590:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char *req, req2[200];
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:668:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(NewLUID,msg->Buffer + Pos + 3 + pos2 + 2, msg->Buffer[Pos + 3 + pos2 + 1]);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:674:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(CC,msg->Buffer + Pos + 3 + pos2 + 2, msg->Buffer[Pos + 3 + pos2 + 1]);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:680:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(timestamp,msg->Buffer + Pos + 3 + pos2 + 2, msg->Buffer[Pos + 3 + pos2 + 1]);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:756:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[2000];
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:757:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hard_delete_header[2] = {'\x12', '\x0'};
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:910:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s->Phone.Data.File->Buffer+old,msg->Buffer+Pos+3,s->Phone.Data.File->Used-old);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:959:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[2000], req2[200];
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:977:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(req2,"x-obex/folder-listing");
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:990:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(req2,"x-obex/capability");
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:1096:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Line[500],Line2[500],*name,*size;
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:1171:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&Priv->Files[i+num],&Priv->Files[i],sizeof(GSM_File));
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:1234:77: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (size != NULL) Priv->Files[Priv->FilesLocationsCurrent+pos2].Used = atoi(size+6);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:1254:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&File->Modified,&Priv->Files[Priv->FilesLocationsCurrent-1].Modified,sizeof(GSM_DateTime));
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:1270:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[200],req2[200];
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:1458:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
IEL = atoi(pos);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:1517:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
free_records = atoi(pos);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:1526:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
used_records = atoi(pos);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:1535:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
maximum_records = atoi(pos);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:1652:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[2000];
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:1746:37: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*IndexStorage)[*IndexCount] = atoi(pos);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:1835:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(path, "telecom/pb/%d.vcf", Entry->Location);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:1998:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[5000];
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:1999:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[100];
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:2044:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(path, "telecom/pb/%d.vcf", Entry->Location);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:2111:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(path, "telecom/pb/%d.vcf", Entry->Location);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:2122:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[5000];
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:2314:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(path, "telecom/cal/%d.vcs", Entry->Location);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:2472:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[5000];
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:2473:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[100];
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:2516:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(path, "telecom/cal/%d.vcf", Entry->Location);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:2583:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(path, "telecom/cal/%d.vcs", Entry->Location);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:2594:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[5000];
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:2733:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(path, "telecom/cal/%d.vcs", Entry->Location);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:2894:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[5000];
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:2895:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[100];
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:2938:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(path, "telecom/cal/%d.vcf", Entry->Location);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:3005:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(path, "telecom/cal/%d.vcs", Entry->Location);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:3016:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[5000];
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:3173:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(path, "telecom/nt/%d.vnt", Entry->Location);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:3319:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[5000];
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:3320:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[100];
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:3358:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(path, "telecom/nt/%d.vcf", Entry->Location);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:3425:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(path, "telecom/nt/%d.vnt", Entry->Location);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:3436:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[5000];
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:3532:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char match[200];
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:3560:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char match[200];
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:3577:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(match, "</");
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:3595:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char match[200];
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:3612:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(match, "=\"");
data/gammu-1.41.0/libgammu/phone/obex/obexgen.h:291:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char connection_id[4];
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:104:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cfg->Model, "obexnone");
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:316:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Priv->MajorVersion = atoi(msg->Buffer);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:321:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Priv->MinorVersion = atoi(pos + 1);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:471:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Signal->SignalStrength = atoi(Priv->MessageParts[1]);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:473:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
signal_value = atoi(Priv->MessageParts[1]);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:480:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
BatteryCharge->BatteryPercent = atoi(Priv->MessageParts[1]);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:526:43: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
s->Phone.Data.MemoryStatus->MemoryUsed = atoi(msg->Buffer);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:546:113: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
error = S60_StoreLocation(s, &Priv->ContactLocations, &Priv->ContactLocationsSize, &Priv->ContactLocationsPos, atoi(Priv->MessageParts[0]));
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:570:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
s->Phone.Data.CalStatus->Used = atoi(Priv->MessageParts[1]);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:573:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
s->Phone.Data.ToDoStatus->Used = atoi(Priv->MessageParts[2]);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:621:116: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
error = S60_StoreLocation(s, &Priv->CalendarLocations, &Priv->CalendarLocationsSize, &Priv->CalendarLocationsPos, atoi(Priv->MessageParts[0]));
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:672:104: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
error = S60_StoreLocation(s, &Priv->ToDoLocations, &Priv->ToDoLocationsSize, &Priv->ToDoLocationsPos, atoi(Priv->MessageParts[0]));
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:686:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:694:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%d", Entry->Location);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:881:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:888:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%d", Entry->Location);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:898:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[(GSM_PHONEBOOK_TEXT_LENGTH + 1) * 2];
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:899:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer [100 + (GSM_PHONEBOOK_TEXT_LENGTH + 1) * 2];
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1105:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
s->Phone.Data.Memory->Location = atoi(msg->Buffer);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1214:47: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Entry->Entries[Entry->EntriesNum].Number = atoi(repeat_rule);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1218:47: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Entry->Entries[Entry->EntriesNum].Number = atoi(repeat_rule);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1224:47: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Entry->Entries[Entry->EntriesNum].Number = atoi(repeat_rule);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1246:46: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Entry->Entries[Entry->EntriesNum].Number = atoi(interval);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1258:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1263:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%d", Entry->Location);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1274:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
s->Phone.Data.Cal->Location = atoi(msg->Buffer);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1304:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1363:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, "private");
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1365:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, "open");
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1402:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer + strlen(buffer), "%d", Entry->Entries[i].Number);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1444:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1447:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%d", Entry->Location);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1546:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Entry->Priority = atoi(priority);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1551:46: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Entry->Entries[Entry->EntriesNum].Number = atoi(crossedout);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1566:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1571:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%d", Entry->Location);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1604:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1607:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%d", Entry->Location);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1616:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
s->Phone.Data.ToDo->Location = atoi(msg->Buffer);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1636:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1674:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, "private");
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1676:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, "open");
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1691:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer + strlen(buffer), "%d", Entry->Priority);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1769:39: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
s->Phone.Data.SMSStatus->PhoneUsed = atoi(Priv->MessageParts[0]);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1770:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
s->Phone.Data.SMSStatus->PhoneUnRead = atoi(Priv->MessageParts[1]);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1793:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1795:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%d", sms->SMS[0].Location);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1808:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1810:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%d", sms->Location);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1888:101: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
error = S60_StoreLocation(s, &Priv->SMSLocations, &Priv->SMSLocationsSize, &Priv->SMSLocationsPos, atoi(Priv->MessageParts[0]));
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1929:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[((GSM_MAX_SMS_LENGTH + 1) * 2) + ((GSM_MAX_SMS_NAME_LENGTH + 1) * 2) + ((GSM_MAX_NUMBER_LENGTH + 1) * 2)];
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1930:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char textbuffer[((GSM_MAX_SMS_LENGTH + 1) * 2)];
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1943:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, "UCS2");
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1947:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, "7bit");
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1950:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, "8bit");
data/gammu-1.41.0/libgammu/phone/s60/s60phone.h:41:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *MessageParts[50];
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:69:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(cfg->Model, "obexnone");
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:382:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[800];
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:411:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( buffer, msg->Buffer + current + 2, messageLen );
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:433:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req [8] = {0,11,
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:584:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req [300] = {0,15};
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:609:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req [300] = {0,13,
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:684:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:694:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(NetInfo.CID, "%02X%02X", msg->Buffer[4], msg->Buffer[5]);
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:696:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(NetInfo.LAC, "%02X%02X", msg->Buffer[6], msg->Buffer[7]);
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:700:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf,msg->Buffer+11,msg->Buffer[10]*2);
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:715:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(Data->NetworkInfo->CID, "%02X%02X", msg->Buffer[4], msg->Buffer[5]);
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:716:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(Data->NetworkInfo->LAC, "%02X%02X", msg->Buffer[6], msg->Buffer[7]);
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:719:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf,msg->Buffer+11,msg->Buffer[10]*2);
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:790:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(entry->Entries[entry->EntriesNum].Text,msg->Buffer+pos+2,len*2);
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:802:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(entry->Entries[entry->EntriesNum].Text,msg->Buffer+pos+2,len*2);
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:838:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(entry->Entries[entry->EntriesNum].Text,msg->Buffer+pos+2,len*2);
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:857:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(entry->Entries[entry->EntriesNum].Text,msg->Buffer+pos+2,len*2);
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:868:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(entry->Entries[entry->EntriesNum].Text,msg->Buffer+pos+2,len*2);
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:929:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(entry->Entries[entry->EntriesNum].Text,msg->Buffer+pos+2,len*2);
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:941:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(entry->Entries[entry->EntriesNum].Text,msg->Buffer+pos+2,len*2);
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:977:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(entry->Entries[entry->EntriesNum].Text,msg->Buffer+pos+2,len*2);
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:996:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(entry->Entries[entry->EntriesNum].Text,msg->Buffer+pos+2,len*2);
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:1007:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(entry->Entries[entry->EntriesNum].Text,msg->Buffer+pos+2,len*2);
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:1053:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[1000] = {0x00, 0x03,
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:1130:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( req + currentByte, subMemoryEntry->Text, UnicodeLength( subMemoryEntry->Text ) * 2 );
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:1207:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Last->Entries[0].Text,msg->Buffer+pos+2,(msg->Buffer[pos]*256+msg->Buffer[pos+1])*2);
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:1270:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[5000] = {
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:1285:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&DT,&Note->Entries[Time].Date,sizeof(GSM_DateTime));
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:1300:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&DT,&Note->Entries[EndTime].Date,sizeof(GSM_DateTime));
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:1315:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&DT,&Note->Entries[Alarm].Date,sizeof(GSM_DateTime));
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:1328:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(req+current,Note->Entries[Text].Text,UnicodeLength(Note->Entries[Text].Text)*2);
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:1340:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(req+current,Note->Entries[Location].Text,UnicodeLength(Note->Entries[Location].Text)*2);
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:1404:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Entry->Entries[Entry->EntriesNum].Text,msg->Buffer+pos+2,msg->Buffer[pos+1]*2);
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:1414:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Entry->Entries[Entry->EntriesNum].Text,msg->Buffer+pos+2,msg->Buffer[pos+1]*2);
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:1499:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Data->SMSFolders->Folder[j].Name,msg->Buffer + pos+4,msg->Buffer[pos+3]*2);
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:1536:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Data->SMSC->Name,msg->Buffer+8,msg->Buffer[7]*2);
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:1551:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Data->SMSC->Number,msg->Buffer+pos+4,msg->Buffer[pos+3]*2);
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:1606:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[2] = {0x00,0x01};
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:1620:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[100] = {0x00,0x09};
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:1624:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char unicodeNumber[200];
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:1633:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( req + currentByte, unicodeNumber, UnicodeLength( unicodeNumber ) * 2 );
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:1641:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buff[200];
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:1647:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buff,msg->Buffer+pos+2,len*2);
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:1660:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[2] = {0x00,0x01};
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:1675:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buff[200];
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:1684:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buff,msg->Buffer+pos+2,len*2);
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:1693:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[2] = {0x00,0x01};
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:1701:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buff[200];
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:1707:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buff,msg->Buffer+pos+2,len*2);
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:1719:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[2] = {0x00,0x01};
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:1758:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[2] = {0x00,0x01};
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:1774:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[2] = {0x00,0x01};
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.h:29:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char CalendarIcons[10];
data/gammu-1.41.0/libgammu/protocol/alcatel/alcabus.c:21:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[1024];
data/gammu-1.41.0/libgammu/protocol/alcatel/alcabus.c:53:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer+5, data, len);
data/gammu-1.41.0/libgammu/protocol/at/at.c:237:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Msg2. Buffer, d->Msg.Buffer + d->SpecialAnswerStart, d->LineEnd - d->SpecialAnswerStart + 2);
data/gammu-1.41.0/libgammu/protocol/nokia/fbus2.c:35:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[FBUS2_MAX_TRANSMIT_LENGTH + 10]={0};
data/gammu-1.41.0/libgammu/protocol/nokia/fbus2.c:49:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer + 6, MsgBuffer, MsgLength);
data/gammu-1.41.0/libgammu/protocol/nokia/fbus2.c:84:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[FBUS2_MAX_TRANSMIT_LENGTH + 2]={0}, seqnum=0;
data/gammu-1.41.0/libgammu/protocol/nokia/fbus2.c:106:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, MsgBuffer + (MsgLength - togo), thislength);
data/gammu-1.41.0/libgammu/protocol/nokia/fbus2.c:126:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[2]={0};
data/gammu-1.41.0/libgammu/protocol/nokia/fbus2.c:209:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d->MultiMsg.Buffer+d->MultiMsg.Length,d->Msg.Buffer,d->Msg.Length-2);
data/gammu-1.41.0/libgammu/protocol/nokia/fbus2.c:322:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buff[300]={0};
data/gammu-1.41.0/libgammu/protocol/nokia/fbus2.c:400:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buff[300]={0};
data/gammu-1.41.0/libgammu/protocol/nokia/mbus2.c:35:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer + 6, MsgBuffer, MsgLength);
data/gammu-1.41.0/libgammu/protocol/nokia/mbus2.c:77:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[6]={0};
data/gammu-1.41.0/libgammu/protocol/nokia/phonet.c:51:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer + 6, MsgBuffer, MsgLength);
data/gammu-1.41.0/libgammu/protocol/nokia/phonet.c:137:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char req[10]={0};
data/gammu-1.41.0/libgammu/protocol/obex/obex.c:117:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Buffer+(*Pos),AddData,AddLength);
data/gammu-1.41.0/libgammu/protocol/protocol.h:24:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char CheckSum[2];
data/gammu-1.41.0/libgammu/protocol/s60/s60.c:64:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer + bufpos, MsgBuffer + pos, length);
data/gammu-1.41.0/libgammu/protocol/s60/s60.c:89:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
d->Msg.Type = atoi(d->idbuffer);
data/gammu-1.41.0/libgammu/protocol/s60/s60.h:31:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char idbuffer[20];
data/gammu-1.41.0/libgammu/protocol/symbian/gnapbus.c:31:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer + 6, MsgBuffer, MsgLength);
data/gammu-1.41.0/libgammu/service/backup/backics.c:27:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Buffer[1000];
data/gammu-1.41.0/libgammu/service/backup/backics.c:31:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(FileName, "wb");
data/gammu-1.41.0/libgammu/service/backup/backics.c:34:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
Length=sprintf(Buffer, "BEGIN:VCALENDAR%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backics.c:35:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
Length+=sprintf(Buffer+Length, "VERSION:2.0%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backics.c:40:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(Buffer, "%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backics.c:53:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(Buffer, "%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backics.c:65:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
Length=sprintf(Buffer, "%c%cEND:VCALENDAR%c%c",13,10,13,10);
data/gammu-1.41.0/libgammu/service/backup/backldif.c:18:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Buffer[1000],Buffer2[1000];
data/gammu-1.41.0/libgammu/service/backup/backldif.c:34:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Text[(GSM_PHONEBOOK_TEXT_LENGTH + 1) * 4];
data/gammu-1.41.0/libgammu/service/backup/backldif.c:37:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(FileName, "wb");
data/gammu-1.41.0/libgammu/service/backup/backldif.c:243:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Buffer2[1000],buff[200];
data/gammu-1.41.0/libgammu/service/backup/backldif.c:249:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buff,":: ");
data/gammu-1.41.0/libgammu/service/backup/backldif.c:258:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buff,": ");
data/gammu-1.41.0/libgammu/service/backup/backldif.c:269:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Line[2000],Buff[2000],Buff2[2000];
data/gammu-1.41.0/libgammu/service/backup/backldif.c:528:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(backup->PhonePhonebook[numPbk],&Pbk,sizeof(GSM_MemoryEntry));
data/gammu-1.41.0/libgammu/service/backup/backlmb.c:29:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char req[1000] = {
data/gammu-1.41.0/libgammu/service/backup/backlmb.c:52:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(req+count,DecodeUnicodeString(bitmap->Text),UnicodeLength(bitmap->Text));
data/gammu-1.41.0/libgammu/service/backup/backlmb.c:70:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char req[500] = {
data/gammu-1.41.0/libgammu/service/backup/backlmb.c:83:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(req+count,DecodeUnicodeString(bitmap->Text),textlen);
data/gammu-1.41.0/libgammu/service/backup/backlmb.c:116:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char req[500] = {
data/gammu-1.41.0/libgammu/service/backup/backlmb.c:164:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(FileName, "wb");
data/gammu-1.41.0/libgammu/service/backup/backlmb.c:411:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[12], buffer2[1000];
data/gammu-1.41.0/libgammu/service/backup/backlmb.c:416:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(FileName, "rb");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:90:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char unicode_key[500],*retval;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:105:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer2[1000],buffer3[1000];
data/gammu-1.41.0/libgammu/service/backup/backtext.c:110:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer2,myvalue+(strlen(myvalue)-current),200);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:114:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer2,myvalue+(strlen(myvalue)-current),current);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:135:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer2[300];
data/gammu-1.41.0/libgammu/service/backup/backtext.c:165:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[10000]={0};
data/gammu-1.41.0/libgammu/service/backup/backtext.c:166:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer2[10000]={0};
data/gammu-1.41.0/libgammu/service/backup/backtext.c:182:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"\"%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:234:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char paramname[10000],*readvalue, decodedvalue[10000];
data/gammu-1.41.0/libgammu/service/backup/backtext.c:260:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(paramname,"Unicode");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:290:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[100];
data/gammu-1.41.0/libgammu/service/backup/backtext.c:294:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, " = ");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:302:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[100];
data/gammu-1.41.0/libgammu/service/backup/backtext.c:304:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, " = %04d%02d%02d%c%c", dt->Year, dt->Month, dt->Day,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:313:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1000]={0};
