Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/gcx-1.3/src/fwheel_indi.c Examining data/gcx-1.3/src/staredit.c Examining data/gcx-1.3/src/gcx.h Examining data/gcx-1.3/src/reduce.c Examining data/gcx-1.3/src/sidereal_time.h Examining data/gcx-1.3/src/recipy.h Examining data/gcx-1.3/src/common_indi.h Examining data/gcx-1.3/src/nutation.c Examining data/gcx-1.3/src/gsc/embgsc.c Examining data/gcx-1.3/src/gsc/dtos.c Examining data/gcx-1.3/src/gsc/decode_c.c Examining data/gcx-1.3/src/gsc/gsc.h Examining data/gcx-1.3/src/gsc/dispos.c Examining data/gcx-1.3/src/gsc/to_d.c Examining data/gcx-1.3/src/gsc/find_reg.c Examining data/gcx-1.3/src/gsc/get_head.c Examining data/gcx-1.3/src/gsc/prtgsc.c Examining data/gcx-1.3/src/tele_indi.c Examining data/gcx-1.3/src/camera_indi.c Examining data/gcx-1.3/src/synth.c Examining data/gcx-1.3/src/params.c Examining data/gcx-1.3/src/guide.h Examining data/gcx-1.3/src/starfile.c Examining data/gcx-1.3/src/recipygui.c Examining data/gcx-1.3/src/starlist.c Examining data/gcx-1.3/src/gui.h Examining data/gcx-1.3/src/demosaic.c Examining data/gcx-1.3/src/guidegui.c Examining data/gcx-1.3/src/wcs.h Examining data/gcx-1.3/src/nutation.h Examining data/gcx-1.3/src/interface.c Examining data/gcx-1.3/src/imadjust.c Examining data/gcx-1.3/src/initparams.c Examining data/gcx-1.3/src/tycho2.h Examining data/gcx-1.3/src/tele_indi.h Examining data/gcx-1.3/src/obslist.h Examining data/gcx-1.3/src/dsimplex.c Examining data/gcx-1.3/src/dsimplex.h Examining data/gcx-1.3/src/mbandgui.c Examining data/gcx-1.3/src/multiband.c Examining data/gcx-1.3/src/symbols.h Examining data/gcx-1.3/src/filegui.h Examining data/gcx-1.3/src/gcx.c Examining data/gcx-1.3/src/photometry.c Examining data/gcx-1.3/src/query.h Examining data/gcx-1.3/src/misc.c Examining data/gcx-1.3/src/dirname.c Examining data/gcx-1.3/src/common_indi.c Examining data/gcx-1.3/src/wcsedit.c Examining data/gcx-1.3/src/catalogs.h Examining data/gcx-1.3/src/camera_indi.h Examining data/gcx-1.3/src/sidereal_time.c Examining data/gcx-1.3/src/obslist.c Examining data/gcx-1.3/src/catalogs.c Examining data/gcx-1.3/src/reducegui.c Examining data/gcx-1.3/src/textgui.c Examining data/gcx-1.3/src/tycho2.c Examining data/gcx-1.3/src/showimage.c Examining data/gcx-1.3/src/sourcesdraw.h Examining data/gcx-1.3/src/demosaic.h Examining data/gcx-1.3/src/libindiclient/gtk/indisave.h Examining data/gcx-1.3/src/libindiclient/gtk/indigui.c Examining data/gcx-1.3/src/libindiclient/gtk/gtkled.c Examining data/gcx-1.3/src/libindiclient/gtk/indisave.c Examining data/gcx-1.3/src/libindiclient/gtk/indi_io.c Examining data/gcx-1.3/src/libindiclient/gtk/indi_config.c Examining data/gcx-1.3/src/libindiclient/gtk/indi_list.c Examining data/gcx-1.3/src/libindiclient/gtk/gtkled.h Examining data/gcx-1.3/src/libindiclient/base64.h Examining data/gcx-1.3/src/libindiclient/indi_io.h Examining data/gcx-1.3/src/libindiclient/lilxml.h Examining data/gcx-1.3/src/libindiclient/base64.c Examining data/gcx-1.3/src/libindiclient/lilxml.c Examining data/gcx-1.3/src/libindiclient/indi.h Examining data/gcx-1.3/src/libindiclient/indigui.h Examining data/gcx-1.3/src/libindiclient/indi_list.h Examining data/gcx-1.3/src/libindiclient/indi_config.h Examining data/gcx-1.3/src/libindiclient/indi.c Examining data/gcx-1.3/src/params.h Examining data/gcx-1.3/src/misc.h Examining data/gcx-1.3/src/multiband.h Examining data/gcx-1.3/src/psf.c Examining data/gcx-1.3/src/helpmsg.c Examining data/gcx-1.3/src/paramsgui.c Examining data/gcx-1.3/src/obsdata.c Examining data/gcx-1.3/src/query.c Examining data/gcx-1.3/src/libgen.h Examining data/gcx-1.3/src/gui.c Examining data/gcx-1.3/src/ccd/worldpos.c Examining data/gcx-1.3/src/ccd/aphot.c Examining data/gcx-1.3/src/ccd/errlog.c Examining data/gcx-1.3/src/ccd/dslr.h Examining data/gcx-1.3/src/ccd/use_dcraw.c Examining data/gcx-1.3/src/ccd/ccd_frame.c Examining data/gcx-