data/gammu-1.41.0/libgammu/service/backup/backtext.c:317:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Location = %03i%c%c",Pbk->Location,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:324:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iLocation = Home%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:329:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iLocation = Work%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:338:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = NumberGeneral%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:343:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = NumberVideo%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:348:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = NumberMobile%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:353:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = NumberFax%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:358:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = NumberPager%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:363:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = NumberOther%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:368:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = NumberMessaging%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:373:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = Note%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:378:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = Postal%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:383:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = Email%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:388:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = Email2%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:393:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = URL%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:398:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = Name%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:403:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = CallerGroup%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:406:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iNumber = %i%c%c",j,Pbk->Entries[j].Number,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:412:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = RingtoneID%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:415:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iNumber = %i%c%c",j,Pbk->Entries[j].Number,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:421:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = PictureID%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:424:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iNumber = %i%c%c",j,Pbk->Entries[j].Number,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:430:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = PictureName%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:435:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = UserID%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:440:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = Category%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:444:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iNumber = %i%c%c",j,Pbk->Entries[j].Number,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:451:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = Private%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:454:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iNumber = %i%c%c",j,Pbk->Entries[j].Number,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:460:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = LastName%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:465:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = FirstName%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:470:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = SecondName%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:475:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = NickName%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:480:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = FormalName%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:485:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = NamePrefix%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:490:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = NameSuffix%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:495:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = Company%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:500:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = JobTitle%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:505:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = Address%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:510:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = City%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:515:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = State%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:520:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = Zip%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:525:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = Country%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:530:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = Custom1%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:535:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = Custom2%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:540:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = Custom3%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:545:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = Custom4%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:550:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = LUID%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:555:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = VOIP%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:560:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = WVID%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:565:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = SWIS%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:570:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = SIP%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:575:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = DTMF%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:580:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = Date%c%cEntry%02iText",j,13,10, j);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:588:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = LastModified%c%cEntry%02iText",j,13,10, j);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:599:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = PushToTalkID%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:606:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = BMPPhoto%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:609:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = GIFPhoto%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:612:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = JPEGPhoto%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:615:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = ICOPhoto%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:618:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = PNGPhoto%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:622:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType = Photo%c%c",j,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:627:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "Entry%02iData", j);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:634:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iText",j);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:646:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iVoiceTag = %i%c%c",j,Pbk->Entries[j].VoiceTag,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:652:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iSMSList%02i = %i%c%c",j,i,Pbk->Entries[j].SMSList[i],13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:662:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:671:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1000]={0};
data/gammu-1.41.0/libgammu/service/backup/backtext.c:674:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Location = %d%c%c", Note->Location,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:679:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:688:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1000]={0};
data/gammu-1.41.0/libgammu/service/backup/backtext.c:693:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"0%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:695:28: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case GSM_CAL_REMINDER : sprintf(buffer,"Reminder%c%c", 13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:696:28: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case GSM_CAL_CALL : sprintf(buffer,"Call%c%c", 13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:697:28: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case GSM_CAL_MEETING : sprintf(buffer,"Meeting%c%c", 13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:698:28: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case GSM_CAL_BIRTHDAY : sprintf(buffer,"Birthday%c%c", 13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:699:27: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case GSM_CAL_TRAVEL : sprintf(buffer,"Travel%c%c", 13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:700:28: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case GSM_CAL_VACATION : sprintf(buffer,"Vacation%c%c", 13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:701:23: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case GSM_CAL_MEMO : sprintf(buffer,"Memo%c%c", 13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:702:27: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case GSM_CAL_SHOPPING : sprintf(buffer,"Shopping%c%c", 13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:703:28: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case GSM_CAL_ALARM : sprintf(buffer,"Alarm%c%c", 13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:704:29: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case GSM_CAL_DAILY_ALARM: sprintf(buffer,"DailyAlarm%c%c", 13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:705:28: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case GSM_CAL_T_ATHL : sprintf(buffer,"Training/Athletism%c%c", 13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:706:35: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case GSM_CAL_T_BALL : sprintf(buffer,"Training/BallGames%c%c", 13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:707:42: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case GSM_CAL_T_CYCL : sprintf(buffer,"Training/Cycling%c%c", 13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:708:42: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case GSM_CAL_T_BUDO : sprintf(buffer,"Training/Budo%c%c", 13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:709:42: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case GSM_CAL_T_DANC : sprintf(buffer,"Training/Dance%c%c", 13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:710:42: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case GSM_CAL_T_EXTR : sprintf(buffer,"Training/ExtremeSports%c%c", 13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:711:42: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case GSM_CAL_T_FOOT : sprintf(buffer,"Training/Football%c%c", 13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:712:42: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case GSM_CAL_T_GOLF : sprintf(buffer,"Training/Golf%c%c", 13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:713:42: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case GSM_CAL_T_GYM : sprintf(buffer,"Training/Gym%c%c", 13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:714:42: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case GSM_CAL_T_HORS : sprintf(buffer,"Training/HorseRaces%c%c", 13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:715:42: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case GSM_CAL_T_HOCK : sprintf(buffer,"Training/Hockey%c%c", 13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:716:42: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case GSM_CAL_T_RACE : sprintf(buffer,"Training/Races%c%c", 13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:717:42: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case GSM_CAL_T_RUGB : sprintf(buffer,"Training/Rugby%c%c", 13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:718:42: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case GSM_CAL_T_SAIL : sprintf(buffer,"Training/Sailing%c%c", 13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:719:42: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case GSM_CAL_T_STRE : sprintf(buffer,"Training/StreetGames%c%c", 13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:720:42: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case GSM_CAL_T_SWIM : sprintf(buffer,"Training/Swimming%c%c", 13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:721:42: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case GSM_CAL_T_TENN : sprintf(buffer,"Training/Tennis%c%c", 13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:722:42: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case GSM_CAL_T_TRAV : sprintf(buffer,"Training/Travels%c%c", 13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:723:42: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case GSM_CAL_T_WINT : sprintf(buffer,"Training/WinterGames%c%c", 13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:734:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1000]={0};
data/gammu-1.41.0/libgammu/service/backup/backtext.c:737:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Location = %d%c%c", Note->Location,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:775:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "Private = %d%c%c",Note->Entries[i].Number,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:784:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "ContactID = %d%c%c",Note->Entries[i].Number,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:817:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "RepeatDayOfWeek = %d%c%c",Note->Entries[i].Number,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:822:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "RepeatDay = %d%c%c",Note->Entries[i].Number,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:827:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "RepeatWeekOfMonth = %d%c%c",Note->Entries[i].Number,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:832:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "RepeatMonth = %d%c%c",Note->Entries[i].Number,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:837:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "RepeatFrequency = %d%c%c",Note->Entries[i].Number,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:842:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "RepeatCount = %d%c%c",Note->Entries[i].Number,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:847:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "RepeatDayOfYear = %d%c%c",Note->Entries[i].Number,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:853:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:863:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[10000]={0};
data/gammu-1.41.0/libgammu/service/backup/backtext.c:867:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Active = Yes%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:872:33: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case WAPSETTINGS_BEARER_SMS : sprintf(buffer,"Bearer = SMS%c%c",13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:873:33: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case WAPSETTINGS_BEARER_GPRS: sprintf(buffer,"Bearer = GPRS%c%c",13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:874:33: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case WAPSETTINGS_BEARER_DATA: sprintf(buffer,"Bearer = Data%c%c",13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:875:33: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case WAPSETTINGS_BEARER_USSD: sprintf(buffer,"Bearer = USSD%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:880:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"ReadOnly = Yes%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:884:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Proxy");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:887:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"ProxyPort = %i%c%c",settings->ProxyPort,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:890:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Proxy2");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:893:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Proxy2Port = %i%c%c",settings->Proxy2Port,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:896:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:900:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Title%02i",i);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:903:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"HomePage%02i",i);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:907:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Type%02i = Continuous%c%c",i,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:909:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Type%02i = Temporary%c%c",i,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:914:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Security%02i = On%c%c",i,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:916:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Security%02i = Off%c%c",i,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:922:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Bearer%02i = SMS%c%c",i,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:925:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Server%02i",i);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:928:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Service%02i",i);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:933:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Bearer%02i = GPRS%c%c",i,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:936:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"IP%02i",i);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:942:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Bearer%02i = Data%c%c",i,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:946:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"CallType%02i = ISDN%c%c",i,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:948:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"CallType%02i = Analogue%c%c",i,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:952:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"IP%02i",i);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:956:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Number%02i",i);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:960:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Login%02i = Manual%c%c",i,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:962:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Login%02i = Automatic%c%c",i,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:967:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Authentication%02i = Normal%c%c",i,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:969:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Authentication%02i = Secure%c%c",i,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:974:36: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case WAPSETTINGS_SPEED_9600 : sprintf(buffer,"CallSpeed%02i = 9600%c%c" ,i,13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:975:36: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case WAPSETTINGS_SPEED_14400: sprintf(buffer,"CallSpeed%02i = 14400%c%c",i,13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:976:36: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case WAPSETTINGS_SPEED_AUTO : sprintf(buffer,"CallSpeed%02i = auto%c%c" ,i,13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:987:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"User%02i",i);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:990:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Password%02i",i);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:995:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Bearer%02i = USSD%c%c",i,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:998:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"ServiceCode%02i",i);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1002:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"IP%02i",i);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1004:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Number%02i",i);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1009:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1018:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[10000]={0};
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1021:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"HomePage");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1024:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"User");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1027:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Password");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1037:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[10000]={0};
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1040:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"User");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1043:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Password");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1046:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"PhonebookDB");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1049:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"CalendarDB");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1052:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Server");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1056:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"SyncPhonebook = True%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1058:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"SyncPhonebook = False%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1063:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"SyncCalendar = True%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1065:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"SyncCalendar = False%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1076:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[10000]={0},buffer2[10000]={0};
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1080:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Width = %ld%c%c", (long)bitmap->BitmapWidth,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1083:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Height = %ld%c%c", (long)bitmap->BitmapHeight,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1101:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[1000]={0};
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1104:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Location = %03i%c%c",bitmap->Location,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1113:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"FileRingtone = %02x%c%c",bitmap->RingtoneID,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1115:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Ringtone = %02x%c%c",bitmap->RingtoneID,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1121:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Enabled = True%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1123:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Enabled = False%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1131:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1140:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[1000]={0};
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1147:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1156:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[1000]={0};
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1159:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"[Startup]%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1170:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1179:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[1000]={0};
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1182:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Location = %03i%c%c",SMSC->Location,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1194:26: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case SMS_FORMAT_Text : sprintf(buffer,"Text"); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1195:25: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case SMS_FORMAT_Fax : sprintf(buffer,"Fax"); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1196:27: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case SMS_FORMAT_Email : sprintf(buffer,"Email"); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1197:27: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case SMS_FORMAT_Pager : sprintf(buffer,"Pager"); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1201:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%c%cValidity = ",13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1205:27: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case SMS_VALID_1_Hour : sprintf(buffer, "1hour" ); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1206:29: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case SMS_VALID_6_Hours : sprintf(buffer, "6hours" ); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1207:26: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case SMS_VALID_1_Day : sprintf(buffer, "24hours" ); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1208:27: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case SMS_VALID_3_Days : sprintf(buffer, "72hours" ); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1209:29: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case SMS_VALID_1_Week : sprintf(buffer, "1week" ); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1211:15: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
default : sprintf(buffer,"MaximumTime" ); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1215:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%c%c%c%c",13,10,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1231:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Location = %i%c%c",ringtone->Location,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1260:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1272:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[1000]={0};
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1275:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"[Operator]%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1283:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1292:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[1000]={0};
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1296:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Location = %i%c%c",ToDo->Location,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1303:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Priority = High%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1306:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Priority = Medium%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1309:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Priority = Low%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1365:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Private = %i%c%c",ToDo->Entries[j].Number,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1370:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Category = %i%c%c",ToDo->Entries[j].Number,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1375:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"ContactID = %i%c%c",ToDo->Entries[j].Number,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1397:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1408:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[1000]={0};
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1411:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Location = %i%c%c",Profile->Location,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1418:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"DefaultName = TRUE%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1423:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"HeadSetProfile = TRUE%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1428:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"CarKitProfile = TRUE%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1434:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Feature%02i = ",j);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1443:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"RingtoneID%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1445:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"MessageToneID%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1449:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Value%02i = %i%c%c",j,Profile->FeatureValue[j],13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1455:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"CallerGroups%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1458:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Value%02i = ",j);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1463:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%i",k);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1468:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1474:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"ScreenSaverNumber%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1477:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Value%02i = %i%c%c",j,Profile->FeatureValue[j],13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1481:30: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case Profile_CallAlert : sprintf(buffer,"IncomingCallAlert%c%c",13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1482:34: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case Profile_RingtoneVolume : sprintf(buffer,"RingtoneVolume%c%c",13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1483:29: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case Profile_Vibration : sprintf(buffer,"Vibrating%c%c",13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1484:30: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case Profile_MessageTone : sprintf(buffer,"MessageTone%c%c",13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1485:30: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case Profile_KeypadTone : sprintf(buffer,"KeypadTones%c%c",13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1486:30: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case Profile_WarningTone : sprintf(buffer,"WarningTones%c%c",13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1487:30: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case Profile_ScreenSaver : sprintf(buffer,"ScreenSaver%c%c",13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1488:34: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case Profile_ScreenSaverTime : sprintf(buffer,"ScreenSaverTimeout%c%c",13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1489:30: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case Profile_AutoAnswer : sprintf(buffer,"AutomaticAnswer%c%c",13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1490:26: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case Profile_Lights : sprintf(buffer,"Lights%c%c",13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1496:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Value%02i = ",j);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1501:35: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case PROFILE_KEYPAD_LEVEL1 : sprintf(buffer,"Level1%c%c",13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1503:35: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case PROFILE_KEYPAD_LEVEL2 : sprintf(buffer,"Level2%c%c",13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1505:35: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case PROFILE_KEYPAD_LEVEL3 : sprintf(buffer,"Level3%c%c",13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1506:35: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case PROFILE_VOLUME_LEVEL4 : sprintf(buffer,"Level4%c%c",13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1507:35: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case PROFILE_VOLUME_LEVEL5 : sprintf(buffer,"Level5%c%c",13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1515:35: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case PROFILE_KEYPAD_OFF : sprintf(buffer,"Off%c%c",13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1516:40: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case PROFILE_CALLALERT_RINGING : sprintf(buffer,"Ringing%c%c",13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1517:40: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case PROFILE_CALLALERT_RINGONCE : sprintf(buffer,"RingOnce%c%c",13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1518:40: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case PROFILE_CALLALERT_ASCENDING : sprintf(buffer,"Ascending%c%c",13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1519:42: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case PROFILE_CALLALERT_CALLERGROUPS : sprintf(buffer,"CallerGroups%c%c",13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1520:38: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case PROFILE_MESSAGE_STANDARD : sprintf(buffer,"Standard%c%c",13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1521:37: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case PROFILE_MESSAGE_SPECIAL : sprintf(buffer,"Special%c%c",13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1523:40: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case PROFILE_CALLALERT_BEEPONCE : sprintf(buffer,"BeepOnce%c%c",13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1524:38: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case PROFILE_MESSAGE_ASCENDING : sprintf(buffer,"Ascending%c%c",13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1525:37: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case PROFILE_MESSAGE_PERSONAL : sprintf(buffer,"Personal%c%c",13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1529:34: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case PROFILE_VIBRATION_ON : sprintf(buffer,"On%c%c",13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1530:37: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case PROFILE_VIBRATION_FIRST : sprintf(buffer,"VibrateFirst%c%c",13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1531:33: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case PROFILE_LIGHTS_AUTO : sprintf(buffer,"Auto%c%c",13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1532:40: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case PROFILE_SAVER_TIMEOUT_5SEC : sprintf(buffer,"5Seconds%c%c",13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1533:40: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case PROFILE_SAVER_TIMEOUT_20SEC : sprintf(buffer,"20Seconds%c%c",13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1534:40: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case PROFILE_SAVER_TIMEOUT_1MIN : sprintf(buffer,"1Minute%c%c",13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1535:40: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case PROFILE_SAVER_TIMEOUT_2MIN : sprintf(buffer,"2Minutes%c%c",13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1536:40: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case PROFILE_SAVER_TIMEOUT_5MIN : sprintf(buffer,"5Minutes%c%c",13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1537:40: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case PROFILE_SAVER_TIMEOUT_10MIN : sprintf(buffer,"10Minutes%c%c",13,10); break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1538:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
default : sprintf(buffer,"UNKNOWN%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1544:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1553:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[1000]={0};
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1556:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Location = %i%c%c",FMStation->Location,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1561:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Frequency = %f%c%c",FMStation->Frequency,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1564:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1573:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[1000]={0};
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1576:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Location = %i%c%c",GPRSPoint->Location,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1584:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Active = Yes%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1588:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1598:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[1000]={0},checksum[200]={0};
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1602:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(FileName, "wb");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1606:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%c%c", 0xFE, 0xFF);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1617:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"[Backup]%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1637:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Format = 1.05%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1640:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1646:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"[PhonePBK%03i]%c%c",i+1,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1655:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"[SIMPBK%03i]%c%c",i+1,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1664:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"[Calendar%03i]%c%c",i+1,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1673:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"[Note%03i]%c%c",i+1,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1682:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"[Caller%03i]%c%c",i+1,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1691:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"[SMSC%03i]%c%c",i+1,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1700:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"[WAPBookmark%03i]%c%c",i+1,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1709:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"[WAPSettings%03i]%c%c",i+1,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1718:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"[MMSSettings%03i]%c%c",i+1,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1727:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"[SyncMLSettings%03i]%c%c",i+1,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1736:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"[ChatSettings%03i]%c%c",i+1,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1745:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"[Ringtone%03i]%c%c",i+1,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1754:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"[TODO%03i]%c%c",i+1,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1763:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"[Profile%03i]%c%c",i+1,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1772:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"[FMStation%03i]%c%c",i+1,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1781:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"[GPRSPoint%03i]%c%c",i+1,13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1802:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(FileName, "ab");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1804:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"[Checksum]%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1821:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[10000]={0};
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1839:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
num = atoi(buffer+5);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1845:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iLocation",num);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1856:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iType",num);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1967:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iNumber",num);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1970:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Pbk->Entries[Pbk->EntriesNum].Number = atoi(readvalue);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1977:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iNumber",num);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1980:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Pbk->Entries[Pbk->EntriesNum].Number = atoi(readvalue);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1987:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iNumber",num);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1990:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Pbk->Entries[Pbk->EntriesNum].Number = atoi(readvalue);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1997:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iNumber",num);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2000:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Pbk->Entries[Pbk->EntriesNum].Number = atoi(readvalue);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2007:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iNumber",num);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2010:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Pbk->Entries[Pbk->EntriesNum].Number = atoi(readvalue);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2016:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iText",num);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2025:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iText",num);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2075:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iData",num);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2094:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iText",num);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2098:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iVoiceTag",num);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2101:46: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Pbk->Entries[Pbk->EntriesNum].VoiceTag = atoi(readvalue);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2106:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Entry%02iSMSList%02i",num,i);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2112:48: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Pbk->Entries[Pbk->EntriesNum].SMSList[i] = atoi(readvalue);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2128:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[10000]={0};
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2131:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Type");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2198:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[10000]={0},buf[20]={0};
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2202:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Location");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2204:40: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (readvalue!=NULL) note->Location = atoi(readvalue);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2209:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Text");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2216:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Description");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2223:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"LUID");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2230:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Phone");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2237:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Private");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2240:47: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
note->Entries[note->EntriesNum].Number = atoi(readvalue);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2246:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"EventLocation");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2253:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"ContactID");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2256:47: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
note->Entries[note->EntriesNum].Number = atoi(readvalue);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2263:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"StartTime");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2271:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Recurrance");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2275:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
rec = atoi(readvalue);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2300:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"StopTime");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2309:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Alarm");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2313:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"AlarmType");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2325:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"ToneAlarm");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2333:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"SilentAlarm");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2341:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"LastModified");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2350:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"RepeatFrequency");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2353:47: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
note->Entries[note->EntriesNum].Number = atoi(readvalue);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2359:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"RepeatDayOfWeek");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2362:47: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
note->Entries[note->EntriesNum].Number = atoi(readvalue);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2368:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"RepeatDay");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2371:47: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
note->Entries[note->EntriesNum].Number = atoi(readvalue);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2377:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"RepeatWeekOfMonth");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2380:47: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
note->Entries[note->EntriesNum].Number = atoi(readvalue);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2386:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"RepeatMonth");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2389:47: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
note->Entries[note->EntriesNum].Number = atoi(readvalue);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2395:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"RepeatCount");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2398:47: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
note->Entries[note->EntriesNum].Number = atoi(readvalue);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2404:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"RepeatDayOfYear");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2407:47: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
note->Entries[note->EntriesNum].Number = atoi(readvalue);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2413:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"RepeatStartDate");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2421:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"RepeatStopDate");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2435:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[10000]={0};
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2440:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Location");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2442:40: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (readvalue!=NULL) ToDo->Location = atoi(readvalue);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2447:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Priority");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2458:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"StartTime");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2466:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"CompletedTime");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2474:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Text");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2481:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Description");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2488:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"EventLocation");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2495:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"LUID");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2502:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Phone");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2509:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Private");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2512:53: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ToDo->Entries[ToDo->EntriesNum].Number = atoi(readvalue);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2518:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Completed");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2531:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Category");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2534:52: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ToDo->Entries[ToDo->EntriesNum].Number = atoi(readvalue);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2540:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"ContactID");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2543:54: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ToDo->Entries[ToDo->EntriesNum].Number = atoi(readvalue);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2549:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"DueTime");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2557:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"LastModified");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2565:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Alarm");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2573:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"SilentAlarm");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2586:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[10000]={0};
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2591:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Width");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2593:79: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (readvalue==NULL) bitmap->BitmapWidth = Width; else bitmap->BitmapWidth = atoi(readvalue);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2594:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Height");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2596:82: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (readvalue==NULL) bitmap->BitmapHeight = Height; else bitmap->BitmapHeight = atoi(readvalue);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2599:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Bitmap%02i",(int)y);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2612:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[10000]={0};
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2622:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Name");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2629:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Ringtone");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2632:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"FileRingtone");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2646:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Enabled");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2658:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[10000]={0};
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2660:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Text");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2677:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[10000]={0};
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2679:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"URL");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2681:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Title");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2687:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[10000]={0};
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2690:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Network");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2692:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(bitmap->NetworkCode, readvalue + 1, 6);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2700:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[10000]={0};
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2703:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Name");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2705:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Number");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2707:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"DefaultNumber");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2709:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Format");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2721:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Validity");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2741:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[10000]={0}, *readvalue=NULL;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2746:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Bearer");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2759:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Active");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2766:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"ReadOnly");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2772:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Proxy");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2774:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"ProxyPort");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2777:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (readvalue!=NULL) settings->ProxyPort = atoi(readvalue);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2778:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Proxy2");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2780:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Proxy2Port");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2783:46: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (readvalue!=NULL) settings->Proxy2Port = atoi(readvalue);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2795:51: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (strncasecmp("Title", buffer,5) == 0) num = atoi(buffer+5);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2799:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Title%02i",num);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2801:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"HomePage%02i",num);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2803:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Type%02i",num);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2809:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Security%02i",num);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2816:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Bearer%02i",num);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2822:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Server%02i",num);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2824:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Service%02i",num);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2829:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Number%02i",num);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2831:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"IP%02i",num);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2833:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"User%02i",num);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2835:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Password%02i",num);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2837:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Authentication%02i",num);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2844:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"CallSpeed%02i",num);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2852:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Login%02i",num);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2859:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"CallType%02i",num);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2868:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"ServiceCode%02i",num);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2870:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"IP%02i",num);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2874:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"IP%02i",num);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2877:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Number%02i",num);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2889:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[10000]={0}, *readvalue=NULL;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2892:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Name");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2895:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Location");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2897:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (readvalue!=NULL) ringtone->Location = atoi(readvalue);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2898:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"NokiaBinary00");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2908:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Pure Midi00");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2923:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[10000]={0};
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2929:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Name");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2932:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Location");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2934:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Profile->Location = atoi(readvalue);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2937:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"DefaultName");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2942:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"HeadSetProfile");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2947:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"CarKitProfile");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2961:54: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (strncasecmp("Feature", buffer, 7) == 0) num = atoi(buffer+7);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2965:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Feature%02i",num);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2971:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Value%02i",num);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2973:52: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Profile->FeatureValue[Profile->FeaturesNumber]=atoi(readvalue);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2977:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Value%02i",num);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2979:52: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Profile->FeatureValue[Profile->FeaturesNumber]=atoi(readvalue);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2983:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Value%02i",num);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2985:52: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Profile->FeatureValue[Profile->FeaturesNumber]=atoi(readvalue);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2989:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Value%02i",num);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:3030:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Value%02i",num);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:3141:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[10000]={0}, *readvalue=NULL;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:3147:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Location");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:3149:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (readvalue!=NULL) FMStation->Location = atoi(readvalue);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:3151:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"StationName");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:3154:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Frequency");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:3167:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[10000]={0}, *readvalue=NULL;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:3176:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Active");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:3182:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Location");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:3184:45: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (readvalue!=NULL) GPRSPoint->Location = atoi(readvalue);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:3186:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Name");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:3189:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"URL");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:3195:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[100]={0};
data/gammu-1.41.0/libgammu/service/backup/backtext.c:3197:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Text");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:3204:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100]={0}, *readvalue=NULL;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:3210:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char guessbuffer[10]={0};
data/gammu-1.41.0/libgammu/service/backup/backtext.c:3213:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(FileName, "rb");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:3228:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Backup");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:3265:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Checksum");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:3318:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
backup->PhonePhonebook[num]->Location = atoi (readvalue);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:3347:42: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
backup->SIMPhonebook[num]->Location = atoi (readvalue);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:3405:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
backup->CallerLogos[num]->Location = atoi (readvalue);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:3432:34: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
backup->SMSC[num]->Location = atoi (readvalue);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:3590:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Startup");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:3602:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer,"Operator");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:3979:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(FileName, "rb");
data/gammu-1.41.0/libgammu/service/backup/backtext.c:3993:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[10000]={0};
data/gammu-1.41.0/libgammu/service/backup/backtext.c:4133:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(FileName, "ab");
data/gammu-1.41.0/libgammu/service/backup/backvcf.c:26:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Buffer[100000];
data/gammu-1.41.0/libgammu/service/backup/backvcf.c:30:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(FileName, "wb");
data/gammu-1.41.0/libgammu/service/backup/backvcf.c:42:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(Buffer, "%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backvcf.c:56:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(Buffer, "%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backvcf.c:100:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(backup->SIMPhonebook[numSIM],&Pbk,sizeof(GSM_MemoryEntry));
data/gammu-1.41.0/libgammu/service/backup/backvcf.c:118:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(backup->PhonePhonebook[numPbk],&Pbk,sizeof(GSM_MemoryEntry));
data/gammu-1.41.0/libgammu/service/backup/backvcs.c:26:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Buffer[1000];
data/gammu-1.41.0/libgammu/service/backup/backvcs.c:30:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(FileName, "wb");
data/gammu-1.41.0/libgammu/service/backup/backvcs.c:33:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
Length=sprintf(Buffer, "BEGIN:VCALENDAR%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backvcs.c:34:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
Length+=sprintf(Buffer+Length, "VERSION:1.0%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backvcs.c:39:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(Buffer, "%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backvcs.c:52:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(Buffer, "%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backvcs.c:64:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
Length=sprintf(Buffer, "%c%cEND:VCALENDAR%c%c",13,10,13,10);
data/gammu-1.41.0/libgammu/service/backup/backvcs.c:107:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(backup->Calendar[numCal],&Calendar,sizeof(GSM_CalendarEntry));
data/gammu-1.41.0/libgammu/service/backup/backvcs.c:124:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(backup->ToDo[numToDo], &ToDo, sizeof(GSM_ToDoEntry));
data/gammu-1.41.0/libgammu/service/backup/backvnt.c:31:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Buffer[1000];
data/gammu-1.41.0/libgammu/service/backup/backvnt.c:35:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(FileName, "wb");
data/gammu-1.41.0/libgammu/service/backup/backvnt.c:48:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(Buffer, "%c%c",13,10);
data/gammu-1.41.0/libgammu/service/backup/backvnt.c:90:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(backup->Note[num], &Note, sizeof(GSM_NoteEntry));
data/gammu-1.41.0/libgammu/service/gsmcal.c:113:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&DT,&entry->Entries[start].Date,sizeof(GSM_DateTime));
data/gammu-1.41.0/libgammu/service/gsmcal.c:190:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&entry->Entries[entry->EntriesNum].Date,&entry->Entries[num].Date,sizeof(GSM_DateTime));
data/gammu-1.41.0/libgammu/service/gsmcal.c:229:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rec[20],endday[20];
data/gammu-1.41.0/libgammu/service/gsmcal.c:408:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(string, "PHONE CALL");
data/gammu-1.41.0/libgammu/service/gsmcal.c:411:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(string, "MEETING");
data/gammu-1.41.0/libgammu/service/gsmcal.c:414:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(string, "DATE");
data/gammu-1.41.0/libgammu/service/gsmcal.c:417:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(string, "TRAVEL");
data/gammu-1.41.0/libgammu/service/gsmcal.c:420:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(string, "VACATION");
data/gammu-1.41.0/libgammu/service/gsmcal.c:423:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(string, "ANNIVERSARY");
data/gammu-1.41.0/libgammu/service/gsmcal.c:426:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(string, "SHOPPING LIST");
data/gammu-1.41.0/libgammu/service/gsmcal.c:430:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(string, "MISCELLANEOUS");
data/gammu-1.41.0/libgammu/service/gsmcal.c:445:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *DaysOfWeek[8] = {"SU", "MO", "TU", "WE", "TH", "FR", "SA", "SU"};
data/gammu-1.41.0/libgammu/service/gsmcal.c:817:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dtstr[20];
data/gammu-1.41.0/libgammu/service/gsmcal.c:818:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char category[100];
data/gammu-1.41.0/libgammu/service/gsmcal.c:966:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dtstr,"-PT%iM",deltatime.Minute);
data/gammu-1.41.0/libgammu/service/gsmcal.c:972:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dtstr,"-PT%iH",deltatime.Hour);
data/gammu-1.41.0/libgammu/service/gsmcal.c:978:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(dtstr,"-P%iD",deltatime.Day);
data/gammu-1.41.0/libgammu/service/gsmcal.c:1040:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char category[100];
data/gammu-1.41.0/libgammu/service/gsmcal.c:1437:51: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Calendar->Entries[Calendar->EntriesNum].Number = atoi(pos); \
data/gammu-1.41.0/libgammu/service/gsmcal.c:1676:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Line[2000],Buff[2000];
data/gammu-1.41.0/libgammu/service/gsmcal.c:1987:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(DecodeUnicodeString(Buff))>=9) ToDo->Priority = GSM_Priority_High;
data/gammu-1.41.0/libgammu/service/gsmcal.c:1988:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
else if (atoi(DecodeUnicodeString(Buff))>=5) ToDo->Priority = GSM_Priority_Medium;
data/gammu-1.41.0/libgammu/service/gsmcal.c:1989:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
else if (atoi(DecodeUnicodeString(Buff))>=1) ToDo->Priority = GSM_Priority_Low;
data/gammu-1.41.0/libgammu/service/gsmcal.c:1992:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(DecodeUnicodeString(Buff))==3) ToDo->Priority = GSM_Priority_Low;
data/gammu-1.41.0/libgammu/service/gsmcal.c:1993:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
else if (atoi(DecodeUnicodeString(Buff))==2) ToDo->Priority = GSM_Priority_Medium;
data/gammu-1.41.0/libgammu/service/gsmcal.c:1994:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
else if (atoi(DecodeUnicodeString(Buff))==1) ToDo->Priority = GSM_Priority_High;
data/gammu-1.41.0/libgammu/service/gsmcal.c:2032:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Line[2000],Buff[2000];
data/gammu-1.41.0/libgammu/service/gsmdata.c:44:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[400];
data/gammu-1.41.0/libgammu/service/gsmdata.c:49:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Buffer+(*Length),"\x1F\x2A");
data/gammu-1.41.0/libgammu/service/gsmdata.c:51:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Buffer+(*Length),"application/x-wap-prov.browser-settings");
data/gammu-1.41.0/libgammu/service/gsmdata.c:54:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Buffer+(*Length),"\x81\xEA");
data/gammu-1.41.0/libgammu/service/gsmdata.c:56:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Buffer+(*Length),"\x01\x01");
data/gammu-1.41.0/libgammu/service/gsmdata.c:192:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[100];
data/gammu-1.41.0/libgammu/service/gsmdata.c:197:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Buffer+(*Length),"\x1F\x2B");
data/gammu-1.41.0/libgammu/service/gsmdata.c:199:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Buffer+(*Length),"application/x-wap-prov.browser-bookmarks");
data/gammu-1.41.0/libgammu/service/gsmdata.c:202:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Buffer+(*Length),"\x81\xEA");
data/gammu-1.41.0/libgammu/service/gsmdata.c:290:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
*Length+=sprintf(Buffer+(*Length), "BEGIN:VBKM%c%c",13,10);
data/gammu-1.41.0/libgammu/service/gsmdata.c:291:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
*Length+=sprintf(Buffer+(*Length), "VERSION:1.0%c%c",13,10);
data/gammu-1.41.0/libgammu/service/gsmdata.c:294:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
*Length+=sprintf(Buffer+(*Length), "BEGIN:ENV%c%c",13,10);
data/gammu-1.41.0/libgammu/service/gsmdata.c:295:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
*Length+=sprintf(Buffer+(*Length), "X-IRMC-URL;QUOTED-PRINTABLE:=%c%c",13,10);
data/gammu-1.41.0/libgammu/service/gsmdata.c:296:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
*Length+=sprintf(Buffer+(*Length), "[InternetShortcut] =%c%c",13,10);
data/gammu-1.41.0/libgammu/service/gsmdata.c:298:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
*Length+=sprintf(Buffer+(*Length), "END:ENV%c%c",13,10);
data/gammu-1.41.0/libgammu/service/gsmdata.c:299:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
*Length+=sprintf(Buffer+(*Length), "END:VBKM%c%c",13,10);
data/gammu-1.41.0/libgammu/service/gsmdata.c:309:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[1000];
data/gammu-1.41.0/libgammu/service/gsmdata.c:324:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Buffer+(*Length),"application/vnd.wap.mms-message");
data/gammu-1.41.0/libgammu/service/gsmdata.c:406:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(Buffer+(*Length),"\x88\x05\x81\x03\x02\xA3\xA3");
data/gammu-1.41.0/libgammu/service/gsmdata.c:439:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpbuf[100];
data/gammu-1.41.0/libgammu/service/gsmdata.c:442:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, "text/plain");
data/gammu-1.41.0/libgammu/service/gsmdata.c:445:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, "text/x-vCalendar");
data/gammu-1.41.0/libgammu/service/gsmdata.c:448:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, "text/x-vCard");
data/gammu-1.41.0/libgammu/service/gsmdata.c:451:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, "image/gif");
data/gammu-1.41.0/libgammu/service/gsmdata.c:454:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, "image/jpeg");
data/gammu-1.41.0/libgammu/service/gsmdata.c:457:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, "application/vnd.wap.multipart.mixed");
data/gammu-1.41.0/libgammu/service/gsmdata.c:460:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buffer, "application/vnd.wap.multipart.related");
data/gammu-1.41.0/libgammu/service/gsmdata.c:463:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpbuf, "application/x-%d", type);
data/gammu-1.41.0/libgammu/service/gsmdata.c:477:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[200],buff2[200];
data/gammu-1.41.0/libgammu/service/gsmdata.c:519:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buff, "; type=");
data/gammu-1.41.0/libgammu/service/gsmdata.c:529:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buff, "; start=");
data/gammu-1.41.0/libgammu/service/gsmdata.c:554:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buff, "; type=");
data/gammu-1.41.0/libgammu/service/gsmdata.c:564:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buff, "; start=");
data/gammu-1.41.0/libgammu/service/gsmdata.c:601:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&info->DateTime,&Date,sizeof(GSM_DateTime));
data/gammu-1.41.0/libgammu/service/gsmdata.c:677:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x80: sprintf(info->MSGType,"m-send-req"); break;
data/gammu-1.41.0/libgammu/service/gsmdata.c:678:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x81: sprintf(info->MSGType,"m-send-conf"); break;
data/gammu-1.41.0/libgammu/service/gsmdata.c:679:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x82: sprintf(info->MSGType,"m-notification-ind"); break;
data/gammu-1.41.0/libgammu/service/gsmdata.c:680:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x83: sprintf(info->MSGType,"m-notifyresp-ind"); break;
data/gammu-1.41.0/libgammu/service/gsmdata.c:681:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x84: sprintf(info->MSGType,"m-retrieve-conf"); break;
data/gammu-1.41.0/libgammu/service/gsmdata.c:682:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x85: sprintf(info->MSGType,"m-acknowledge-ind"); break;
data/gammu-1.41.0/libgammu/service/gsmdata.c:683:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 0x86: sprintf(info->MSGType,"m-delivery-ind"); break;
data/gammu-1.41.0/libgammu/service/gsmdata.c:895:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buff, "; type=");
data/gammu-1.41.0/libgammu/service/gsmdata.c:905:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(buff, "; type=");
data/gammu-1.41.0/libgammu/service/gsmdata.c:952:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(info->Entries[info->EntriesNum].File.Buffer,file->Buffer+pos,len3);
data/gammu-1.41.0/libgammu/service/gsmlogo.c:325:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buff[1];
data/gammu-1.41.0/libgammu/service/gsmlogo.c:399:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer,header,sizeof(header));
data/gammu-1.41.0/libgammu/service/gsmlogo.c:414:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buffer+buffpos,buff,1);
data/gammu-1.41.0/libgammu/service/gsmlogo.c:433:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buffer+buffpos,buff,1);
data/gammu-1.41.0/libgammu/service/gsmlogo.c:443:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buffer+buffpos,buff,1);
data/gammu-1.41.0/libgammu/service/gsmlogo.c:465:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[1000];
data/gammu-1.41.0/libgammu/service/gsmlogo.c:646:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[GSM_BITMAP_SIZE];
data/gammu-1.41.0/libgammu/service/gsmlogo.c:662:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[4];
data/gammu-1.41.0/libgammu/service/gsmlogo.c:681:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(FileName, "wb");
data/gammu-1.41.0/libgammu/service/gsmlogo.c:708:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buff[60];
data/gammu-1.41.0/libgammu/service/gsmlogo.c:724:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buff,buffer,54);
data/gammu-1.41.0/libgammu/service/gsmlogo.c:780:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buff,buffer+54,pos);
data/gammu-1.41.0/libgammu/service/gsmlogo.c:806:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buff,buffer+buffpos,1);
data/gammu-1.41.0/libgammu/service/gsmlogo.c:837:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buff,buffer+buffpos,1);
data/gammu-1.41.0/libgammu/service/gsmlogo.c:864:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[1000];
data/gammu-1.41.0/libgammu/service/gsmlogo.c:956:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[2000];
data/gammu-1.41.0/libgammu/service/gsmlogo.c:967:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(bitmap->Bitmap[0].NetworkCode, "%d %02d", buffer[0]+256*buffer[1], buffer[2]);
data/gammu-1.41.0/libgammu/service/gsmlogo.c:1010:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char block[6],buffer[505];
data/gammu-1.41.0/libgammu/service/gsmlogo.c:1049:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[10000];
data/gammu-1.41.0/libgammu/service/gsmlogo.c:1097:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[30];
data/gammu-1.41.0/libgammu/service/gsmlogo.c:1102:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(FileName, "rb");
data/gammu-1.41.0/libgammu/service/gsmmisc.c:81:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(FileName,"rb");
data/gammu-1.41.0/libgammu/service/gsmmisc.c:119:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Line[2000];
data/gammu-1.41.0/libgammu/service/gsmmisc.c:138:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Size2[200];
data/gammu-1.41.0/libgammu/service/gsmmisc.c:156:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
(*Size) = atoi(Size2);
data/gammu-1.41.0/libgammu/service/gsmmisc.c:257:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char year[5]="", month[3]="", day[3]="", hour[3]="", minute[3]="", second[3]="";
data/gammu-1.41.0/libgammu/service/gsmmisc.c:273:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dt->Year = atoi(year);
data/gammu-1.41.0/libgammu/service/gsmmisc.c:274:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dt->Month = atoi(month);
data/gammu-1.41.0/libgammu/service/gsmmisc.c:275:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dt->Day = atoi(day);
data/gammu-1.41.0/libgammu/service/gsmmisc.c:283:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dt->Hour = atoi(hour);
data/gammu-1.41.0/libgammu/service/gsmmisc.c:284:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dt->Minute = atoi(minute);
data/gammu-1.41.0/libgammu/service/gsmmisc.c:285:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dt->Second = atoi(second);
data/gammu-1.41.0/libgammu/service/gsmmisc.c:315:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buff[200];
data/gammu-1.41.0/libgammu/service/gsmmisc.c:337:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullstart[200];
data/gammu-1.41.0/libgammu/service/gsmmisc.c:338:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char datestring[200];
data/gammu-1.41.0/libgammu/service/gsmmisc.c:343:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fullstart, ";VALUE=DATE");
data/gammu-1.41.0/libgammu/service/gsmmisc.c:349:4: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fullstart, ";VALUE=DATE-TIME");
data/gammu-1.41.0/libgammu/service/gsmmisc.c:402:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char spacer[2]={0};
data/gammu-1.41.0/libgammu/service/gsmmisc.c:444:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char tmp[1000];
data/gammu-1.41.0/libgammu/service/gsmnet.c:2762:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char retval[200];
data/gammu-1.41.0/libgammu/service/gsmnet.c:2763:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char NetworkCodeFull[8];
data/gammu-1.41.0/libgammu/service/gsmnet.c:2794:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char retval[200];
data/gammu-1.41.0/libgammu/service/gsmpbk.c:37:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char dest[(GSM_PHONEBOOK_TEXT_LENGTH*2+2+1)*2];
data/gammu-1.41.0/libgammu/service/gsmpbk.c:133:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[1024];
data/gammu-1.41.0/libgammu/service/gsmpbk.c:625:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[500]; /* Taken from DecodeUnicodeString(). How to get length of the encoded unicode string? There may be embedded 0s. */
data/gammu-1.41.0/libgammu/service/gsmpbk.c:680:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Buff[20000];
data/gammu-1.41.0/libgammu/service/gsmpbk.c:712:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
version = atoi(Line + 8);
data/gammu-1.41.0/libgammu/service/gsmpbk.c:1057:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Pbk->Entries[Pbk->EntriesNum].Number = atoi(DecodeUnicodeString(Buff));
data/gammu-1.41.0/libgammu/service/gsmpbk.c:1064:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Pbk->Entries[Pbk->EntriesNum].Number = atoi(DecodeUnicodeString(Buff));
data/gammu-1.41.0/libgammu/service/gsmpbk.c:1071:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Pbk->Location = atoi(DecodeUnicodeString(Buff));
data/gammu-1.41.0/libgammu/service/gsmring.c:212:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[15];
data/gammu-1.41.0/libgammu/service/gsmring.c:379:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Buffer[2000];
data/gammu-1.41.0/libgammu/service/gsmring.c:419:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char midifile[3000] = {
data/gammu-1.41.0/libgammu/service/gsmring.c:483:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Buffer[2000];
data/gammu-1.41.0/libgammu/service/gsmring.c:500:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(FileName, "wb");
data/gammu-1.41.0/libgammu/service/gsmring.c:546:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[2000],Name[100];
data/gammu-1.41.0/libgammu/service/gsmring.c:564:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Name,buffer,i);
data/gammu-1.41.0/libgammu/service/gsmring.c:581:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
switch (atoi(buffer+i+2)) {
data/gammu-1.41.0/libgammu/service/gsmring.c:591:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
switch (atoi(buffer+i+2)) {
data/gammu-1.41.0/libgammu/service/gsmring.c:599:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
DefNoteTempo=atoi(buffer+i+2);
data/gammu-1.41.0/libgammu/service/gsmring.c:687:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
switch (atoi(buffer+i)) {
data/gammu-1.41.0/libgammu/service/gsmring.c:742:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
switch (atoi(buffer+i)) {
data/gammu-1.41.0/libgammu/service/gsmring.c:773:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Buffer[2000];
data/gammu-1.41.0/libgammu/service/gsmring.c:783:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Buffer[4000];
data/gammu-1.41.0/libgammu/service/gsmring.c:803:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[2000];
data/gammu-1.41.0/libgammu/service/gsmring.c:814:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ringtone->NokiaBinary.Frame,buffer+i,ringtone->NokiaBinary.Length);
data/gammu-1.41.0/libgammu/service/gsmring.c:855:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[2000];
data/gammu-1.41.0/libgammu/service/gsmring.c:863:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ringtone->NokiaBinary.Frame,buffer+21+UnicodeLength(ringtone->Name)*2,ringtone->NokiaBinary.Length);
data/gammu-1.41.0/libgammu/service/gsmring.c:868:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ringtone->NokiaBinary.Frame,buffer+19+UnicodeLength(ringtone->Name),ringtone->NokiaBinary.Length);
data/gammu-1.41.0/libgammu/service/gsmring.c:877:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[300];
data/gammu-1.41.0/libgammu/service/gsmring.c:884:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(FileName, "rb");
data/gammu-1.41.0/libgammu/service/gsmring.c:997:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Buffer[200];
data/gammu-1.41.0/libgammu/service/gsmring.c:1132:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Buffer[100];
data/gammu-1.41.0/libgammu/service/gsmring.c:1258:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(dest->NokiaBinary.Frame+current,"\x02\xFC\x09"); current=current+3;
data/gammu-1.41.0/libgammu/service/gsmring.c:1268:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(dest->NokiaBinary.Frame+current,"\x0A\x01"); current=current+2;
data/gammu-1.41.0/libgammu/service/gsmring.c:1559:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest,src,sizeof(GSM_Ringtone));
data/gammu-1.41.0/libgammu/service/gsmring.c:1583:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
*maxlength+=sprintf(package,"BEGIN:IMELODY%c%c",13,10);
data/gammu-1.41.0/libgammu/service/gsmring.c:1585:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
*maxlength+=sprintf(package+(*maxlength),"VERSION:1.0%c%c",13,10);
data/gammu-1.41.0/libgammu/service/gsmring.c:1587:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
*maxlength+=sprintf(package+(*maxlength),"VERSION:1.2%c%c",13,10);
data/gammu-1.41.0/libgammu/service/gsmring.c:1589:16: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
*maxlength+=sprintf(package+(*maxlength),"FORMAT:CLASS1.0%c%c",13,10);
data/gammu-1.41.0/libgammu/service/gsmring.c:1606:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
Len+=sprintf(package+Len,"BEAT:%i%c%c",DefNoteTempo,13,10);
data/gammu-1.41.0/libgammu/service/gsmring.c:1613:31: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case NaturalStyle :Len+=sprintf(package+Len,"STYLE:S0%c%c",13,10); break;
data/gammu-1.41.0/libgammu/service/gsmring.c:1614:31: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case ContinuousStyle:Len+=sprintf(package+Len,"STYLE:S1%c%c",13,10); break;
data/gammu-1.41.0/libgammu/service/gsmring.c:1615:31: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case StaccatoStyle :Len+=sprintf(package+Len,"STYLE:S2%c%c",13,10); break;
data/gammu-1.41.0/libgammu/service/gsmring.c:1618:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
Len+=sprintf(package+Len,"MELODY:");
data/gammu-1.41.0/libgammu/service/gsmring.c:1638:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
Len+=sprintf(package+Len,"*%i",Note->Scale-1);
data/gammu-1.41.0/libgammu/service/gsmring.c:1642:25: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case Note_Cis :Len+=sprintf(package+Len,"#c");break;
data/gammu-1.41.0/libgammu/service/gsmring.c:1644:25: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case Note_Dis :Len+=sprintf(package+Len,"#d");break;
data/gammu-1.41.0/libgammu/service/gsmring.c:1647:25: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case Note_Fis :Len+=sprintf(package+Len,"#f");break;
data/gammu-1.41.0/libgammu/service/gsmring.c:1649:25: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case Note_Gis :Len+=sprintf(package+Len,"#g");break;
data/gammu-1.41.0/libgammu/service/gsmring.c:1651:25: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case Note_Ais :Len+=sprintf(package+Len,"#a");break;
data/gammu-1.41.0/libgammu/service/gsmring.c:1681:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(*maxlength)+=sprintf(package+Len,"ledoff");
data/gammu-1.41.0/libgammu/service/gsmring.c:1685:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(*maxlength)+=sprintf(package+Len,"ledon");
data/gammu-1.41.0/libgammu/service/gsmring.c:1689:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(*maxlength)+=sprintf(package+Len,"vibeoff");
data/gammu-1.41.0/libgammu/service/gsmring.c:1693:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(*maxlength)+=sprintf(package+Len,"vibeon");
data/gammu-1.41.0/libgammu/service/gsmring.c:1697:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(*maxlength)+=sprintf(package+Len,"backoff");
data/gammu-1.41.0/libgammu/service/gsmring.c:1701:18: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
(*maxlength)+=sprintf(package+Len,"backon");
data/gammu-1.41.0/libgammu/service/gsmring.c:1710:32: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
if (version != 0) *maxlength+=sprintf(package+(*maxlength),"%c%cEND:IMELODY%c%c",13,10,13,10);
data/gammu-1.41.0/libgammu/service/sms/gsmems.c:25:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Buffer[GSM_MAX_SMS_LENGTH*2*GSM_MAX_MULTI_SMS];
data/gammu-1.41.0/libgammu/service/sms/gsmems.c:571:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Info->Entries[Info->EntriesNum].Buffer + BufferLen - 2, SMS->Text + (*Pos) *2, Len * 2);
data/gammu-1.41.0/libgammu/service/sms/gsmmulti.c:244:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(SMS->SMS[SMS->Number].UDH.Text+SMS->SMS[SMS->Number].UDH.Length,Buffer,BufferLen);
data/gammu-1.41.0/libgammu/service/sms/gsmmulti.c:272:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(SMS->SMS[SMS->Number].Text+UnicodeLength(SMS->SMS[SMS->Number].Text)*2,Buffer,i*2);
data/gammu-1.41.0/libgammu/service/sms/gsmmulti.c:281:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(SMS->SMS[SMS->Number].Text+UnicodeLength(SMS->SMS[SMS->Number].Text)*2,Buffer,Copy*2);
data/gammu-1.41.0/libgammu/service/sms/gsmmulti.c:286:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(SMS->SMS[SMS->Number].Text+SMS->SMS[SMS->Number].Length,Buffer,Copy);
data/gammu-1.41.0/libgammu/service/sms/gsmmulti.c:423:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Buffer+(*Length),Info->Entries[0].Bitmap->Bitmap[0].Text,UnicodeLength(Info->Entries[0].Bitmap->Bitmap[0].Text)*2);
data/gammu-1.41.0/libgammu/service/sms/gsmmulti.c:430:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Buffer+(*Length),DecodeUnicodeString(Info->Entries[0].Bitmap->Bitmap[0].Text),UnicodeLength(Info->Entries[0].Bitmap->Bitmap[0].Text));
data/gammu-1.41.0/libgammu/service/sms/gsmmulti.c:444:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buff[100],UDHID;
data/gammu-1.41.0/libgammu/service/sms/gsmmulti.c:466:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(SMS->SMS[i].UDH.Text+SMS->SMS[i].UDH.Length,MyUDH.Text+1,MyUDH.Length-1);
data/gammu-1.41.0/libgammu/service/sms/gsmmulti.c:479:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(SMS->SMS[SMS->Number].Text,Data+p,i);
data/gammu-1.41.0/libgammu/service/sms/gsmmulti.c:760:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Buffer2,Buffer,Length);
data/gammu-1.41.0/libgammu/service/sms/gsmmulti.c:770:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Buffer2,Buffer,Length);
data/gammu-1.41.0/libgammu/service/sms/gsmmulti.c:780:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Buffer2,Buffer,Length);
data/gammu-1.41.0/libgammu/service/sms/gsmmulti.c:790:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Buffer2,Buffer,Length);
data/gammu-1.41.0/libgammu/service/sms/gsmmulti.c:801:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(Buffer,"//SCKE4 ");
data/gammu-1.41.0/libgammu/service/sms/gsmmulti.c:806:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Buffer2,Buffer,Length);
data/gammu-1.41.0/libgammu/service/sms/gsmmulti.c:816:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Buffer2,Buffer,Length);
data/gammu-1.41.0/libgammu/service/sms/gsmmulti.c:841:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Buffer,Info->Entries[0].Buffer,UnicodeLength(Info->Entries[0].Buffer)*2+2);
data/gammu-1.41.0/libgammu/service/sms/gsmmulti.c:859:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Buffer,Info->Entries[0].Buffer,smslen*2);
data/gammu-1.41.0/libgammu/service/sms/gsmmulti.c:887:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Buffer,Info->Entries[0].Buffer,UnicodeLength(Info->Entries[0].Buffer)*2+2);
data/gammu-1.41.0/libgammu/service/sms/gsmmulti.c:991:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Buffer[GSM_MAX_SMS_LENGTH*2*GSM_MAX_MULTI_SMS];
data/gammu-1.41.0/libgammu/service/sms/gsmmulti.c:1003:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Buffer + Length, SMS->SMS[i].Text, SMS->SMS[i].Length);
data/gammu-1.41.0/libgammu/service/sms/gsmmulti.c:1220:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Buffer[GSM_MAX_SMS_LENGTH*2*GSM_MAX_MULTI_SMS];
data/gammu-1.41.0/libgammu/service/sms/gsmmulti.c:1228:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Buffer+Length,SMS->SMS[i].Text,SMS->SMS[i].Length);
data/gammu-1.41.0/libgammu/service/sms/gsmmulti.c:1291:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Info->Entries[0].Bitmap->Bitmap[0].Text,Buffer+i+3,Buffer[i+1]*256+Buffer[i+2]);
data/gammu-1.41.0/libgammu/service/sms/gsmmulti.c:1336:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Info->Entries[0].Buffer + Length, SMS->SMS[i].Text, SMS->SMS[i].Length);
data/gammu-1.41.0/libgammu/service/sms/gsmmulti.c:1351:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Info->Entries[0].Buffer+Length,SMS->SMS[i].Text,UnicodeLength(SMS->SMS[i].Text)*2);
data/gammu-1.41.0/libgammu/service/sms/gsmmulti.c:1404:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Info->Entries[0].File->Buffer+Info->Entries[0].File->Used,SiemensInfo.Data,j);
data/gammu-1.41.0/libgammu/service/sms/gsmmulti.c:1559:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&OutputMessages[OutputMessagesNum]->SMS[0],&InputMessages[i]->SMS[0],sizeof(GSM_SMSMessage));
data/gammu-1.41.0/libgammu/service/sms/gsmmulti.c:1654:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&OutputMessages[OutputMessagesNum]->SMS[j],&InputMessages[z]->SMS[0],sizeof(GSM_SMSMessage));
data/gammu-1.41.0/libgammu/service/sms/gsmmulti.c:1697:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(OutputMessages[OutputMessagesNum],InputMessages[i],sizeof(GSM_MultiSMSMessage));
data/gammu-1.41.0/libgammu/service/sms/gsmmulti.c:1729:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(OutputMessages[OutputMessagesNum],InputMessages[i],sizeof(GSM_MultiSMSMessage));
data/gammu-1.41.0/libgammu/service/sms/gsmmulti.c:1747:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&OutputMessages[OutputMessagesNum]->SMS[0],&InputMessages[i]->SMS[0],sizeof(GSM_SMSMessage));
data/gammu-1.41.0/libgammu/service/sms/gsmmulti.c:1862:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&OutputMessages[OutputMessagesNum]->SMS[j],&InputMessages[z]->SMS[0],sizeof(GSM_SMSMessage));
data/gammu-1.41.0/libgammu/service/sms/gsmmulti.c:1901:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(OutputMessages[OutputMessagesNum],InputMessages[i],sizeof(GSM_MultiSMSMessage));
data/gammu-1.41.0/libgammu/service/sms/gsmsms.c:320:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char output[1024];
data/gammu-1.41.0/libgammu/service/sms/gsmsms.c:361:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(SMS->Text,buffer+(Layout.Text+off),SMS->Length);
data/gammu-1.41.0/libgammu/service/sms/gsmsms.c:515:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char output[161];
data/gammu-1.41.0/libgammu/service/sms/gsmsms.c:775:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(SMS->Text,buffer+(pos + 1+SMS->UDH.Length),SMS->Length);
data/gammu-1.41.0/libgammu/service/sms/gsmsms.c:939:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[200];
data/gammu-1.41.0/libgammu/service/sms/gsmsms.c:951:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer+Layout.Text, SMS->UDH.Text, off); /* we copy the udh */
data/gammu-1.41.0/libgammu/service/sms/gsmsms.c:961:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer+(Layout.Text+off), SMS->Text, MIN(SMS->Length, 140));
data/gammu-1.41.0/libgammu/service/sms/gsmsms.c:1187:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(UDH->Text+1, UDHHeaders[i].Text, UDHHeaders[i].Length);
data/gammu-1.41.0/libgammu/service/sms/gsmsms.c:1255:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Info->DataType,SMS->Text+21,SMS->Text[20]);
data/gammu-1.41.0/libgammu/service/sms/gsmsms.c:1263:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Info->DataName,SMS->Text+current+1,SMS->Text[current]);
data/gammu-1.41.0/libgammu/service/sms/gsmsms.c:1268:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Info->Data,SMS->Text+current,Info->DataLen);
data/gammu-1.41.0/smsd/core.c:275:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Buffer[65535];
data/gammu-1.41.0/smsd/core.c:557:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[GSM_MAX_NUMBER_LENGTH + 1];
data/gammu-1.41.0/smsd/core.c:561:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
listfd = fopen(listfilename, "r");
data/gammu-1.41.0/smsd/core.c:668:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
Config->log_handle = fopen(Config->logfilename, "a");
data/gammu-1.41.0/smsd/core.c:699:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fullpath[PATH_MAX + 1];
data/gammu-1.41.0/smsd/core.c:704:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char config_name[MAX_PATH];
data/gammu-1.41.0/smsd/core.c:732:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(fullpath, ":default:");
data/gammu-1.41.0/smsd/core.c:745:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(config_name, ":default:");
data/gammu-1.41.0/smsd/core.c:771:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
Config->debug_level = atoi(str);
data/gammu-1.41.0/smsd/core.c:810:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(gammucfg->DebugLevel, "textall");
data/gammu-1.41.0/smsd/core.c:1063:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100], name[100];
data/gammu-1.41.0/smsd/core.c:1067:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%d", sms->Number);
data/gammu-1.41.0/smsd/core.c:1075:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%d", sms->SMS[i].Class);
data/gammu-1.41.0/smsd/core.c:1076:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "SMS_%d_CLASS", i + 1);
data/gammu-1.41.0/smsd/core.c:1078:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%d", sms->SMS[i].MessageReference);
data/gammu-1.41.0/smsd/core.c:1079:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "SMS_%d_REFERENCE", i + 1);
data/gammu-1.41.0/smsd/core.c:1081:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "SMS_%d_NUMBER", i + 1);
data/gammu-1.41.0/smsd/core.c:1084:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "SMS_%d_TEXT", i + 1);
data/gammu-1.41.0/smsd/core.c:1091:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%d", SMSInfo.EntriesNum);
data/gammu-1.41.0/smsd/core.c:1101:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "DECODED_%d_TEXT", i + 1);
data/gammu-1.41.0/smsd/core.c:1105:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "DECODED_%d_MMS_SENDER", i + 1);
data/gammu-1.41.0/smsd/core.c:1107:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "DECODED_%d_MMS_TITLE", i + 1);
data/gammu-1.41.0/smsd/core.c:1109:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "DECODED_%d_MMS_ADDRESS", i + 1);
data/gammu-1.41.0/smsd/core.c:1111:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "DECODED_%d_MMS_SIZE", i + 1);
data/gammu-1.41.0/smsd/core.c:1112:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, "%ld", (long)SMSInfo.Entries[i].MMSIndicator->MessageSize);
data/gammu-1.41.0/smsd/core.c:1189:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4097];
data/gammu-1.41.0/smsd/core.c:1344:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/gammu-1.41.0/smsd/core.c:1677:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char destinationnumber[3 * GSM_MAX_NUMBER_LENGTH + 1];
data/gammu-1.41.0/smsd/core.c:2019:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&sms.SMS[0].Text, ussd->Text, UnicodeLength(ussd->Text)*2);
data/gammu-1.41.0/smsd/core.c:2075:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Cache->smsInfo_records + Cache->cache_used, sms, sizeof(*Cache->smsInfo_records));
data/gammu-1.41.0/smsd/core.c:2410:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(status, Config->Status, sizeof(GSM_SMSDStatus));
data/gammu-1.41.0/smsd/core.c:2421:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(status, Config->Status, sizeof(GSM_SMSDStatus));
data/gammu-1.41.0/smsd/core.h:110:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char SMSID[200], prevSMSID[200];
data/gammu-1.41.0/smsd/core.h:150:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char DT[200];
data/gammu-1.41.0/smsd/core.h:151:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char CreatorID[200];
data/gammu-1.41.0/smsd/core.h:156:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * SMSDSQL_queries[SQL_QUERY_LAST_NO];
data/gammu-1.41.0/smsd/core.h:215:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char map_key[MAX_PATH + 20];
data/gammu-1.41.0/smsd/inject.c:177:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char newid[200] = { 0 };
data/gammu-1.41.0/smsd/log-event.c:33:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char program_name[MAX_PATH];
data/gammu-1.41.0/smsd/main.c:262:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
params->max_failures = atoi(optarg);
data/gammu-1.41.0/smsd/main.c:267:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
alarm(atoi(optarg));
data/gammu-1.41.0/smsd/main.c:269:84: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
CreateTimerQueueTimer(&hTimer, NULL, (WAITORTIMERCALLBACK)TimerRoutine, NULL , atoi(optarg) * 1000, 0, 0);
data/gammu-1.41.0/smsd/monitor.c:157:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
delay_seconds = atoi(optarg);
data/gammu-1.41.0/smsd/monitor.c:160:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
limit_loops = atoi(optarg);
data/gammu-1.41.0/smsd/pidfile.c:24:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(pid_file, "r");
data/gammu-1.41.0/smsd/pidfile.c:48:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(pid_file, "w");
data/gammu-1.41.0/smsd/services/dbi.c:302:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/gammu-1.41.0/smsd/services/files.c:72:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char FileName[100], FullName[PATH_MAX], ext[4], buffer[64], buffer2[400];
data/gammu-1.41.0/smsd/services/files.c:84:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ext, "txt");
data/gammu-1.41.0/smsd/services/files.c:86:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ext, "bin");
data/gammu-1.41.0/smsd/services/files.c:102:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(FullName, "r");
data/gammu-1.41.0/smsd/services/files.c:151:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(FullName, "wb");
data/gammu-1.41.0/smsd/services/files.c:209:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char FileName[100], FullName[PATH_MAX];
data/gammu-1.41.0/smsd/services/files.c:210:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Buffer[(GSM_MAX_SMS_LENGTH * GSM_MAX_MULTI_SMS + 1) * 2];
data/gammu-1.41.0/smsd/services/files.c:211:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Buffer2[(GSM_MAX_SMS_LENGTH * GSM_MAX_MULTI_SMS + 1) * 2];
data/gammu-1.41.0/smsd/services/files.c:226:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(FullName, "OUT*.txt*");
data/gammu-1.41.0/smsd/services/files.c:230:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(FullName, "OUT*.smsbackup*");
data/gammu-1.41.0/smsd/services/files.c:335:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
File = fopen(FullName, "rb");
data/gammu-1.41.0/smsd/services/files.c:493:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Buffer[(GSM_MAX_SMS_LENGTH * GSM_MAX_MULTI_SMS + 1) * 2], ifilename[PATH_MAX], ofilename[PATH_MAX];
data/gammu-1.41.0/smsd/services/files.c:529:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
iFile = fopen(ifilename, "r");
data/gammu-1.41.0/smsd/services/files.c:538:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
oFile = fopen(ofilename, "w");
data/gammu-1.41.0/smsd/services/files.c:572:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char FileName[100], FullName[PATH_MAX], ext[17], buffer[64], buffer2[400];
data/gammu-1.41.0/smsd/services/files.c:588:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ext, "smsbackup");
data/gammu-1.41.0/smsd/services/files.c:590:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ext, "txt");
data/gammu-1.41.0/smsd/services/files.c:601:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(FullName, O_CREAT | O_EXCL, 0644);
data/gammu-1.41.0/smsd/services/files.c:640:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(FullName, "wb");
data/gammu-1.41.0/smsd/services/files.c:687:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char FullPath[PATH_MAX];
data/gammu-1.41.0/smsd/services/files.c:690:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char MessageReferenceBuffer[sizeof("MessageReference = \n") + 4];
data/gammu-1.41.0/smsd/services/files.c:734:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(FullPath, "w");
data/gammu-1.41.0/smsd/services/files.c:797:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char emptyPath[1] = "\0";
data/gammu-1.41.0/smsd/services/mysql.c:26:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return atoi(res->my.row[field]);
data/gammu-1.41.0/smsd/services/mysql.c:46:5: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if(atoi(value) > 0){
data/gammu-1.41.0/smsd/services/mysql.c:91:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = atoi(pport);
data/gammu-1.41.0/smsd/services/odbc.c:87:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char shortbuffer[1];
data/gammu-1.41.0/smsd/services/odbc.c:170:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char driver_name[1000];
data/gammu-1.41.0/smsd/services/pgsql.c:32:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return atoi(PQgetvalue(res->pg.res, res->pg.iter, field));
data/gammu-1.41.0/smsd/services/pgsql.c:76:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[400];
data/gammu-1.41.0/smsd/services/pgsql.c:86:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
port = atoi(pport);
data/gammu-1.41.0/smsd/services/pgsql.c:169:9: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return atoi(PQcmdTuples(res->pg.res));
data/gammu-1.41.0/smsd/services/pgsql.c:175:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[100];
data/gammu-1.41.0/smsd/services/pgsql.c:185:7: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
id = atoi(PQgetvalue(rc, 0, 0));
data/gammu-1.41.0/smsd/services/sql-core.h:78:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * retstr[SMSD_ODBC_MAX_RETURN_STRINGS + 1]; /* Return strings */
data/gammu-1.41.0/smsd/services/sql.c:59:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char result[100];
data/gammu-1.41.0/smsd/services/sql.c:119:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char result[100];
data/gammu-1.41.0/smsd/services/sql.c:125:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(result, " AND ");
data/gammu-1.41.0/smsd/services/sql.c:127:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(result, " WHERE ");
data/gammu-1.41.0/smsd/services/sql.c:129:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(result, "ROWNUM <= ");
data/gammu-1.41.0/smsd/services/sql.c:145:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char result[100];
data/gammu-1.41.0/smsd/services/sql.c:166:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char result[100];
data/gammu-1.41.0/smsd/services/sql.c:319:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(static_buff, "0000-00-00 00:00:00");
data/gammu-1.41.0/smsd/services/sql.c:338:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[65536], *ptr, c, static_buff[8192];
data/gammu-1.41.0/smsd/services/sql.c:364:14: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
ptr += sprintf(ptr, "%lli", params[n].v.i);
data/gammu-1.41.0/smsd/services/sql.c:368:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, buffer2, strlen(buffer2));
data/gammu-1.41.0/smsd/services/sql.c:543:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
ptr += sprintf(ptr, "%i", int_to_print);
data/gammu-1.41.0/smsd/services/sql.c:546:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, buffer2, strlen(buffer2));
data/gammu-1.41.0/smsd/services/sql.c:550:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, "NULL", 4);
data/gammu-1.41.0/smsd/services/sql.c:562:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200];
data/gammu-1.41.0/smsd/services/sql.c:606:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[100];
data/gammu-1.41.0/smsd/services/sql.c:720:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char smstext[3 * GSM_MAX_SMS_LENGTH + 1];
data/gammu-1.41.0/smsd/services/sql.c:721:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char destinationnumber[3 * GSM_MAX_NUMBER_LENGTH + 1];
data/gammu-1.41.0/smsd/services/sql.c:722:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char smsc_message[3 * GSM_MAX_NUMBER_LENGTH + 1];
data/gammu-1.41.0/smsd/services/sql.c:849:21: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
locations_pos += sprintf((*Locations) + locations_pos, "%lu ", (long)new_id);
data/gammu-1.41.0/smsd/services/sql.c:971:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ID, "%ld", (long)db->GetNumber(Config, &res, 0));
data/gammu-1.41.0/smsd/services/sql.c:1162:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char creator[200];
data/gammu-1.41.0/smsd/services/sql.c:1210:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(NewID, "%llu", ID);
data/gammu-1.41.0/smsd/services/sql.c:1223:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char smsc[GSM_MAX_NUMBER_LENGTH + 1];
data/gammu-1.41.0/smsd/services/sql.c:1224:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char destination[GSM_MAX_NUMBER_LENGTH + 1];
data/gammu-1.41.0/smsd/services/sql.c:1336:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *args[STRCAT_MAX];
data/gammu-1.41.0/smsd/services/sql.c:1371:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, args[j], len[j]);
data/gammu-1.41.0/smsd/winservice.c:16:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char smsd_service_name[SERVICE_NAME_LENGTH] = "GammuSMSD";
data/gammu-1.41.0/smsd/winservice.c:133:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char config_name[MAX_PATH], program_name[MAX_PATH], commandline[3 * MAX_PATH];
data/gammu-1.41.0/smsd/winservice.c:134:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char service_display_name[MAX_PATH];
data/gammu-1.41.0/smsd/winservice.h:13:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char smsd_service_name[SERVICE_NAME_LENGTH];
data/gammu-1.41.0/tests/at-ccfc-reply.c:22:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[BUFFER_SIZE];
data/gammu-1.41.0/tests/at-ccfc-reply.c:37:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(argv[1], "r");
data/gammu-1.41.0/tests/at-charset.c:51:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[BUFFER_SIZE];
data/gammu-1.41.0/tests/at-charset.c:52:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ubuffer[BUFFER_SIZE * 2];
data/gammu-1.41.0/tests/at-cnmi-reply.c:22:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[BUFFER_SIZE];
data/gammu-1.41.0/tests/at-cnmi-reply.c:36:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(argv[1], "r");
data/gammu-1.41.0/tests/at-creg-reply.c:22:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[BUFFER_SIZE];
data/gammu-1.41.0/tests/at-creg-reply.c:37:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(argv[1], "r");
data/gammu-1.41.0/tests/at-get-smsmemories.c:22:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[BUFFER_SIZE];
data/gammu-1.41.0/tests/at-get-smsmemories.c:36:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(argv[1], "r");
data/gammu-1.41.0/tests/at-getmemory-reply.c:24:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[BUFFER_SIZE];
data/gammu-1.41.0/tests/at-getmemory-reply.c:39:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(argv[1], "r");
data/gammu-1.41.0/tests/at-motorola.c:24:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[2048];
data/gammu-1.41.0/tests/at-parser.c:21:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[BUFFER_SIZE];
data/gammu-1.41.0/tests/at-ussd-reply.c:30:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[BUFFER_SIZE];
data/gammu-1.41.0/tests/at-ussd-reply.c:44:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(argv[1], "r");
data/gammu-1.41.0/tests/atgen/incoming-sms-info.c:25:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(user_data, &msms.SMS[0], sizeof(GSM_SMSMessage));
data/gammu-1.41.0/tests/atgen/incoming-sms.c:21:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(user_data, sms, sizeof(GSM_SMSMessage));
data/gammu-1.41.0/tests/atgen/test_helper.c:18:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char echo[_BUFFER_SIZE];
data/gammu-1.41.0/tests/atgen/test_helper.c:80:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, _echo_buffer.echo, nbytes);
data/gammu-1.41.0/tests/atgen/test_helper.c:82:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, _echo_buffer.echo, read_len);
data/gammu-1.41.0/tests/atgen/test_helper.c:92:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, _response_queue.queue[_response_queue.pos], read_len);
data/gammu-1.41.0/tests/atgen/test_helper.c:181:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(filepath, "r");
data/gammu-1.41.0/tests/atgen/test_sql_time.c:14:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[128] = {0};
data/gammu-1.41.0/tests/atgen/test_sql_time.c:172:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char actual[128];
data/gammu-1.41.0/tests/atgen/test_sql_time.c:194:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char actual[128];
data/gammu-1.41.0/tests/atgen/test_sql_time.c:215:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char actual[128];
data/gammu-1.41.0/tests/atgen/test_sql_time.c:227:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char actual[128];
data/gammu-1.41.0/tests/atgen/test_sql_time.c:245:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char actual[128];
data/gammu-1.41.0/tests/atgen/test_sql_time.c:263:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char actual[128];
data/gammu-1.41.0/tests/atgen/test_sql_time.c:281:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char actual[128];
data/gammu-1.41.0/tests/atgen/test_sql_time.c:299:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char actual[128];
data/gammu-1.41.0/tests/backup-comment.c:14:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[2048];
data/gammu-1.41.0/tests/cal-read.c:23:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[65536];
data/gammu-1.41.0/tests/cal-read.c:50:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(argv[1], "r");
data/gammu-1.41.0/tests/cal-read.c:79:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(backup.Creator, "[iv]Calendar tester");
data/gammu-1.41.0/tests/debug.c:26:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[100];
data/gammu-1.41.0/tests/debug.c:89:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
debug_file = fopen(debug_filename, "w+");
data/gammu-1.41.0/tests/debug.c:105:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
debug_file = fopen(debug_filename, "w+");
data/gammu-1.41.0/tests/debug.c:121:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
debug_file = fopen(debug_filename, "w+");
data/gammu-1.41.0/tests/debug.c:137:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
debug_file = fopen(debug_filename, "w+");
data/gammu-1.41.0/tests/debug.c:153:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
debug_file = fopen(debug_filename, "w+");
data/gammu-1.41.0/tests/debug.c:170:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
debug_file = fopen(debug_filename, "w+");
data/gammu-1.41.0/tests/debug.c:187:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
debug_file = fopen(debug_filename, "w+");
data/gammu-1.41.0/tests/debug.c:204:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
debug_file = fopen(debug_filename, "w+");
data/gammu-1.41.0/tests/debug.c:221:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
debug_file = fopen(debug_filename, "w+");
data/gammu-1.41.0/tests/debug.c:240:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
debug_file = fopen(debug_filename, "w+");
data/gammu-1.41.0/tests/get-model-at.c:22:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[BUFFER_SIZE];
data/gammu-1.41.0/tests/get-model-at.c:36:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(argv[1], "r");
data/gammu-1.41.0/tests/get-smsc-at.c:23:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[BUFFER_SIZE];
data/gammu-1.41.0/tests/get-smsc-at.c:38:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(argv[1], "r");
data/gammu-1.41.0/tests/ldif-read.c:26:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[65536];
data/gammu-1.41.0/tests/ldif-read.c:51:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(argv[1], "r");
data/gammu-1.41.0/tests/ldif-read.c:71:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(backup.Creator, "LDIF tester");
data/gammu-1.41.0/tests/locking.c:17:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen(name, "w");
data/gammu-1.41.0/tests/locking.c:28:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pids[20];
data/gammu-1.41.0/tests/locking.c:31:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(pids, "%d", pid);
data/gammu-1.41.0/tests/obex-vcard-split.c:61:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(argv[1], "r");
data/gammu-1.41.0/tests/obex-vcard-split.c:100:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
test_result(atoi(argv[2]) == Count);
data/gammu-1.41.0/tests/samsung-get-memory.c:24:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[BUFFER_SIZE];
data/gammu-1.41.0/tests/samsung-get-memory.c:39:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(argv[1], "r");
data/gammu-1.41.0/tests/sms-at-encode.c:22:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dumpbuffer[BUFFER_SIZE];
data/gammu-1.41.0/tests/sms-at-encode.c:29:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hexreq[1000];
data/gammu-1.41.0/tests/sms-at-encode.c:60:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(argv[2], "r");
data/gammu-1.41.0/tests/sms-at-encode.c:111:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(argv[2], "w");
data/gammu-1.41.0/tests/sms-at-parse.c:26:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[BUFFER_SIZE];
data/gammu-1.41.0/tests/sms-at-parse.c:45:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(argv[1], "r");
data/gammu-1.41.0/tests/sms-encode-decode.c:10:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char Buffer[800];
data/gammu-1.41.0/tests/sms-nokia-03.c:80:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(file.Buffer, data, sizeof(data));
data/gammu-1.41.0/tests/sms-nokia-05.c:95:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(file.Buffer, data, sizeof(data));
data/gammu-1.41.0/tests/sms-nokia-06.c:68:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(file.Buffer, data, sizeof(data));
data/gammu-1.41.0/tests/sms-nokia-07.c:61:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(file.Buffer, data, sizeof(data));
data/gammu-1.41.0/tests/sms-nokia-08.c:74:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(file.Buffer, data, sizeof(data));
data/gammu-1.41.0/tests/sms-nokia-09.c:86:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(file.Buffer, data, sizeof(data));
data/gammu-1.41.0/tests/sms-nokia-10.c:70:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(file.Buffer, data, sizeof(data));
data/gammu-1.41.0/tests/sms-nokia-11.c:66:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char decoded_text[200];
data/gammu-1.41.0/tests/sms-nokia-11.c:95:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(file.Buffer, data, sizeof(data));
data/gammu-1.41.0/tests/sms-nokia-12.c:39:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char decoded_text[200];
data/gammu-1.41.0/tests/sms-nokia-12.c:68:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(file.Buffer, data, sizeof(data));
data/gammu-1.41.0/tests/sms-nokia-13.c:89:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char decoded_text[200];
data/gammu-1.41.0/tests/sms-nokia-13.c:118:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(file.Buffer, data, sizeof(data));
data/gammu-1.41.0/tests/sms-nokia-14.c:21:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char decoded_text[200];
data/gammu-1.41.0/tests/sms-nokia-15.c:29:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char decoded_text[200];
data/gammu-1.41.0/tests/sms-nokia-16.c:50:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char decoded_text[200];
data/gammu-1.41.0/tests/sms-nokia-16.c:79:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(file.Buffer, data, sizeof(data));
data/gammu-1.41.0/tests/sms-nokia-17.c:62:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char decoded_text[200];
data/gammu-1.41.0/tests/sms-nokia-17.c:91:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(file.Buffer, data, sizeof(data));
data/gammu-1.41.0/tests/sms-nokia-18.c:67:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char decoded_text[200];
data/gammu-1.41.0/tests/sms-nokia-18.c:96:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(file.Buffer, data, sizeof(data));
data/gammu-1.41.0/tests/utf-8.c:14:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char out[200], out2[200];
data/gammu-1.41.0/tests/vcard-read.c:19:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[65536000];
data/gammu-1.41.0/tests/vcard-read.c:20:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vcard_buffer[65536000];
data/gammu-1.41.0/tests/vcard-read.c:51:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(argv[1], "r");
data/gammu-1.41.0/tests/vcard-read.c:82:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(backup.Creator, "vCard tester");
data/gammu-1.41.0/contrib/coveragehelper/coveragehelper.c:56:9: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(commandline, " ");
data/gammu-1.41.0/contrib/coveragehelper/coveragehelper.c:71:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
separator += strlen(ARG_SEPARATOR);
data/gammu-1.41.0/contrib/smscgi/sms_cgi.c:58:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
err_file = alloca(strlen(script_name)+sizeof(ERR_SUFFIX));
data/gammu-1.41.0/contrib/smscgi/sms_cgi.c:91:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(script_name, buffer, data - buffer);
data/gammu-1.41.0/contrib/smscgi/sms_cgi.c:175:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buffer3, ":");
data/gammu-1.41.0/contrib/smscgi/sms_cgi.c:178:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return cgi_write_helper(s, fd, buffer3, strlen(buffer3));
data/gammu-1.41.0/contrib/smscgi/sms_cgi.c:247:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cgi_write_helper(s, child_in[1], buffer, strlen(buffer));
data/gammu-1.41.0/contrib/smscgi/sms_cgi.c:255:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while((ret = read(child_out[0], buffer + offset, 1)) > 0) {
data/gammu-1.41.0/contrib/smscgi/sms_cgi.c:292:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(smsSendBuffer.Text, buffer, strlen(buffer));
data/gammu-1.41.0/contrib/smscgi/smsd.c:96:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(cgi_path, "/");
data/gammu-1.41.0/contrib/sqlreply/c/michal.c:54:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (mysql_real_query(&DB, buf, strlen(buf))) {
data/gammu-1.41.0/contrib/sqlreply/c/michal.c:63:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (mysql_real_query(&DB2, Row2[3], strlen(Row2[3]))) {
data/gammu-1.41.0/contrib/sqlreply/c/michal.c:117:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffe[num][strlen(buffe[num]) + 1] = 0;
data/gammu-1.41.0/contrib/sqlreply/c/michal.c:118:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffe[num][strlen(buffe[num])] = b[0];
data/gammu-1.41.0/contrib/sqlreply/c/michal.c:136:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf4[strlen(buf4) + 1] = 0;
data/gammu-1.41.0/contrib/sqlreply/c/michal.c:137:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf4[strlen(buf4)] = b[0];
data/gammu-1.41.0/contrib/sqlreply/c/michal.c:170:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < strlen(buf); i++) {
data/gammu-1.41.0/contrib/sqlreply/c/michal.c:175:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf3[strlen(buf3) + 1] = 0;
data/gammu-1.41.0/contrib/sqlreply/c/michal.c:176:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf3[strlen(buf3)] = buf[i];
data/gammu-1.41.0/contrib/sqlreply/c/michal.c:193:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < strlen(Row2[10]); i++) {
data/gammu-1.41.0/contrib/sqlreply/c/michal.c:202:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf3[strlen(buf3) + 1] = 0;
data/gammu-1.41.0/contrib/sqlreply/c/michal.c:203:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf3[strlen(buf3)] = Row2[10][i];
data/gammu-1.41.0/contrib/sqlreply/c/michal.c:205:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf4[strlen(buf4) + 1] = 0;
data/gammu-1.41.0/contrib/sqlreply/c/michal.c:206:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buf4[strlen(buf4)] = Row2[10][i];
data/gammu-1.41.0/contrib/sqlreply/c/michal.c:217:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (mysql_real_query(&DB2, buf3, strlen(buf3))) {
data/gammu-1.41.0/contrib/sqlreply/c/michal.c:227:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (mysql_real_query(&DB2, buf4, strlen(buf4))) {
data/gammu-1.41.0/contrib/sqlreply/c/michal.c:269:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (mysql_real_query(&DB, buf, strlen(buf))) {
data/gammu-1.41.0/contrib/sqlreply/c/michal.c:283:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (mysql_real_query(&DB, buf, strlen(buf))) {
data/gammu-1.41.0/contrib/sqlreply/c/michal.c:302:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(2000);
data/gammu-1.41.0/contrib/win32/smsd_mfc/about.cpp:30:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(GetCompiler()) != 0) {
data/gammu-1.41.0/contrib/win32/smsd_mfc/about.cpp:45:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(GetOS()) != 0) {
data/gammu-1.41.0/contrib/win32/smsd_mfc/main.cpp:49:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DecodeHexUnicode(buf, (unsigned char *)Text, strlen(Text));
data/gammu-1.41.0/contrib/win32/smsd_mfc/main.cpp:59:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(DT)<14) {
data/gammu-1.41.0/contrib/win32/smsd_mfc/main.cpp:179:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (mysql_real_query(GetDocument()->DB,buf,strlen(buf))) {
data/gammu-1.41.0/contrib/win32/smsd_mfc/main.cpp:273:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(something+strlen(something),"%s",GetDocument()->FID);
data/gammu-1.41.0/contrib/win32/smsd_mfc/main.cpp:274:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (mysql_real_query(GetDocument()->DB,something,strlen(something))) {
data/gammu-1.41.0/contrib/win32/smsd_mfc/main.cpp:296:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(something+strlen(something),"%s",GetDocument()->FID);
data/gammu-1.41.0/contrib/win32/smsd_mfc/main.cpp:297:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (mysql_real_query(GetDocument()->DB,something,strlen(something))) {
data/gammu-1.41.0/contrib/win32/smsd_mfc/main.cpp:319:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(something+strlen(something),"%s",GetDocument()->FID);
data/gammu-1.41.0/contrib/win32/smsd_mfc/main.cpp:320:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (mysql_real_query(GetDocument()->DB,something,strlen(something))) {
data/gammu-1.41.0/contrib/win32/smsd_mfc/main.cpp:339:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(something+strlen(something),"%s",GetDocument()->FID);
data/gammu-1.41.0/contrib/win32/smsd_mfc/main.cpp:340:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(something+strlen(something)," and SequencePosition=%i limit 1",i);
data/gammu-1.41.0/contrib/win32/smsd_mfc/main.cpp:341:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (mysql_real_query(GetDocument()->DB,something,strlen(something))) {
data/gammu-1.41.0/contrib/win32/smsd_mfc/main.cpp:365:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(something+strlen(something),"%s",GetDocument()->FID);
data/gammu-1.41.0/contrib/win32/smsd_mfc/main.cpp:366:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (mysql_real_query(GetDocument()->DB,something,strlen(something))) {
data/gammu-1.41.0/contrib/win32/smsd_mfc/main.cpp:522:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (mysql_real_query(GetDocument()->DB,phones,strlen(phones))) {
data/gammu-1.41.0/contrib/win32/smsd_mfc/main.cpp:574:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (mysql_real_query(GetDocument()->DB,inbox,strlen(inbox))) {
data/gammu-1.41.0/contrib/win32/smsd_mfc/main.cpp:635:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (mysql_real_query(GetDocument()->DB,outbox,strlen(outbox))) {
data/gammu-1.41.0/contrib/win32/smsd_mfc/main.cpp:652:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(something+strlen(something),"%s",Row[8]);
data/gammu-1.41.0/contrib/win32/smsd_mfc/main.cpp:653:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (mysql_real_query(GetDocument()->DB,something,strlen(something))) {
data/gammu-1.41.0/contrib/win32/smsd_mfc/main.cpp:701:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (mysql_real_query(GetDocument()->DB,sent,strlen(sent))) {
data/gammu-1.41.0/docs/examples/long-sms.c:86:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(message_unicode, message_text, strlen(message_text));
data/gammu-1.41.0/docs/examples/long-sms.c:147:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(SMS.SMS[i].Number, recipient_number, strlen(recipient_number));
data/gammu-1.41.0/docs/examples/sms-send.c:73:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(sms.Text, message_text, strlen(message_text));
data/gammu-1.41.0/docs/examples/sms-send.c:75:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(sms.Number, recipient_number, strlen(recipient_number));
data/gammu-1.41.0/gammu-detect/udev.c:44:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
g_return_if_fail(indent < sizeof(real_fmt) - 2 - strlen(fmt));
data/gammu-1.41.0/gammu-detect/udev.c:49:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
real_fmt[i + 2 + strlen(fmt)] = '\n';
data/gammu-1.41.0/gammu-detect/udev.c:50:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
real_fmt[i + 2 + strlen(fmt) + 1] = '\0';
data/gammu-1.41.0/gammu-detect/udev.c:82:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(*iter) > namelen)
data/gammu-1.41.0/gammu-detect/udev.c:83:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
namelen = strlen(*iter);
data/gammu-1.41.0/gammu-detect/udev.c:89:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(propstr, ":");
data/gammu-1.41.0/gammu-detect/udev.c:90:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < namelen - strlen(*iter); i++)
data/gammu-1.41.0/gammu-detect/udev.c:91:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(propstr, " ");
data/gammu-1.41.0/gammu-detect/win32-serial.c:42:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; buffer[i] != 0 && i < chars; i += strlen(buffer + i) + 1) {
data/gammu-1.41.0/gammu/backup.c:357:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(GetOS()) != 0) {
data/gammu-1.41.0/gammu/backup.c:358:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcat(Backup.Creator+strlen(Backup.Creator),", ");
data/gammu-1.41.0/gammu/backup.c:359:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcat(Backup.Creator+strlen(Backup.Creator),GetOS());
data/gammu-1.41.0/gammu/backup.c:361:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(GetCompiler()) != 0) {
data/gammu-1.41.0/gammu/backup.c:362:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcat(Backup.Creator+strlen(Backup.Creator),", ");
data/gammu-1.41.0/gammu/backup.c:363:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcat(Backup.Creator+strlen(Backup.Creator),GetCompiler());
data/gammu-1.41.0/gammu/backup.c:381:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(Backup.Model," ");
data/gammu-1.41.0/gammu/backup.c:387:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(Backup.Model,")");
data/gammu-1.41.0/gammu/backup.c:389:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(Backup.Model," ");
data/gammu-1.41.0/gammu/calendar.c:887:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Length = strlen(argv[2]);
data/gammu-1.41.0/gammu/depend/nokia/dct3.c:216:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(400000);
data/gammu-1.41.0/gammu/depend/nokia/dct3.c:388:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buffer,uni,5);
data/gammu-1.41.0/gammu/depend/nokia/dct3.c:396:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buffer,uni+16,4);
data/gammu-1.41.0/gammu/depend/nokia/dct3.c:404:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buffer,uni+20,4);
data/gammu-1.41.0/gammu/depend/nokia/dct3.c:412:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buffer,uni+5,10);
data/gammu-1.41.0/gammu/depend/nokia/dct3.c:727:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(req+7,argv[3],200);
data/gammu-1.41.0/gammu/depend/nokia/dct3.c:728:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(argv[3]);
data/gammu-1.41.0/gammu/depend/nokia/dct3.c:778:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(10000);
data/gammu-1.41.0/gammu/depend/nokia/dct3trac/wmx-list.c:93:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int l = strlen(data);
data/gammu-1.41.0/gammu/depend/nokia/dct3trac/wmx.c:462:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(10000);
data/gammu-1.41.0/gammu/depend/nokia/dct4.c:474:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(10000);
data/gammu-1.41.0/gammu/depend/siemens/dsiemens.c:49:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(GetLineString(msg->Buffer,&Priv->Lines,2))-7;
data/gammu-1.41.0/gammu/depend/siemens/dsiemens.c:59:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(GetLineString(msg->Buffer,&Priv->Lines,3))-7;
data/gammu-1.41.0/gammu/depend/siemens/dsiemens.c:235:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (strlen(GetLineString(msg->Buffer,&Priv->Lines,i+1)))
data/gammu-1.41.0/gammu/depend/siemens/dsiemens.c:258:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(reqSAT[i]);
data/gammu-1.41.0/gammu/depend/siemens/dsiemens.c:330:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode (pbk.Entries[0].Text,NetMonCode,strlen(NetMonCode));
data/gammu-1.41.0/gammu/depend/siemens/dsiemens.c:334:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode (pbk.Entries[1].Text,NetMonCode,strlen(NetMonCode));
data/gammu-1.41.0/gammu/files.c:244:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DecodeUTF8QuotedPrintable(Files.ID_FullName, argv[2], strlen(argv[2]));
data/gammu-1.41.0/gammu/files.c:298:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DecodeUTF8QuotedPrintable(Files.ID_FullName, argv[2], strlen(argv[2]));
data/gammu-1.41.0/gammu/files.c:432:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (j = strlen(buffer) - 1; j > 0; j--) {
data/gammu-1.41.0/gammu/files.c:489:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(argv[i]));
data/gammu-1.41.0/gammu/files.c:536:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(argv[i]));
data/gammu-1.41.0/gammu/files.c:649:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(argv[optint]));
data/gammu-1.41.0/gammu/files.c:654:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(File.Name, argv[optint], strlen(argv[optint]));
data/gammu-1.41.0/gammu/files.c:655:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = strlen(argv[optint]) - 1; i > 0; i--) {
data/gammu-1.41.0/gammu/files.c:661:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(argv[optint]) - i - 1);
data/gammu-1.41.0/gammu/files.c:769:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DecodeUTF8QuotedPrintable(File.ID_FullName, argv[2], strlen(argv[2]));
data/gammu-1.41.0/gammu/files.c:770:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(File.Name, argv[3], strlen(argv[3]));
data/gammu-1.41.0/gammu/files.c:790:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DecodeUTF8QuotedPrintable(buffer, argv[2], strlen(argv[2]));
data/gammu-1.41.0/gammu/files.c:807:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DecodeUTF8QuotedPrintable(buffer, argv[i], strlen(argv[i]));
data/gammu-1.41.0/gammu/gammu.c:292:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(RSS_STABLE_STRING);
data/gammu-1.41.0/gammu/gammu.c:310:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(RSS_TESTING_STRING);
data/gammu-1.41.0/gammu/gammu.c:399:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (pos = strlen(ln) - 1; pos >= 0; pos--) {
data/gammu-1.41.0/gammu/gammu.c:407:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(ln) < 1 || ln[0] == '#') {
data/gammu-1.41.0/gammu/gammu.c:417:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(ln);
data/gammu-1.41.0/gammu/gammu.c:429:11: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(argsv[argsc], ln + j, n);
data/gammu-1.41.0/gammu/gammu.c:441:11: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(argsv[argsc], ln + j, n);
data/gammu-1.41.0/gammu/gammu.c:823:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len2 = strlen(buff);
data/gammu-1.41.0/gammu/gammu.c:828:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(spaces, " ");
data/gammu-1.41.0/gammu/gammu.c:832:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (strlen(remain) > 0) {
data/gammu-1.41.0/gammu/gammu.c:853:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
remain += strlen(remain);
data/gammu-1.41.0/gammu/gammu.c:857:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buffer, remain, split);
data/gammu-1.41.0/gammu/gammu.c:970:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(Parameters[j].parameter) + 1,
data/gammu-1.41.0/gammu/memory.c:314:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Length = strlen(argv[2]);
data/gammu-1.41.0/gammu/memory.c:378:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Length = strlen(argv[2]);
data/gammu-1.41.0/gammu/message.c:188:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(smsc.Number, argv[3], strlen(argv[3]));
data/gammu-1.41.0/gammu/message.c:684:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(buffer,argv[2],strlen(argv[2]));
data/gammu-1.41.0/gammu/misc.c:394:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fname = (char *)malloc(strlen(argv[2]) + strlen(ext) + 1);
data/gammu-1.41.0/gammu/misc.c:394:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fname = (char *)malloc(strlen(argv[2]) + strlen(ext) + 1);
data/gammu-1.41.0/gammu/misc.c:962:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(File.ID_FullName,buffer,strlen(buffer));
data/gammu-1.41.0/gammu/misc.c:1065:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(Bitmap.Text,argv[3],strlen(argv[3]));
data/gammu-1.41.0/gammu/misc.c:1072:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(Bitmap.Text,argv[3],strlen(argv[3]));
data/gammu-1.41.0/gammu/misc.c:1115:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (argc == 6) EncodeUnicode(Bitmap.Text,argv[5],strlen(argv[5]));
data/gammu-1.41.0/gammu/misc.c:1124:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(Bitmap.NetworkCode,argv[4],6);
data/gammu-1.41.0/gammu/misc.c:1152:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(MultiBitmap.Bitmap[0].NetworkCode,argv[4],6);
data/gammu-1.41.0/gammu/misc.c:1207:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(ringtone.Name,argv[i],strlen(argv[i]));
data/gammu-1.41.0/gammu/misc.c:1833:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Length = strlen(argv[3]);
data/gammu-1.41.0/gammu/misc.c:1890:7: [1] (buffer) fscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
if (fscanf(stdin, "%15s", Code.Code) != 1) {
data/gammu-1.41.0/gammu/misc.c:1912:8: [1] (buffer) fscanf:
It's unclear if the %s limit in the format string is small enough
(CWE-120). Check that the limit is sufficiently small, or use a different
input function.
if (fscanf(stdin, "%15s", Code.Code) != 1) {
data/gammu-1.41.0/gammu/misc.c:2283:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(request.Number,argv[5],strlen(argv[5]));
data/gammu-1.41.0/gammu/nokia.c:281:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Entry->Name = malloc(strlen(DecodeUnicodeString(Files.ID_FullName))+1);
data/gammu-1.41.0/gammu/nokia.c:290:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Entry->NameUP = malloc(strlen(DecodeUnicodeString(Files.ID_FullName))+1);
data/gammu-1.41.0/gammu/nokia.c:291:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < strlen(DecodeUnicodeString(Files.ID_FullName)) + 1; i++) {
data/gammu-1.41.0/gammu/nokia.c:333:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(Buffer2+UnicodeLength(Buffer2)*2,Buffer,strlen(Buffer));
data/gammu-1.41.0/gammu/nokia.c:378:72: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Files2.Buffer = (unsigned char *)realloc(Files2.Buffer, Files2.Used+strlen(Entry->Name) + 2 + 1);
data/gammu-1.41.0/gammu/nokia.c:380:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Files2.Used += strlen(Entry->Name) + 2;
data/gammu-1.41.0/gammu/nokia.c:593:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(Files.ID_FullName,Folder[i].folder,strlen(Folder[i].folder));
data/gammu-1.41.0/gammu/nokia.c:615:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(Files.ID_FullName,Folder[i].folder,strlen(Folder[i].folder));
data/gammu-1.41.0/gammu/nokia.c:634:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(buffer,Folder[i].folder,strlen(Folder[i].folder));
data/gammu-1.41.0/gammu/nokia.c:651:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DecodeHexUnicode (buffer, Folder[i].folder,strlen(Folder[i].folder));
data/gammu-1.41.0/gammu/nokia.c:744:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
File.Buffer = realloc(File.Buffer,File.Used + strlen(buffer));
data/gammu-1.41.0/gammu/nokia.c:745:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(File.Buffer+File.Used,buffer,strlen(buffer));
data/gammu-1.41.0/gammu/nokia.c:746:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
File.Used += strlen(buffer);
data/gammu-1.41.0/gammu/nokia.c:755:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(JAR)-1;
data/gammu-1.41.0/gammu/nokia.c:798:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(File.Name,buffer,strlen(buffer));
data/gammu-1.41.0/gammu/nokia.c:827:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(buffer);
data/gammu-1.41.0/gammu/nokia.c:863:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(Name);
data/gammu-1.41.0/gammu/nokia.c:886:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffer[strlen(buffer) - 1] = 'd';
data/gammu-1.41.0/gammu/nokia.c:887:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(File.Name,buffer,strlen(buffer));
data/gammu-1.41.0/gammu/nokia.c:907:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(File.Name,buffer,strlen(buffer));
data/gammu-1.41.0/gammu/nokia.c:975:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(File.Name,buffer,strlen(buffer));
data/gammu-1.41.0/gammu/nokia.c:976:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=strlen(buffer)-1;i>0;i--) {
data/gammu-1.41.0/gammu/nokia.c:980:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(File.Name,buffer+i+1,strlen(buffer)-i-1);
data/gammu-1.41.0/gammu/search.c:115:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (j = 0; strlen(Info->Connections[j].Connection) != 0; j++) {
data/gammu-1.41.0/helper/message-cmdline.c:189:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(RemoteNumber, argv[typearg + 1], strlen(argv[typearg + 1]));
data/gammu-1.41.0/helper/message-cmdline.c:1046:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(RemoteNumber,argv[i],strlen(argv[i]));
data/gammu-1.41.0/helper/message-cmdline.c:1054:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(SMSC,argv[i],strlen(argv[i]));
data/gammu-1.41.0/helper/message-cmdline.c:1077:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(bitmap[0]->Bitmap[0].Text,argv[i],strlen(argv[i]));
data/gammu-1.41.0/helper/message-cmdline.c:1082:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(bitmap[0]->Bitmap[0].NetworkCode,argv[i],7);
data/gammu-1.41.0/helper/message-cmdline.c:1148:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(Buffer[SMSInfo.EntriesNum],argv[i],strlen(argv[i]));
data/gammu-1.41.0/helper/message-cmdline.c:1228:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(j=0;j<(int)strlen(argv[i]);j++) {
data/gammu-1.41.0/helper/message-cmdline.c:1273:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(Buffer[0],argv[i],strlen(argv[i]));
data/gammu-1.41.0/helper/message-cmdline.c:1296:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(argv[i])>GSM_MAX_SMS_NAME_LENGTH) {
data/gammu-1.41.0/helper/message-cmdline.c:1299:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(Name, argv[i],strlen(argv[i]));
data/gammu-1.41.0/helper/message-cmdline.c:1304:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
chars_read = strlen(argv[i]);
data/gammu-1.41.0/helper/message-cmdline.c:1310:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
chars_read = strlen(argv[i]);
data/gammu-1.41.0/helper/message-display.c:143:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(sms->Text);
data/gammu-1.41.0/include/gammu-misc.h:75:13: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
# define usleep(x) Sleep(((x) < 1000) ? 1 : ((x) / 1000))
data/gammu-1.41.0/libgammu/api.c:65:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(useconds); \
data/gammu-1.41.0/libgammu/debug.c:110:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos = end + strlen("\n");
data/gammu-1.41.0/libgammu/debug.c:146:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (info == NULL || strlen(info) == 0) {
data/gammu-1.41.0/libgammu/device/bluetooth/blue_w32.c:163:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=strlen(addressAsString)-1;i>0;i--) {
data/gammu-1.41.0/libgammu/device/devfunc.c:234:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(aux) + strlen(lock_path);
data/gammu-1.41.0/libgammu/device/devfunc.c:234:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(aux) + strlen(lock_path);
data/gammu-1.41.0/libgammu/device/devfunc.c:251:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
n = read(fd, buf, sizeof(buf) - 1);
data/gammu-1.41.0/libgammu/device/devfunc.c:266:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
n = read(fd, &pid, sizeof(int));
data/gammu-1.41.0/libgammu/device/devfunc.c:315:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wrotebytes = write(fd, buffer, strlen(buffer));
data/gammu-1.41.0/libgammu/device/devfunc.c:318:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (wrotebytes != strlen(buffer)) {
data/gammu-1.41.0/libgammu/device/irda/irda.c:123:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(10000);
data/gammu-1.41.0/libgammu/device/proxy/proxy.c:152:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
actual = read(d->hRead, buf, nbytes);
data/gammu-1.41.0/libgammu/device/proxy/proxy.c:189:5: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1000);
data/gammu-1.41.0/libgammu/device/proxy/proxy.c:201:45: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
if (s->ConnectionType == GCT_FBUS2PL2303) usleep(1000);
data/gammu-1.41.0/libgammu/device/serial/ser_unx.c:396:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
actual = read(d->hPhone, buf, nbytes);
data/gammu-1.41.0/libgammu/device/serial/ser_unx.c:415:5: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1000);
data/gammu-1.41.0/libgammu/device/serial/ser_unx.c:427:45: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
if (s->ConnectionType == GCT_FBUS2PL2303) usleep(1000);
data/gammu-1.41.0/libgammu/device/serial/ser_w32.c:168:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(DeviceName2) == 0) {
data/gammu-1.41.0/libgammu/device/serial/ser_w32.c:184:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(DeviceName2) == 0) {
data/gammu-1.41.0/libgammu/device/serial/ser_w32.c:193:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strncasecmp(DeviceName2,"com",3) == 0 && strlen(DeviceName2)>3)) {
data/gammu-1.41.0/libgammu/device/usb/usb.c:491:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1000);
data/gammu-1.41.0/libgammu/device/usb/usb.c:522:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1000);
data/gammu-1.41.0/libgammu/gsmcomon.c:46:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (path == NULL || strlen(path) == 0) {
data/gammu-1.41.0/libgammu/gsmphones.c:170:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
while (strlen(pos) > 0) {
data/gammu-1.41.0/libgammu/gsmstate.c:779:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(GetOS()) != 0) {
data/gammu-1.41.0/libgammu/gsmstate.c:785:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
smprintf(s,"%c",((unsigned char)strlen(GAMMU_VERSION)));
data/gammu-1.41.0/libgammu/gsmstate.c:943:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(5000);
data/gammu-1.41.0/libgammu/gsmstate.c:1009:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(10000);
data/gammu-1.41.0/libgammu/gsmstate.c:1096:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strlen(Reply[i].msgtype) < 2) {
data/gammu-1.41.0/libgammu/gsmstate.c:1108:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(Reply[i].msgtype) < msg->Length) {
data/gammu-1.41.0/libgammu/gsmstate.c:1109:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(Reply[i].msgtype,msg->Buffer,strlen(Reply[i].msgtype))==0) {
data/gammu-1.41.0/libgammu/gsmstate.c:1445:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp = (char *)malloc(strlen(home) + strlen(*string) + 2);
data/gammu-1.41.0/libgammu/gsmstate.c:1445:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp = (char *)malloc(strlen(home) + strlen(*string) + 2);
data/gammu-1.41.0/libgammu/gsmstate.c:1600:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(Temp) >= sizeof(cfg->Model))
data/gammu-1.41.0/libgammu/gsmstate.c:1611:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(Temp) >= sizeof(cfg->DebugLevel))
data/gammu-1.41.0/libgammu/gsmstate.c:1626:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(Temp) >= sizeof(cfg->TextReminder))
data/gammu-1.41.0/libgammu/gsmstate.c:1636:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(Temp) >= sizeof(cfg->TextMeeting))
data/gammu-1.41.0/libgammu/gsmstate.c:1646:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(Temp) >= sizeof(cfg->TextCall))
data/gammu-1.41.0/libgammu/gsmstate.c:1656:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(Temp) >= sizeof(cfg->TextBirthday))
data/gammu-1.41.0/libgammu/gsmstate.c:1666:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(Temp) >= sizeof(cfg->TextMemo))
data/gammu-1.41.0/libgammu/gsmstate.c:1801:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=0;i<(int)strlen(lpMsgBuf);i++) {
data/gammu-1.41.0/libgammu/gsmstate.h:1547:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
GSM_WaitFor(s,buffer,strlen(buffer),type,timeout,request)
data/gammu-1.41.0/libgammu/misc/coding/coding.c:1073:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(Buffer, "");
data/gammu-1.41.0/libgammu/misc/coding/coding.c:1137:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(retval,Buffer,strlen(Buffer));
data/gammu-1.41.0/libgammu/misc/coding/coding.c:1210:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length=GSM_PackSevenBitsToEight(0, buffer, Output+1, strlen(buffer))*2;
data/gammu-1.41.0/libgammu/misc/coding/coding.c:1211:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buffer)==7) length--;
data/gammu-1.41.0/libgammu/misc/coding/coding.c:1777:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=0;i<strlen(text);i++) {
data/gammu-1.41.0/libgammu/misc/coding/coding.c:2087:3: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(tmp, lastpos, pos - lastpos);
data/gammu-1.41.0/libgammu/misc/coding/coding.c:2101:4: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(tmp, lastpos, 1);
data/gammu-1.41.0/libgammu/misc/coding/coding.c:2118:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmplen = strlen(tmp);
data/gammu-1.41.0/libgammu/misc/coding/coding.c:2122:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(tmp, "&");
data/gammu-1.41.0/libgammu/misc/coding/coding.c:2124:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(tmp, "'");
data/gammu-1.41.0/libgammu/misc/coding/coding.c:2126:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(tmp, ">");
data/gammu-1.41.0/libgammu/misc/coding/coding.c:2128:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(tmp, "<");
data/gammu-1.41.0/libgammu/misc/coding/coding.c:2130:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(tmp, "\"");
data/gammu-1.41.0/libgammu/misc/coding/coding.c:2133:4: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(tmp, lastpos, pos_end - pos + 1);
data/gammu-1.41.0/libgammu/misc/coding/coding.c:2141:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DecodeUTF8(dest, tmp, strlen(tmp));
data/gammu-1.41.0/libgammu/misc/misc.c:151:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(DayOfWeekChar,"");
data/gammu-1.41.0/libgammu/misc/misc.c:332:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(retval2,")");
data/gammu-1.41.0/libgammu/misc/misc.c:376:15: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(retval2,")");
data/gammu-1.41.0/libgammu/misc/misc.c:413:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
num = strlen(Line) - 1;
data/gammu-1.41.0/libgammu/misc/misc.c:418:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen(Line);
data/gammu-1.41.0/libgammu/misc/misc.c:633:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(Buffer+strlen(Buffer), sizeof(Buffer) - 1 - strlen(Buffer)," Home");
data/gammu-1.41.0/libgammu/misc/misc.c:633:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(Buffer+strlen(Buffer), sizeof(Buffer) - 1 - strlen(Buffer)," Home");
data/gammu-1.41.0/libgammu/misc/misc.c:635:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(Buffer+strlen(Buffer), sizeof(Buffer) - 1 - strlen(Buffer)," Pro");
data/gammu-1.41.0/libgammu/misc/misc.c:635:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(Buffer+strlen(Buffer), sizeof(Buffer) - 1 - strlen(Buffer)," Pro");
data/gammu-1.41.0/libgammu/misc/misc.c:654:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(Buffer+strlen(Buffer), sizeof(Buffer) - 1 - strlen(Buffer)," SP%i",Ver.wServicePackMajor);
data/gammu-1.41.0/libgammu/misc/misc.c:654:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(Buffer+strlen(Buffer), sizeof(Buffer) - 1 - strlen(Buffer)," SP%i",Ver.wServicePackMajor);
data/gammu-1.41.0/libgammu/misc/misc.c:740:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(latest_version);
data/gammu-1.41.0/libgammu/misc/misc.c:759:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(buff, buff + i, strlen(buff + i));
data/gammu-1.41.0/libgammu/misc/misc.c:761:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(buff) - 1;
data/gammu-1.41.0/libgammu/misc/string.c:19:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(find);
data/gammu-1.41.0/libgammu/misc/string.c:37:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ret == NULL) return s + strlen(s);
data/gammu-1.41.0/libgammu/misc/strptime.c:210:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(_ctloc(day[i]));
data/gammu-1.41.0/libgammu/misc/strptime.c:215:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(_ctloc(abday[i]));
data/gammu-1.41.0/libgammu/misc/strptime.c:234:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(_ctloc(mon[i]));
data/gammu-1.41.0/libgammu/misc/strptime.c:239:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(_ctloc(abmon[i]));
data/gammu-1.41.0/libgammu/misc/strptime.c:308:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(_ctloc(am_pm[0]));
data/gammu-1.41.0/libgammu/misc/strptime.c:319:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(_ctloc(am_pm[1]));
data/gammu-1.41.0/libgammu/misc/win32-dirent.c:36:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dir = calloc (1, sizeof *dir + strlen (name));
data/gammu-1.41.0/libgammu/misc/win32-dirent.c:64:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen (dir->dd_name);
data/gammu-1.41.0/libgammu/misc/win32-dirent.c:95:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (xdirent->d_name, fInfo.cFileName, FILENAME_MAX -1 );
data/gammu-1.41.0/libgammu/misc/win32-dirent.c:97:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
xdirent->d_namlen = strlen( xdirent->d_name );
data/gammu-1.41.0/libgammu/phone/alcatel/alcatel.c:544:2: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(100000);
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:241:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t cpmsCmdReqLength = strlen(cpmsCmdReq);
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:424:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
error = ATGEN_WaitFor(s, command, strlen(command), 0x00, 20, requestId);
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:529:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(PDU);
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:740:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove (buffer, ptr, strlen (ptr) + 1);
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:828:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(sms->Number,buffer+1,strlen(buffer)-2);
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:843:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(buffer);
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:870:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(sms->Number,buffer+1,strlen(buffer)-2);
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:872:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buffer)!=0) {
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:873:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(sms->Number,buffer+1,strlen(buffer)-2);
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:929:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(sms->SMSC.Number,buffer+1,strlen(buffer)-2);
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:1200:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(str) >= GSM_AT_MAXPDULEN) {
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:1947:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(100000);
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:1954:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(500000);
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:1962:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(100000);
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:2097:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(100000);
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:2104:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(500000);
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:2107:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(100000);
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:2159:2: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(strlen(req)*1000);
data/gammu-1.41.0/libgammu/phone/at/at-sms.c:2159:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
usleep(strlen(req)*1000);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:574:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(output);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:583:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(output);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:593:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(output);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:598:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(output);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:602:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(output);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:606:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(output);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:610:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(output);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:614:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(output);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:618:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(output);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:622:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(output);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:701:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!ATGEN_IsNumber(buffer, strlen(buffer))) {
data/gammu-1.41.0/libgammu/phone/at/atgen.c:789:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (2 * strlen(buffer) >= outlength) {
data/gammu-1.41.0/libgammu/phone/at/atgen.c:793:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DecodeDefault(output, buffer, strlen(buffer), TRUE, NULL);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1013:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(input, _input, 100);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1020:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (input[strlen(pos) - 1] == ',') input[strlen(pos) - 1] = 0;
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1020:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (input[strlen(pos) - 1] == ',') input[strlen(pos) - 1] = 0;
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1026:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (input[strlen(pos) - 1] == '"') input[strlen(pos) - 1] = 0;
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1026:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (input[strlen(pos) - 1] == '"') input[strlen(pos) - 1] = 0;
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1031:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos, strlen(pos),
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1043:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(pos);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1226:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffer, strlen(buffer),
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1246:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffer, strlen(buffer),
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1280:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
search_pos, strlen(search_pos),
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1299:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DecodeUTF8(out_s, buffer, strlen(buffer));
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1324:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DecodeUTF8(out_s, search_pos, strlen(search_pos));
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1336:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffer, strlen(buffer),
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1354:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (buffer[0] == 0x02 && buffer[strlen(buffer) - 1] == 0x03) {
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1355:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(buffer, buffer + 1, strlen(buffer) - 2);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1356:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffer[strlen(buffer) - 2] = 0;
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1359:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DecodeUTF8(out_s, buffer, strlen(buffer));
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1370:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buffer) > storage_size) {
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1392:8: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buffer, ",");
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1398:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buffer) != 0) {
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1584:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(err + j, ErrorCodes[k].Text, strlen(ErrorCodes[k].Text))) {
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1761:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DecodeHexBin(packed, hex_encoded, strlen(hex_encoded));
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1762:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
GSM_UnpackEightBitsToSeven(0, strlen(hex_encoded), sizeof(decoded), packed, decoded);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1763:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DecodeDefault(ussd.Text, decoded, strlen(decoded), TRUE, NULL);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1765:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
error = ATGEN_DecodeText(s, hex_encoded, strlen(hex_encoded), ussd.Text, sizeof(ussd.Text) - 1, FALSE, FALSE);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1771:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DecodeHexUnicode(ussd.Text, hex_encoded, strlen(hex_encoded));
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1773:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DecodeHexBin(decoded, hex_encoded, strlen(hex_encoded));
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1774:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
GSM_UnpackEightBitsToSeven(0, strlen(hex_encoded), sizeof(decoded), packed, decoded);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1775:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DecodeDefault(ussd.Text, decoded, strlen(decoded), TRUE, NULL);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1880:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos2 = pos + strlen(pos);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1895:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(Data->Model, pos, MIN(1 + pos2 - pos, GSM_MAX_MODEL_LENGTH));
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1984:72: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(s->Phone.Data.Manufacturer, s->Phone.Data.Manufacturer + 7, strlen(s->Phone.Data.Manufacturer + 7) + 1);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1988:73: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(s->Phone.Data.Manufacturer, s->Phone.Data.Manufacturer + 14, strlen(s->Phone.Data.Manufacturer + 14) + 1);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:1991:72: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(s->Phone.Data.Manufacturer, s->Phone.Data.Manufacturer + 3, strlen(s->Phone.Data.Manufacturer + 3) + 1);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:2079:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(s->Phone.Data.Version, s->Phone.Data.Version + 7, strlen(s->Phone.Data.Version + 7) + 1);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:2084:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(s->Phone.Data.Version, s->Phone.Data.Version + 10, strlen(s->Phone.Data.Version + 10) + 1);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:2089:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(s->Phone.Data.Version, s->Phone.Data.Version + 3, strlen(s->Phone.Data.Version + 3) + 1);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:2093:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (GetLineLength(msg->Buffer, &Priv->Lines, 3) + 1 + strlen(s->Phone.Data.Version) < GSM_MAX_VERSION_LENGTH - 1) {
data/gammu-1.41.0/libgammu/phone/at/atgen.c:2094:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(s->Phone.Data.Version, ",");
data/gammu-1.41.0/libgammu/phone/at/atgen.c:2095:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
CopyLineString(s->Phone.Data.Version + strlen(s->Phone.Data.Version), msg->Buffer, &Priv->Lines, 3);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:2235:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(10000);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:2634:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(buffer2, AT_Charsets[i].text, strlen(AT_Charsets[i].text));
data/gammu-1.41.0/libgammu/phone/at/atgen.c:2635:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeHexUnicode(buffer3, buffer2, strlen(AT_Charsets[i].text));
data/gammu-1.41.0/libgammu/phone/at/atgen.c:2667:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(s->Phone.Data.IMEI, s->Phone.Data.IMEI + 11, strlen(s->Phone.Data.IMEI + 11) + 1);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:2669:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(s->Phone.Data.IMEI, s->Phone.Data.IMEI + 7, strlen(s->Phone.Data.IMEI + 7) + 1);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:3174:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(NetworkInfo->NetworkCode) == 5) {
data/gammu-1.41.0/libgammu/phone/at/atgen.c:4435:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(number);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:4441:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
req = (char *)malloc(strlen(format) + allocsize + 1);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:4471:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(tmp, number, strlen(number));
data/gammu-1.41.0/libgammu/phone/at/atgen.c:4502:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(number) > GSM_MAX_NUMBER_LENGTH) {
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5037:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(sequence);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5042:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos = strlen(req);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5485:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(s->Phone.Data.IMEI, s->Phone.Data.IMEI + 7, strlen(s->Phone.Data.IMEI + 7) + 1);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5487:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memmove(s->Phone.Data.IMEI, s->Phone.Data.IMEI + 7, strlen(s->Phone.Data.IMEI + 7) + 1);
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5897:23: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
case GSM_KEY_1 : strcpy(key, "1"); break;
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5898:22: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
case GSM_KEY_2 : strcpy(key, "2"); break;
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5899:22: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
case GSM_KEY_3 : strcpy(key, "3"); break;
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5900:22: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
case GSM_KEY_4 : strcpy(key, "4"); break;
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5901:22: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
case GSM_KEY_5 : strcpy(key, "5"); break;
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5902:22: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
case GSM_KEY_6 : strcpy(key, "6"); break;
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5903:22: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
case GSM_KEY_7 : strcpy(key, "7"); break;
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5904:22: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
case GSM_KEY_8 : strcpy(key, "8"); break;
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5905:22: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
case GSM_KEY_9 : strcpy(key, "9"); break;
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5906:22: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
case GSM_KEY_0 : strcpy(key, "0"); break;
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5907:24: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
case GSM_KEY_HASH : strcpy(key, "#"); break;
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5908:28: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
case GSM_KEY_ASTERISK : strcpy(key, "*"); break;
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5909:25: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
case GSM_KEY_POWER : strcpy(key, "P"); break;
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5910:25: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
case GSM_KEY_GREEN : strcpy(key, "S"); break;
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5911:23: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
case GSM_KEY_RED : strcpy(key, "E"); break;
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5912:33: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
case GSM_KEY_INCREASEVOLUME : strcpy(key, "U"); break;
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5913:33: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
case GSM_KEY_DECREASEVOLUME : strcpy(key, "D"); break;
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5914:23: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
case GSM_KEY_UP : strcpy(key, "^"); break;
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5915:24: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
case GSM_KEY_DOWN : strcpy(key, "V"); break;
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5916:24: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
case GSM_KEY_MENU : strcpy(key, "F"); break;
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5917:24: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
case GSM_KEY_LEFT : strcpy(key, "<"); break;
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5918:25: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
case GSM_KEY_RIGHT : strcpy(key, ">"); break;
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5919:25: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
case GSM_KEY_SOFT1 : strcpy(key, "["); break;
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5920:25: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
case GSM_KEY_SOFT2 : strcpy(key, "]"); break;
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5921:27: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
case GSM_KEY_HEADSET : strcpy(key, "H"); break;
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5926:25: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
case GSM_KEY_CLEAR : strcpy(key, "C"); break;
data/gammu-1.41.0/libgammu/phone/at/atgen.c:5934:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(unicode_key, key, strlen(key));
data/gammu-1.41.0/libgammu/phone/at/atgen.c:6089:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(protocol_version, "0");
data/gammu-1.41.0/libgammu/phone/at/atgen.h:500:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ATGEN_WaitFor(s, cmd, strlen(cmd), type, time, request)
data/gammu-1.41.0/libgammu/phone/at/motorola.c:146:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncasecmp(realcmd, cmd->Command, strlen(cmd->Command)) == 0) {
data/gammu-1.41.0/libgammu/phone/at/samsung.c:138:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(500000);
data/gammu-1.41.0/libgammu/phone/at/samsung.c:245:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(s->Phone.Data.Bitmap->Name, buffer, strlen(buffer));
data/gammu-1.41.0/libgammu/phone/at/samsung.c:326:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(name, DecodeUnicodeString(Bitmap->Name), 50);
data/gammu-1.41.0/libgammu/phone/at/samsung.c:376:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(s->Phone.Data.Ringtone->Name,buffer,strlen(buffer));
data/gammu-1.41.0/libgammu/phone/at/samsung.c:436:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(name, DecodeUnicodeString(Ringtone->Name), 50);
data/gammu-1.41.0/libgammu/phone/at/siemens.c:39:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(GetLineString(msg->Buffer, &Priv->Lines, i + 1));
data/gammu-1.41.0/libgammu/phone/at/siemens.c:114:2: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(500000);
data/gammu-1.41.0/libgammu/phone/at/siemens.c:196:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode (s->Phone.Data.Ringtone->Name,buffer,strlen(buffer));
data/gammu-1.41.0/libgammu/phone/at/sonyericsson.c:315:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen("AT*ZISI") <= msg->BufferUsed - i && strncmp(&msg->Buffer[i], "AT*ZISI", strlen("AT*ZISI")) == 0) {
data/gammu-1.41.0/libgammu/phone/at/sonyericsson.c:315:90: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen("AT*ZISI") <= msg->BufferUsed - i && strncmp(&msg->Buffer[i], "AT*ZISI", strlen("AT*ZISI")) == 0) {
data/gammu-1.41.0/libgammu/phone/at/sonyericsson.c:317:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i += strlen("AT*ZISI");
data/gammu-1.41.0/libgammu/phone/at/sonyericsson.c:324:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen("*ZISI:") <= msg->BufferUsed - i && strncmp(&msg->Buffer[i], "*ZISI:", strlen("*ZISI:")) == 0) {
data/gammu-1.41.0/libgammu/phone/at/sonyericsson.c:324:88: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen("*ZISI:") <= msg->BufferUsed - i && strncmp(&msg->Buffer[i], "*ZISI:", strlen("*ZISI:")) == 0) {
data/gammu-1.41.0/libgammu/phone/at/sonyericsson.c:326:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i += strlen("*ZISI:");
data/gammu-1.41.0/libgammu/phone/at/sonyericsson.c:333:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen("OK") <= msg->BufferUsed - i && strncmp(&msg->Buffer[i], "OK", strlen("OK")) == 0) {
data/gammu-1.41.0/libgammu/phone/at/sonyericsson.c:333:80: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen("OK") <= msg->BufferUsed - i && strncmp(&msg->Buffer[i], "OK", strlen("OK")) == 0) {
data/gammu-1.41.0/libgammu/phone/at/sonyericsson.c:335:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i += strlen("OK");
data/gammu-1.41.0/libgammu/phone/atobex/atobex.c:1283:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
error = GSM_WaitFor (s, req, strlen(req), 0x00, 3, ID_SetLocale);
data/gammu-1.41.0/libgammu/phone/atobex/atobex.c:1289:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return GSM_WaitFor (s, req, strlen(req), 0x00, 3, ID_SetLocale);
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:82:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
log_file = (char *)malloc(strlen(filename) + Priv->devlen + 2);
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:85:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(log_file, "/");
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:99:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
path = (char *)malloc(strlen(filename) + Priv->devlen + 5);
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:113:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
path = (char *)malloc(strlen(filename) + strlen(Priv->dirnames[depth]) + 2);
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:113:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
path = (char *)malloc(strlen(filename) + strlen(Priv->dirnames[depth]) + 2);
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:116:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(path, "/");
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:130:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
full_name = (char *)malloc(strlen(dirname) + Priv->devlen + 20);
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:150:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
full_name = (char *)malloc(strlen(dirname) + Priv->devlen + 20);
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:169:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
full_name = (char *)malloc(strlen(dirname) + Priv->devlen + 20);
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:194:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
full_name = (char *)malloc(strlen(dirname) + Priv->devlen + 20);
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:292:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Priv->devlen = strlen(s->CurrentConfig->Device);
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:610:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(folders->Folder[4].Name,_("Templates"),strlen(_("Templates")));
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:1169:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(File->Name, name, strlen(name));
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:1230:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(File->Name, dp->d_name, strlen(dp->d_name));
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:1235:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(File->ID_FullName, path + Priv->devlen + 4, strlen(path + Priv->devlen + 4));
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:1324:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(File->Name, dp->d_name, strlen(dp->d_name));
data/gammu-1.41.0/libgammu/phone/dummy/dummy.c:1329:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(File->ID_FullName, path + Priv->devlen + 4, strlen(path + Priv->devlen + 4));
data/gammu-1.41.0/libgammu/phone/nokia/dct3/dct3func.c:270:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s->Phone.Data.IMEI)!=0) return ERR_NONE;
data/gammu-1.41.0/libgammu/phone/nokia/dct3/dct3func.c:598:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=0; i < strlen(number); i++) req[4+i]=number[i];
data/gammu-1.41.0/libgammu/phone/nokia/dct3/dct3func.c:602:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return GSM_WaitFor (s, req, 4+strlen(number)+1, 0x40, 4, ID_DialVoice);
data/gammu-1.41.0/libgammu/phone/nokia/dct3/dct3func.c:1313:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s->Phone.Data.ProductCodeCache)!=0) {
data/gammu-1.41.0/libgammu/phone/nokia/dct3/dct3func.c:1336:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s->Phone.Data.HardwareCache)!=0) {
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:1675:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(Code->Code);
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:1969:75: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case 1: EncodeUnicode(Profile->Name,_("Personal"),strlen(_("Personal")));
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:1971:70: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case 2: EncodeUnicode(Profile->Name,_("Car"),strlen(_("Car")));
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:1973:74: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case 3: EncodeUnicode(Profile->Name,_("Headset"),strlen(_("Headset")));
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:1979:74: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case 1: EncodeUnicode(Profile->Name,_("General"),strlen(_("General")));
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:1981:73: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case 2: EncodeUnicode(Profile->Name,_("Silent"),strlen(_("Silent")));
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:1983:75: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case 3: EncodeUnicode(Profile->Name,_("Discreet"),strlen(_("Discreet")));
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:1985:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case 4: EncodeUnicode(Profile->Name,_("Loud"),strlen(_("Loud")));
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:1987:75: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case 5: EncodeUnicode(Profile->Name,_("My style"),strlen(_("My style")));
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:2491:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(ussd.Text,buffer,strlen(buffer));
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:2528:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
req[pos++] = strlen(number);
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:2529:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(req+pos,number,strlen(number));
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n6110.c:2530:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(number);
data/gammu-1.41.0/libgammu/phone/nokia/dct3/n7110.c:1007:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
GSM_PackSevenBitsToEight(0, Bitmap->Text, req+count+1,strlen(Bitmap->Text));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:237:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(Priv->FilesCache[i].ID_FullName,buffer,strlen(buffer));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:303:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(Priv->FilesCache[0].ID_FullName,buffer,strlen(buffer));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:554:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(s->Phone.Data.File->ID_FullName,buffer,strlen(buffer));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:790:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(s->Phone.Data.File->ID_FullName,buffer,strlen(buffer));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:1114:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1000);
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:1667:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(File->ID_FullName,buf,strlen(buf));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:1890:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(File2.ID_FullName,buffer,strlen(buffer));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:1904:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(File->ID_FullName,buffer,strlen(buffer));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/6510file.c:1925:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(File->ID_FullName,buffer,strlen(buffer));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:578:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(folders->Folder[0].Name,_("SIM"),strlen(_("SIM")));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:579:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(folders->Folder[1].Name,_("Inbox"),strlen(_("Inbox")));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:580:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(folders->Folder[2].Name,_("Sent items"),strlen(_("Sent items")));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:581:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(folders->Folder[3].Name,_("Saved items"),strlen(_("Saved items")));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:1929:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(Data->WAPSettings->Proxy,buff,strlen(buff));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:1935:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(Data->WAPSettings->Proxy2,buff,strlen(buff));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:2759:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(Code->Code);
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:3598:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
req[pos++] = strlen(number);
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:3599:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(req+pos,number,strlen(number));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:3600:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(number)*2;
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:3625:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
req2[11] = strlen(number)*2+6;
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:3626:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
req2[pos2++] = strlen(number);
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:3627:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(req2+pos2,number,strlen(number));
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/6510/n6510.c:3628:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos2 += strlen(number)*2;
data/gammu-1.41.0/libgammu/phone/nokia/dct4s40/dct4func.c:58:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(500000);
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:962:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case 1: EncodeUnicode(Bitmap->Text,_("Family"),strlen(_("Family")));
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:964:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case 2: EncodeUnicode(Bitmap->Text,_("VIP"),strlen(_("VIP")));
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:966:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case 3: EncodeUnicode(Bitmap->Text,_("Friends"),strlen(_("Friends")));
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:968:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case 4: EncodeUnicode(Bitmap->Text,_("Colleagues"),strlen(_("Colleagues")));
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:970:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case 5: EncodeUnicode(Bitmap->Text,_("Other"),strlen(_("Other")));
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:1146:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case 1: EncodeUnicode(Profile->Name,_("General"),strlen(_("General")));
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:1148:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case 2: EncodeUnicode(Profile->Name,_("Silent"),strlen(_("Silent")));
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:1150:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case 3: EncodeUnicode(Profile->Name,_("Meeting"),strlen(_("Meeting")));
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:1152:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case 4: EncodeUnicode(Profile->Name,_("Outdoor"),strlen(_("Outdoor")));
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:1154:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case 5: EncodeUnicode(Profile->Name,_("Pager"),strlen(_("Pager")));
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:1156:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case 6: EncodeUnicode(Profile->Name,_("Car"),strlen(_("Car")));
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:1158:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
case 7: EncodeUnicode(Profile->Name,_("Headset"),strlen(_("Headset")));
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:1348:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(DTMFSequence) > 100 - 5) return ERR_NOTSUPPORTED;
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:1350:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
req[4] = strlen(DTMFSequence);
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:1352:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(req+5,DTMFSequence,strlen(DTMFSequence));
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:1355:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return GSM_WaitFor (s, req, 5+strlen(DTMFSequence), 0x01, 4, ID_SendDTMF);
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:1569:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s->Phone.Data.Model)>0) return ERR_NONE;
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:1589:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s->Phone.Data.Version)>0) return ERR_NONE;
data/gammu-1.41.0/libgammu/phone/nokia/nfunc.c:1841:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(ussd.Text,buffer,strlen(buffer));
data/gammu-1.41.0/libgammu/phone/nokia/wd2/n3650.c:62:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
req = malloc(strlen(File->ID_FullName) + 30);
data/gammu-1.41.0/libgammu/phone/nokia/wd2/n3650.c:70:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len+=strlen(File->ID_FullName)-1;
data/gammu-1.41.0/libgammu/phone/nokia/wd2/n3650.c:71:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
req[7] = strlen(File->ID_FullName) + 3;
data/gammu-1.41.0/libgammu/phone/nokia/wd2/n3650.c:73:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
req[8] = strlen(File->ID_FullName);
data/gammu-1.41.0/libgammu/phone/nokia/wd2/n3650.c:79:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=req[8];i<strlen(File->ID_FullName);i++) {
data/gammu-1.41.0/libgammu/phone/nokia/wd2/n3650.c:139:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(File->ID_FullName) + strlen(msg->Buffer+pos+9) + 20 >= sizeof(File->ID_FullName)) {
data/gammu-1.41.0/libgammu/phone/nokia/wd2/n3650.c:139:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(File->ID_FullName) + strlen(msg->Buffer+pos+9) + 20 >= sizeof(File->ID_FullName)) {
data/gammu-1.41.0/libgammu/phone/nokia/wd2/n3650.c:168:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
req = malloc(strlen(File->ID_FullName) + 30);
data/gammu-1.41.0/libgammu/phone/nokia/wd2/n3650.c:176:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len +=strlen(File->ID_FullName);
data/gammu-1.41.0/libgammu/phone/nokia/wd2/n3650.c:177:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
req[7] = strlen(File->ID_FullName) + 6;
data/gammu-1.41.0/libgammu/phone/nokia/wd2/n3650.c:178:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
req[8] = strlen(File->ID_FullName);
data/gammu-1.41.0/libgammu/phone/obex/mobex.c:91:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
error = OBEXGEN_SetFile(s, path, data, strlen(data), FALSE);
data/gammu-1.41.0/libgammu/phone/obex/mobex.c:120:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
error = OBEXGEN_SetFile(s, path, data, data ? strlen(data) : 0, FALSE);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:978:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
OBEXAddBlock(req, &Current, 0x42, req2, strlen(req2)+1);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:993:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
OBEXAddBlock(req, &Current, 0x42, req2, strlen(req2));
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:1040:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(200000);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:1063:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(200000);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:1150:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(Line) == 0) break;
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:1182:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(Line) == 0) break;
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:1196:79: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DecodeXMLUTF8(Priv->Files[Priv->FilesLocationsCurrent+pos2].Name, name, strlen(name));
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:1221:78: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DecodeXMLUTF8(Priv->Files[Priv->FilesLocationsCurrent+pos2].Name, name, strlen(name));
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:1339:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(File.ID_FullName, FileName, strlen(FileName));
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:1403:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(File.ID_FullName, FileName, strlen(FileName));
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:1404:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(File.Name, FileName, strlen(FileName));
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:1451:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(IEL_text);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:1499:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(HD_text);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:1516:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(free_text);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:1525:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(used_text);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:1534:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(maximum_text);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:1684:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(*Data);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:1685:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hlen = strlen(Header);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:1692:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) == 0) break;
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:1875:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
path = (char *)malloc(strlen(Priv->PbLUID[Entry->Location]) + 22); /* Length of string below */
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:2075:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
path = (char *)malloc(strlen(Priv->PbLUID[Entry->Location]) + 22); /* Length of string below */
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:2353:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
path = (char *)malloc(strlen(Priv->CalLUID[Entry->Location]) + 22); /* Length of string below */
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:2547:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
path = (char *)malloc(strlen(Priv->CalLUID[Entry->Location]) + 22); /* Length of string below */
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:2772:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
path = (char *)malloc(strlen(Priv->TodoLUID[Entry->Location]) + 22); /* Length of string below */
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:2969:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
path = (char *)malloc(strlen(Priv->TodoLUID[Entry->Location]) + 22); /* Length of string below */
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:3211:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
path = (char *)malloc(strlen(Priv->NoteLUID[Entry->Location]) + 22); /* Length of string below */
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:3389:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
path = (char *)malloc(strlen(Priv->NoteLUID[Entry->Location]) + 22); /* Length of string below */
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:3535:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (Priv->OBEXDevinfo == NULL || strlen(Priv->OBEXDevinfo) == 0) return ERR_NOTSUPPORTED;
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:3540:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(match, ":");
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:3544:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos += strlen(match);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:3563:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (Priv->OBEXCapability == NULL || strlen(Priv->OBEXCapability) == 0) return ERR_NOTSUPPORTED;
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:3567:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(match, "<");
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:3569:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(match, ">");
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:3573:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos_start += strlen(match);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:3579:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(match, ">");
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:3585:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(Dest, pos_start, pos_end - pos_start);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:3598:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (Priv->OBEXCapability == NULL || strlen(Priv->OBEXCapability) == 0) return ERR_NOTSUPPORTED;
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:3602:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(match, "<");
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:3607:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos_start += strlen(match);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:3616:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos_start += strlen(match);
data/gammu-1.41.0/libgammu/phone/obex/obexgen.c:3623:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(Dest, pos_start, pos_end - pos_start);
data/gammu-1.41.0/libgammu/phone/pfunc.c:41:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(folders->Folder[0].Name,_("Inbox"),strlen(_("Inbox")));
data/gammu-1.41.0/libgammu/phone/pfunc.c:42:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(folders->Folder[1].Name,_("Outbox"),strlen(_("Outbox")));
data/gammu-1.41.0/libgammu/phone/pfunc.c:111:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(7500000);
data/gammu-1.41.0/libgammu/phone/pfunc.c:114:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep ((1400000000L/note.Tempo*duration)-(7500000));
data/gammu-1.41.0/libgammu/phone/pfunc.c:117:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1400000000L/note.Tempo*duration);
data/gammu-1.41.0/libgammu/phone/pfunc.c:120:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1400000000L/note.Tempo*duration-50000);
data/gammu-1.41.0/libgammu/phone/pfunc.c:123:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(50000);
data/gammu-1.41.0/libgammu/phone/pfunc.c:136:2: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(500000);
data/gammu-1.41.0/libgammu/phone/pfunc.c:146:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(File->Name, filename, strlen(filename));
data/gammu-1.41.0/libgammu/phone/pfunc.c:148:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
path = malloc(MAX(strlen(GAMMU_DATA_PATH), ExtraPath == NULL ? 0 : strlen(ExtraPath)) + 50);
data/gammu-1.41.0/libgammu/phone/pfunc.c:148:69: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
path = malloc(MAX(strlen(GAMMU_DATA_PATH), ExtraPath == NULL ? 0 : strlen(ExtraPath)) + 50);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:384:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(s->Phone.Data.NetworkInfo->NetworkCode, " ");
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:467:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(s->Phone.Data.Version, ".");
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:697:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
error = GSM_WaitFor(s, buffer, strlen(buffer), NUM_CONTACTS_REQUEST_CONTACT, S60_TIMEOUT, ID_GetMemory);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:863:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(value) == 0) {
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:867:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DecodeUTF8(Entry->Entries[Entry->EntriesNum].Text, value, strlen(value));
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:890:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
error = GSM_WaitFor(s, buffer, strlen(buffer), NUM_CONTACTS_DELETE, S60_TIMEOUT, ID_None);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1042:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return GSM_WaitFor(s, buffer, strlen(buffer), reqtype, S60_TIMEOUT, ID_None);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1164:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(content) > 0) {
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1166:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DecodeUTF8(Entry->Entries[Entry->EntriesNum].Text, content, strlen(content));
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1170:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(location) > 0) {
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1172:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DecodeUTF8(Entry->Entries[Entry->EntriesNum].Text, location, strlen(location));
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1176:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(start) > 0) {
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1182:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(end) > 0) {
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1188:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(modified) > 0) {
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1194:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(replication) > 0) {
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1204:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(alarm_time) > 0) {
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1210:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(repeat) > 0) && (strlen(repeat_rule) > 0)) {
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1210:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strlen(repeat) > 0) && (strlen(repeat_rule) > 0)) {
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1232:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(repeat_start) > 0) {
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1238:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(repeat_end) > 0) {
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1244:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(interval) > 0) {
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1266:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
error = GSM_WaitFor(s, buffer, strlen(buffer), NUM_CALENDAR_REQUEST_ENTRY, S60_TIMEOUT, ID_GetCalendarNote);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1338:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUTF8(buffer + strlen(buffer), Entry->Entries[i].Text);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1344:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUTF8(buffer + strlen(buffer), Entry->Entries[i].Text);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1350:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
GSM_DateTimeToTimestamp(&(Entry->Entries[i].Date), buffer + strlen(buffer));
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1356:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
GSM_DateTimeToTimestamp(&(Entry->Entries[i].Date), buffer + strlen(buffer));
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1375:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
GSM_DateTimeToTimestamp(&(Entry->Entries[i].Date), buffer + strlen(buffer));
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1380:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buffer, "2");
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1390:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
GSM_DateTimeToTimestamp(&(Entry->Entries[i].Date), buffer + strlen(buffer));
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1396:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
GSM_DateTimeToTimestamp(&(Entry->Entries[i].Date), buffer + strlen(buffer));
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1402:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(buffer + strlen(buffer), "%d", Entry->Entries[i].Number);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1406:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return GSM_WaitFor(s, buffer, strlen(buffer), request, S60_TIMEOUT, ID_request);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1449:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
error = GSM_WaitFor(s, buffer, strlen(buffer), NUM_CALENDAR_ENTRY_DELETE, S60_TIMEOUT, ID_None);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1499:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(content) > 0) {
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1501:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DecodeUTF8(Entry->Entries[Entry->EntriesNum].Text, content, strlen(content));
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1505:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(location) > 0) {
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1507:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DecodeUTF8(Entry->Entries[Entry->EntriesNum].Text, location, strlen(location));
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1511:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(start) > 0) {
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1517:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(end) > 0) {
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1523:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(modified) > 0) {
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1529:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(replication) > 0) {
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1539:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(alarm_time) > 0) {
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1545:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(priority) > 0) {
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1549:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(crossedout) > 0) {
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1555:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(crossedout_time) > 0) {
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1574:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
error = GSM_WaitFor(s, buffer, strlen(buffer), NUM_CALENDAR_REQUEST_ENTRY, S60_TIMEOUT, ID_GetToDo);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1609:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
error = GSM_WaitFor(s, buffer, strlen(buffer), NUM_CALENDAR_ENTRY_DELETE, S60_TIMEOUT, ID_None);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1649:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUTF8(buffer + strlen(buffer), Entry->Entries[i].Text);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1655:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUTF8(buffer + strlen(buffer), Entry->Entries[i].Text);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1661:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
GSM_DateTimeToTimestamp(&(Entry->Entries[i].Date), buffer + strlen(buffer));
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1667:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
GSM_DateTimeToTimestamp(&(Entry->Entries[i].Date), buffer + strlen(buffer));
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1686:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
GSM_DateTimeToTimestamp(&(Entry->Entries[i].Date), buffer + strlen(buffer));
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1691:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(buffer + strlen(buffer), "%d", Entry->Priority);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1701:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return GSM_WaitFor(s, buffer, strlen(buffer), request, S60_TIMEOUT, ID_request);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1779:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(folders->Folder[0].Name,_("Inbox"),strlen(_("Inbox")));
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1780:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(folders->Folder[1].Name,_("Outbox"),strlen(_("Outbox")));
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1802:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return GSM_WaitFor(s, buffer, strlen(buffer), NUM_MESSAGE_REQUEST_ONE, S60_TIMEOUT, ID_GetSMSMessage);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1812:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return GSM_WaitFor(s, buffer, strlen(buffer), NUM_MESSAGE_DELETE, S60_TIMEOUT, ID_None);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1855:74: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DecodeUTF8(s->Phone.Data.SaveSMSMessage->Number, Priv->MessageParts[3], strlen(Priv->MessageParts[3]));
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1858:72: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DecodeUTF8(s->Phone.Data.SaveSMSMessage->Text, Priv->MessageParts[4], strlen(Priv->MessageParts[4]));
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1938:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUTF8(buffer + strlen(buffer), sms->Number);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1955:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeSpecialChars(buffer + strlen(buffer), textbuffer);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1958:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return GSM_WaitFor(s, buffer, strlen(buffer), NUM_MESSAGE_SEND_REQUEST, S60_TIMEOUT, ID_None);
data/gammu-1.41.0/libgammu/phone/s60/s60phone.c:1980:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return GSM_WaitFor(s, Number, strlen(Number), NUM_DIAL, S60_TIMEOUT, ID_None);
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:1628:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode( unicodeNumber, Number, strlen(Number) );
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:1662:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s->Phone.Data.HardwareCache)!=0) {
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:1761:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s->Phone.Data.Model)>0) return ERR_NONE;
data/gammu-1.41.0/libgammu/phone/symbian/gnapgen.c:1777:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(s->Phone.Data.Version)>0) return ERR_NONE;
data/gammu-1.41.0/libgammu/protocol/alcatel/alcabus.c:92:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1000);
data/gammu-1.41.0/libgammu/protocol/at/at.c:42:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1000);
data/gammu-1.41.0/libgammu/protocol/at/at.c:44:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(400000);
data/gammu-1.41.0/libgammu/protocol/at/at.c:194:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(StatusStrings[i])) == 0) {
data/gammu-1.41.0/libgammu/protocol/at/at.c:217:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(SpecialAnswers[i].text)) == 0) {
data/gammu-1.41.0/libgammu/protocol/at/at.c:297:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(d->Msg.Buffer+d->LineStart) == 2 &&
data/gammu-1.41.0/libgammu/protocol/nokia/fbus2.c:338:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(50000);
data/gammu-1.41.0/libgammu/protocol/nokia/fbus2.c:355:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FBUS2_WriteDLR3(s, init_1, strlen(init_1), 100);
data/gammu-1.41.0/libgammu/protocol/nokia/fbus2.c:356:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FBUS2_WriteDLR3(s, init_2, strlen(init_2), 100);
data/gammu-1.41.0/libgammu/protocol/nokia/fbus2.c:357:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FBUS2_WriteDLR3(s, init_3, strlen(init_3), 100);
data/gammu-1.41.0/libgammu/protocol/nokia/fbus2.c:380:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(delays);
data/gammu-1.41.0/libgammu/protocol/nokia/fbus2.c:488:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(1000);
data/gammu-1.41.0/libgammu/protocol/nokia/mbus2.c:86:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length=strlen(buffer);
data/gammu-1.41.0/libgammu/protocol/nokia/mbus2.c:224:9: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(200000);
data/gammu-1.41.0/libgammu/service/backup/backldif.c:21:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeBASE64(Buffer, Buffer2, strlen(Buffer));
data/gammu-1.41.0/libgammu/service/backup/backldif.c:250:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(Buffer,buff,strlen(buff))) {
data/gammu-1.41.0/libgammu/service/backup/backldif.c:251:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = DecodeBASE64(Buffer+strlen(Start)+3, Buffer2, strlen(Buffer)-(strlen(Start)+3));
data/gammu-1.41.0/libgammu/service/backup/backldif.c:251:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = DecodeBASE64(Buffer+strlen(Start)+3, Buffer2, strlen(Buffer)-(strlen(Start)+3));
data/gammu-1.41.0/libgammu/service/backup/backldif.c:251:69: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = DecodeBASE64(Buffer+strlen(Start)+3, Buffer2, strlen(Buffer)-(strlen(Start)+3));
data/gammu-1.41.0/libgammu/service/backup/backldif.c:259:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(Buffer,buff,strlen(buff))) {
data/gammu-1.41.0/libgammu/service/backup/backldif.c:260:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(Value,Buffer+strlen(Start)+2,strlen(Buffer)-(strlen(Start)+2));
data/gammu-1.41.0/libgammu/service/backup/backldif.c:260:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(Value,Buffer+strlen(Start)+2,strlen(Buffer)-(strlen(Start)+2));
data/gammu-1.41.0/libgammu/service/backup/backldif.c:260:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(Value,Buffer+strlen(Start)+2,strlen(Buffer)-(strlen(Start)+2));
data/gammu-1.41.0/libgammu/service/backup/backldif.c:277:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
error = MyGetLine(Buffer, Pos, Line, strlen(Buffer), sizeof(Line), FALSE);
data/gammu-1.41.0/libgammu/service/backup/backldif.c:279:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(Line) == 0) break;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:66:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffer = (unsigned char *)realloc(buffer,len+strlen(h->SectionName)+1);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:68:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len+=strlen(h->SectionName);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:71:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffer = (unsigned char *)realloc(buffer,len+strlen(e->EntryName)+1);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:73:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len+=strlen(e->EntryName);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:74:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffer = (unsigned char *)realloc(buffer,len+strlen(e->EntryValue)+1);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:76:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len+=strlen(e->EntryValue);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:93:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(unicode_key,key,strlen(key));
data/gammu-1.41.0/libgammu/service/backup/backtext.c:107:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
current = strlen(myvalue); w = 0;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:110:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(buffer2,myvalue+(strlen(myvalue)-current),200);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:114:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(buffer2,myvalue+(strlen(myvalue)-current),current);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:120:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(buffer2,buffer3,strlen(buffer3));
data/gammu-1.41.0/libgammu/service/backup/backtext.c:121:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
chk_fwrite(buffer2,1,strlen(buffer3)*2,file);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:148:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(readvalue);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:170:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(buffer,myvalue,strlen(myvalue));
data/gammu-1.41.0/libgammu/service/backup/backtext.c:171:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
chk_fwrite(buffer,1,strlen(myvalue)*2,file);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:176:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(buffer2, buffer, strlen(buffer));
data/gammu-1.41.0/libgammu/service/backup/backtext.c:183:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(buffer2, buffer, strlen(buffer));
data/gammu-1.41.0/libgammu/service/backup/backtext.c:238:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(paramname,myname,strlen(myname));
data/gammu-1.41.0/libgammu/service/backup/backtext.c:263:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dbgprintf(NULL, "Cfg read: %s %ld\n",readvalue,(long)strlen(readvalue));
data/gammu-1.41.0/libgammu/service/backup/backtext.c:264:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(readvalue) >= maxlen - 1) {
data/gammu-1.41.0/libgammu/service/backup/backtext.c:268:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DecodeHexBin (myvalue, readvalue, MIN(strlen(readvalue), maxlen - 1));
data/gammu-1.41.0/libgammu/service/backup/backtext.c:269:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
myvalue[strlen(readvalue)/2]=0;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:270:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
myvalue[strlen(readvalue)/2+1]=0;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:277:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(myvalue, decodedvalue, strlen(decodedvalue) - 1);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:1836:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buffer) == 11) {
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2079:67: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Pbk->Entries[Pbk->EntriesNum].Picture.Buffer = (char *)malloc(strlen(readvalue));
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2086:76: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DecodeBASE64(readvalue, Pbk->Entries[Pbk->EntriesNum].Picture.Buffer, strlen(readvalue));
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2794:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buffer) == 7) {
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2903:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DecodeHexBin (ringtone->NokiaBinary.Frame, buffer2, strlen(buffer2));
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2904:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ringtone->NokiaBinary.Length = strlen(buffer2)/2;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2913:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DecodeHexBin (ringtone->NokiaBinary.Frame, buffer2, strlen(buffer2));
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2914:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ringtone->NokiaBinary.Length = strlen(buffer2)/2;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:2960:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buffer) == 9) {
data/gammu-1.41.0/libgammu/service/backup/backtext.c:3247:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(backup->IMEI, readvalue, sizeof(backup->IMEI) - 1);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:3252:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(backup->Model, readvalue, sizeof(backup->Model) - 1);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:3257:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(backup->Creator,readvalue, sizeof(backup->Creator) - 1);
data/gammu-1.41.0/libgammu/service/backup/backtext.c:3895:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(readbuffer) > 4 * GSM_MAX_SMS_CHARS_LENGTH) {
data/gammu-1.41.0/libgammu/service/backup/backtext.c:3899:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!DecodeHexBin (SMS->Text, readbuffer, strlen(readbuffer))) {
data/gammu-1.41.0/libgammu/service/backup/backtext.c:3907:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SMS->Length = strlen(readbuffer)/2;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:3909:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SMS->Length = strlen(readbuffer)/4;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:3925:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DecodeHexBin (SMS->UDH.Text, readvalue, strlen(readvalue));
data/gammu-1.41.0/libgammu/service/backup/backtext.c:3926:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
SMS->UDH.Length = strlen(readvalue)/2;
data/gammu-1.41.0/libgammu/service/backup/backtext.c:4000:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buffer);
data/gammu-1.41.0/libgammu/service/gsmcal.c:1695:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lBuffer = strlen(Buffer);
data/gammu-1.41.0/libgammu/service/gsmcal.c:1706:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(Line) == 0) break;
data/gammu-1.41.0/libgammu/service/gsmcal.c:1796:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(Line) == 0) break;
data/gammu-1.41.0/libgammu/service/gsmcal.c:2041:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
error = MyGetLine(Buffer, Pos, Line, strlen(Buffer), sizeof(Line), TRUE);
data/gammu-1.41.0/libgammu/service/gsmcal.c:2043:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(Line) == 0) break;
data/gammu-1.41.0/libgammu/service/gsmdata.c:171:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=0;i<(int)strlen(buffer);i++) {
data/gammu-1.41.0/libgammu/service/gsmdata.c:219:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
AddWAPSMSParameterText(Buffer, Length, 0x15, buffer, strlen(buffer));
data/gammu-1.41.0/libgammu/service/gsmdata.c:222:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
AddWAPSMSParameterText(Buffer, Length, 0x17, buffer, strlen(buffer));
data/gammu-1.41.0/libgammu/service/gsmdata.c:250:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(URL);
data/gammu-1.41.0/libgammu/service/gsmdata.c:279:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(Text);
data/gammu-1.41.0/libgammu/service/gsmdata.c:343:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(Indicator->Address);
data/gammu-1.41.0/libgammu/service/gsmdata.c:346:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(*Length)=(*Length)+strlen(Indicator->Address+i+1);
data/gammu-1.41.0/libgammu/service/gsmdata.c:392:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Buffer[(*Length)++] = (unsigned char)(strlen(buffer) + 2);
data/gammu-1.41.0/libgammu/service/gsmdata.c:396:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(*Length)=(*Length)+strlen(buffer);
data/gammu-1.41.0/libgammu/service/gsmdata.c:403:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(*Length)=(*Length)+strlen(Indicator->Title);
data/gammu-1.41.0/libgammu/service/gsmdata.c:412:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(*Length)=(*Length)+strlen(Indicator->Address);
data/gammu-1.41.0/libgammu/service/gsmdata.c:496:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buff[strlen(buff)-10] = 0;
data/gammu-1.41.0/libgammu/service/gsmdata.c:503:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(info->CC,buff,strlen(buff));
data/gammu-1.41.0/libgammu/service/gsmdata.c:522:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buff[strlen(buff)+1] = 0;
data/gammu-1.41.0/libgammu/service/gsmdata.c:523:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buff[strlen(buff)] = file->Buffer[pos+i];
data/gammu-1.41.0/libgammu/service/gsmdata.c:532:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buff[strlen(buff)+1] = 0;
data/gammu-1.41.0/libgammu/service/gsmdata.c:533:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buff[strlen(buff)] = file->Buffer[pos+i];
data/gammu-1.41.0/libgammu/service/gsmdata.c:557:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buff[strlen(buff)+1] = 0;
data/gammu-1.41.0/libgammu/service/gsmdata.c:558:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buff[strlen(buff)] = file->Buffer[pos+i];
data/gammu-1.41.0/libgammu/service/gsmdata.c:567:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buff[strlen(buff)+1] = 0;
data/gammu-1.41.0/libgammu/service/gsmdata.c:568:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buff[strlen(buff)] = file->Buffer[pos+i];
data/gammu-1.41.0/libgammu/service/gsmdata.c:587:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(info->ContentType,buff,strlen(buff));
data/gammu-1.41.0/libgammu/service/gsmdata.c:645:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buff[strlen(buff)-10] = 0;
data/gammu-1.41.0/libgammu/service/gsmdata.c:652:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(info->Source,buff,strlen(buff));
data/gammu-1.41.0/libgammu/service/gsmdata.c:750:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(info->Subject,buff,strlen(buff));
data/gammu-1.41.0/libgammu/service/gsmdata.c:761:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buff[strlen(buff)-10] = 0;
data/gammu-1.41.0/libgammu/service/gsmdata.c:768:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(info->Destination,buff,strlen(buff));
data/gammu-1.41.0/libgammu/service/gsmdata.c:835:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buff[strlen(buff)+1] = 0;
data/gammu-1.41.0/libgammu/service/gsmdata.c:836:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buff[strlen(buff)] = file->Buffer[pos+i];
data/gammu-1.41.0/libgammu/service/gsmdata.c:853:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buff[strlen(buff)+1] = 0;
data/gammu-1.41.0/libgammu/service/gsmdata.c:854:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buff[strlen(buff)] = file->Buffer[pos+i];
data/gammu-1.41.0/libgammu/service/gsmdata.c:861:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buff[strlen(buff)+1] = 0;
data/gammu-1.41.0/libgammu/service/gsmdata.c:862:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buff[strlen(buff)] = file->Buffer[pos+i];
data/gammu-1.41.0/libgammu/service/gsmdata.c:867:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(info->Entries[info->EntriesNum].ContentType,buff,strlen(buff));
data/gammu-1.41.0/libgammu/service/gsmdata.c:885:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buff2[strlen(buff2)+1] = 0;
data/gammu-1.41.0/libgammu/service/gsmdata.c:886:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buff2[strlen(buff2)] = file->Buffer[pos+i];
data/gammu-1.41.0/libgammu/service/gsmdata.c:889:67: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(info->Entries[info->EntriesNum].File.Name,buff2,strlen(buff2));
data/gammu-1.41.0/libgammu/service/gsmdata.c:898:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buff[strlen(buff)+1] = 0;
data/gammu-1.41.0/libgammu/service/gsmdata.c:899:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buff[strlen(buff)] = file->Buffer[pos+i];
data/gammu-1.41.0/libgammu/service/gsmdata.c:908:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buff[strlen(buff)+1] = 0;
data/gammu-1.41.0/libgammu/service/gsmdata.c:909:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buff[strlen(buff)] = file->Buffer[pos+i];
data/gammu-1.41.0/libgammu/service/gsmdata.c:919:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buff[strlen(buff)+1] = 0;
data/gammu-1.41.0/libgammu/service/gsmdata.c:920:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buff[strlen(buff)] = file->Buffer[pos+i];
data/gammu-1.41.0/libgammu/service/gsmdata.c:924:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(info->Entries[info->EntriesNum].File.Name,buff,strlen(buff));
data/gammu-1.41.0/libgammu/service/gsmdata.c:935:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buff[strlen(buff)+1] = 0;
data/gammu-1.41.0/libgammu/service/gsmdata.c:936:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buff[strlen(buff)] = file->Buffer[pos+i];
data/gammu-1.41.0/libgammu/service/gsmdata.c:940:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(info->Entries[info->EntriesNum].SMIL,buff,strlen(buff));
data/gammu-1.41.0/libgammu/service/gsmlogo.c:1116:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(file_only_name);
data/gammu-1.41.0/libgammu/service/gsmmisc.c:54:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i=0;i<(int)(strlen(text));i++) {
data/gammu-1.41.0/libgammu/service/gsmmisc.c:126:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(Line) == 0) break;
data/gammu-1.41.0/libgammu/service/gsmmisc.c:127:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(Line,Name,strlen(Name))) {
data/gammu-1.41.0/libgammu/service/gsmmisc.c:128:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Pos = strlen(Name);
data/gammu-1.41.0/libgammu/service/gsmmisc.c:266:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(Buffer) < 8) {
data/gammu-1.41.0/libgammu/service/gsmmisc.c:270:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(year, Buffer, 4);
data/gammu-1.41.0/libgammu/service/gsmmisc.c:271:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(month, Buffer+4, 2);
data/gammu-1.41.0/libgammu/service/gsmmisc.c:272:2: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(day, Buffer+6, 2);
data/gammu-1.41.0/libgammu/service/gsmmisc.c:278:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(Buffer + 9) < 6) return FALSE;
data/gammu-1.41.0/libgammu/service/gsmmisc.c:280:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(hour, Buffer+9, 2);
data/gammu-1.41.0/libgammu/service/gsmmisc.c:281:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(minute, Buffer+11, 2);
data/gammu-1.41.0/libgammu/service/gsmmisc.c:282:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(second, Buffer+13, 2);
data/gammu-1.41.0/libgammu/service/gsmmisc.c:320:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buff,":");
data/gammu-1.41.0/libgammu/service/gsmmisc.c:321:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp(Buffer,buff,strlen(buff))) {
data/gammu-1.41.0/libgammu/service/gsmmisc.c:322:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int lstart = strlen(Start);
data/gammu-1.41.0/libgammu/service/gsmmisc.c:323:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int lvalue = strlen(Buffer)-(lstart+1);
data/gammu-1.41.0/libgammu/service/gsmmisc.c:324:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buff,Buffer+lstart+1,lvalue);
data/gammu-1.41.0/libgammu/service/gsmmisc.c:325:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant character.
strncpy(buff+lvalue,"\0",1);
data/gammu-1.41.0/libgammu/service/gsmmisc.c:385:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (UnicodeLength(Text) == strlen(buffer)) {
data/gammu-1.41.0/libgammu/service/gsmmisc.c:418:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buffer);
data/gammu-1.41.0/libgammu/service/gsmmisc.c:424:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(linebuffer, pos, current);
data/gammu-1.41.0/libgammu/service/gsmmisc.c:491:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(Start);
data/gammu-1.41.0/libgammu/service/gsmmisc.c:526:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(tokens[0]);
data/gammu-1.41.0/libgammu/service/gsmmisc.c:549:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(tokens[token]);
data/gammu-1.41.0/libgammu/service/gsmmisc.c:621:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(tokens[token]);
data/gammu-1.41.0/libgammu/service/gsmmisc.c:698:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(pos);
data/gammu-1.41.0/libgammu/service/gsmmisc.c:702:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(tokens[token]) > 0) {
data/gammu-1.41.0/libgammu/service/gsmnet.c:2769:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(NetworkCode) > 7 || strlen(NetworkCode) < 5) {
data/gammu-1.41.0/libgammu/service/gsmnet.c:2769:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(NetworkCode) > 7 || strlen(NetworkCode) < 5) {
data/gammu-1.41.0/libgammu/service/gsmnet.c:2783:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(retval, GSM_Networks[i].Name, strlen(GSM_Networks[i].Name));
data/gammu-1.41.0/libgammu/service/gsmnet.c:2799:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(retval, GSM_Countries[i].Name, strlen(GSM_Countries[i].Name));
data/gammu-1.41.0/libgammu/service/gsmpbk.c:665:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(Number,buf,strlen(buf));
data/gammu-1.41.0/libgammu/service/gsmpbk.c:699:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
error = GSM_GetVCSLine(&Line, Buffer, Pos, strlen(Buffer), TRUE);
data/gammu-1.41.0/libgammu/service/gsmpbk.c:701:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(Line) == 0) break;
data/gammu-1.41.0/libgammu/service/gsmpbk.c:762:76: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
Pbk->Entries[Pbk->EntriesNum].Picture.Buffer = (unsigned char *)malloc(strlen(s));
data/gammu-1.41.0/libgammu/service/gsmpbk.c:767:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DecodeBASE64(s, Pbk->Entries[Pbk->EntriesNum].Picture.Buffer, strlen(s));
data/gammu-1.41.0/libgammu/service/gsmring.c:566:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(ringtone->Name,Name,strlen(Name));
data/gammu-1.41.0/libgammu/service/gsmring.c:898:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(file_only_name);
data/gammu-1.41.0/libgammu/service/gsmring.c:1177:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(ringtone->Name,Buffer,strlen(Buffer));
data/gammu-1.41.0/libgammu/service/gsmring.c:1641:25: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
case Note_C :Len+=sprintf(package+Len,"c"); break;
data/gammu-1.41.0/libgammu/service/gsmring.c:1643:25: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
case Note_D :Len+=sprintf(package+Len,"d"); break;
data/gammu-1.41.0/libgammu/service/gsmring.c:1645:25: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
case Note_E :Len+=sprintf(package+Len,"e"); break;
data/gammu-1.41.0/libgammu/service/gsmring.c:1646:25: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
case Note_F :Len+=sprintf(package+Len,"f"); break;
data/gammu-1.41.0/libgammu/service/gsmring.c:1648:25: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
case Note_G :Len+=sprintf(package+Len,"g"); break;
data/gammu-1.41.0/libgammu/service/gsmring.c:1650:25: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
case Note_A :Len+=sprintf(package+Len,"a"); break;
data/gammu-1.41.0/libgammu/service/gsmring.c:1652:25: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
case Note_H :Len+=sprintf(package+Len,"b"); break;
data/gammu-1.41.0/libgammu/service/gsmring.c:1653:27: [1] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source is a constant character.
case Note_Pause :Len+=sprintf(package+Len,"r"); break;
data/gammu-1.41.0/libgammu/service/sms/gsmmulti.c:1081:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i += strlen(Info->Entries[0].MMSIndicator->Title) + 3;
data/gammu-1.41.0/libgammu/service/sms/gsmmulti.c:1084:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i += strlen(Info->Entries[0].MMSIndicator->Title) + 1;
data/gammu-1.41.0/libgammu/service/sms/gsmmulti.c:1119:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i += strlen(Info->Entries[0].MMSIndicator->Address) + 1;
data/gammu-1.41.0/libgammu/service/sms/gsmmulti.c:1411:67: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(Info->Entries[0].File->Name,SiemensInfo.DataName,strlen(SiemensInfo.DataName));
data/gammu-1.41.0/smsd/core.c:123:3: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(500000);
data/gammu-1.41.0/smsd/core.c:368:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pos = strlen(Config->gammu_log_buffer);
data/gammu-1.41.0/smsd/core.c:372:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
newsize = pos + strlen(text) + 1;
data/gammu-1.41.0/smsd/core.c:567:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buffer);
data/gammu-1.41.0/smsd/core.c:734:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(fullpath, filename, PATH_MAX);
data/gammu-1.41.0/smsd/core.c:889:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUnicode(Config->SMSC.Number, str, strlen(str));
data/gammu-1.41.0/smsd/core.c:1045:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(locations) + strlen(command) + 4;
data/gammu-1.41.0/smsd/core.c:1045:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(locations) + strlen(command) + 4;
data/gammu-1.41.0/smsd/core.c:1215:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((bytes = read(pipefd[0], buffer, 4096)) > 0) {
data/gammu-1.41.0/smsd/core.c:1243:4: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(100000);
data/gammu-1.41.0/smsd/core.c:1252:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((bytes = read(pipefd[0], buffer, 4096)) > 0) {
data/gammu-1.41.0/smsd/core.c:1802:5: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(10000);
data/gammu-1.41.0/smsd/core.c:1832:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(Config->prevSMSID, "");
data/gammu-1.41.0/smsd/core.c:1929:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(Config->Status->PhoneID, Config->PhoneID, sizeof(Config->Status->PhoneID));
data/gammu-1.41.0/smsd/inject.c:128:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(argv[i]) != 2 || argv[i][0] != '-') {
data/gammu-1.41.0/smsd/inject.c:241:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(newid) == 0) {
data/gammu-1.41.0/smsd/log-event.c:86:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(DWORD)(strlen(program_name) + 1));
data/gammu-1.41.0/smsd/log-event.c:99:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(DWORD)strlen(program_name) + 1);
data/gammu-1.41.0/smsd/log-event.c:112:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(DWORD)strlen(program_name) + 1);
data/gammu-1.41.0/smsd/main.c:233:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(argv[i]) != 2 || argv[i][0] != '-') {
data/gammu-1.41.0/smsd/main.c:303:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(smsd_service_name, optarg, SERVICE_NAME_LENGTH);
data/gammu-1.41.0/smsd/main.c:363:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (params->pid_file != NULL && strlen(params->pid_file) > 0) {
data/gammu-1.41.0/smsd/monitor.c:141:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(argv[i]) != 2 || argv[i][0] != '-') {
data/gammu-1.41.0/smsd/services/files.c:120:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (locations_pos + strlen(FileName) + 2 >= locations_size) {
data/gammu-1.41.0/smsd/services/files.c:121:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
locations_size += strlen(FileName) + 30;
data/gammu-1.41.0/smsd/services/files.c:129:4: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(*Locations, " ");
data/gammu-1.41.0/smsd/services/files.c:130:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
locations_pos += strlen(FileName) + 1;
data/gammu-1.41.0/smsd/services/files.c:165:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
chk_fwrite(sms->SMS[i].Text, 1, strlen(buffer2) * 2, file);
data/gammu-1.41.0/smsd/services/files.c:167:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
chk_fwrite(buffer2, 1, strlen(buffer2), file);
data/gammu-1.41.0/smsd/services/files.c:247:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
FullName[strlen(Config->outboxpath) - 1] = '\0';
data/gammu-1.41.0/smsd/services/files.c:428:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
phlen = strlen(pos1) - strlen(pos2);
data/gammu-1.41.0/smsd/services/files.c:428:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
phlen = strlen(pos1) - strlen(pos2);
data/gammu-1.41.0/smsd/services/files.c:438:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
phlen = strlen(pos1);
data/gammu-1.41.0/smsd/services/files.c:440:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
phlen = strlen(pos1) - strlen(pos2);
data/gammu-1.41.0/smsd/services/files.c:440:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
phlen = strlen(pos1) - strlen(pos2);
data/gammu-1.41.0/smsd/services/files.c:452:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
phlen = strlen(pos1) - strlen(pos2);
data/gammu-1.41.0/smsd/services/files.c:452:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
phlen = strlen(pos1) - strlen(pos2);
data/gammu-1.41.0/smsd/services/files.c:655:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
chk_fwrite(buffer2, 1, strlen(buffer2), file);
data/gammu-1.41.0/smsd/services/files.c:747:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
chk_fwrite(MessageReferenceBuffer, strlen(MessageReferenceBuffer), 1, file);
data/gammu-1.41.0/smsd/services/mysql.c:164:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(string);
data/gammu-1.41.0/smsd/services/mysql.c:175:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(buff, "'");
data/gammu-1.41.0/smsd/services/odbc.c:288:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(string);
data/gammu-1.41.0/smsd/services/pgsql.c:155:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
to = malloc(strlen(from)*2+3);
data/gammu-1.41.0/smsd/services/pgsql.c:159:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
PQescapeStringConn(Config->conn.pg, to+1, from, strlen(from), &ret);
data/gammu-1.41.0/smsd/services/pgsql.c:161:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
PQescapeString(to+1, from, strlen(from));
data/gammu-1.41.0/smsd/services/pgsql.c:163:2: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(to, "'");
data/gammu-1.41.0/smsd/services/sql.c:131:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(result, " ");
data/gammu-1.41.0/smsd/services/sql.c:151:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(result, " ");
data/gammu-1.41.0/smsd/services/sql.c:153:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(result, " ");
data/gammu-1.41.0/smsd/services/sql.c:174:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(result, " ");
data/gammu-1.41.0/smsd/services/sql.c:368:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(ptr, buffer2, strlen(buffer2));
data/gammu-1.41.0/smsd/services/sql.c:369:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr += strlen(buffer2);
data/gammu-1.41.0/smsd/services/sql.c:481:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeUTF8(static_buff + strlen(static_buff), SMSInfo.Entries[i].Buffer);
data/gammu-1.41.0/smsd/services/sql.c:546:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(ptr, buffer2, strlen(buffer2));
data/gammu-1.41.0/smsd/services/sql.c:547:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ptr += strlen(buffer2);
data/gammu-1.41.0/smsd/services/sql.c:1029:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
text_len = strlen(text);
data/gammu-1.41.0/smsd/services/sql.c:1037:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
udh_len = strlen(udh);
data/gammu-1.41.0/smsd/services/sql.c:1060:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DecodeUTF8(sms->SMS[sms->Number].Text, text_decoded, strlen(text_decoded));
data/gammu-1.41.0/smsd/services/sql.c:1092:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
DecodeUTF8(sms->SMS[sms->Number].Number, destination, strlen(destination));
data/gammu-1.41.0/smsd/services/sql.c:1116:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(Config->CreatorID, db->GetString(Config, &res, 10), sizeof(Config->CreatorID));
data/gammu-1.41.0/smsd/services/sql.c:1353:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len[i] = strlen(arg);
data/gammu-1.41.0/tests/at-dispatch.c:20:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
msg.Length = strlen(reply);
data/gammu-1.41.0/tests/at-statemachine.c:62:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < strlen(test_data); i++) {
data/gammu-1.41.0/tests/at-statemachine.c:72:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < strlen(second_test); i++) {
data/gammu-1.41.0/tests/at-statemachine.c:82:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < strlen(second_test); i++) {
data/gammu-1.41.0/tests/atgen/incoming-sms-info.c:51:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
msg.Length = strlen(event);
data/gammu-1.41.0/tests/atgen/incoming-sms-info.c:82:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
msg.Length = strlen(event);
data/gammu-1.41.0/tests/atgen/incoming-sms-info.c:112:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
msg.Length = strlen(event);
data/gammu-1.41.0/tests/atgen/incoming-sms-info.c:144:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
msg.Length = strlen(event);
data/gammu-1.41.0/tests/atgen/incoming-sms-info.c:187:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
msg.Length = strlen(event);
data/gammu-1.41.0/tests/atgen/incoming-sms-info.c:232:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
msg.Length = strlen(event);
data/gammu-1.41.0/tests/atgen/incoming-sms.c:47:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
msg.Length = strlen(event);
data/gammu-1.41.0/tests/atgen/incoming-sms.c:80:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
msg.Length = strlen(event);
data/gammu-1.41.0/tests/atgen/incoming-sms.c:115:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
msg.Length = strlen(event);
data/gammu-1.41.0/tests/atgen/smsd-cancel-call.c:72:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
msg.Length = strlen(events[i]);
data/gammu-1.41.0/tests/atgen/smsd-cancel-call.c:80:5: [1] (obsolete) usleep:
This C routine is considered obsolete (as opposed to the shell command by
the same name). The interaction of this function with SIGALRM and other
timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
usleep(5000);
data/gammu-1.41.0/tests/atgen/smsd-incoming-cds.c:49:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
msg.Length = strlen(event);
data/gammu-1.41.0/tests/atgen/smsd-incoming-ussd.c:34:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
msg.Length = strlen(event);
data/gammu-1.41.0/tests/atgen/test_helper.c:88:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
read_len = strlen(_response_queue.queue[_response_queue.pos]);
data/gammu-1.41.0/tests/base64.c:35:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = DecodeBASE64(base64, decoded, strlen(base64));
data/gammu-1.41.0/tests/base64.c:38:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
test_result(len == strlen(text));
data/gammu-1.41.0/tests/base64.c:41:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
EncodeBASE64(text, encoded, strlen(text));
data/gammu-1.41.0/tests/line-splitting.c:1040:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(GetLineString(input, &lines, num)) != (size_t)GetLineLength(input, &lines, num)) { \
data/gammu-1.41.0/tests/line-splitting.c:1041:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
printf("DIFFERENT LENGTH[%d]: %ld %d\n", num, (long)strlen(GetLineString(input, &lines, num)), GetLineLength(input, &lines, num)); \
data/gammu-1.41.0/tests/locking.c:46:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
create_lock(TEST_LOCK, pids, strlen(pids));
data/gammu-1.41.0/tests/sms-at-encode.c:118:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = fwrite(hexreq, 1, strlen(hexreq), f);
data/gammu-1.41.0/tests/sms-at-encode.c:119:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (len != strlen(hexreq)) {
data/gammu-1.41.0/tests/utf-8.c:64:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
test_result(DecodeHexUnicode(out, input, strlen(input)));
data/gammu-1.41.0/tests/utf-8.c:69:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
test_string(expected, out2, strlen(expected));
ANALYSIS SUMMARY:
Hits = 3844
Lines analyzed = 147028 in approximately 4.17 seconds (35292 lines/second)
Physical Source Lines of Code (SLOC) = 111581
Hits@level = [0] 2119 [1] 864 [2] 2222 [3] 21 [4] 735 [5] 2
Hits@level+ = [0+] 5963 [1+] 3844 [2+] 2980 [3+] 758 [4+] 737 [5+] 2
Hits/KSLOC@level+ = [0+] 53.441 [1+] 34.4503 [2+] 26.7071 [3+] 6.79327 [4+] 6.60507 [5+] 0.0179242
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.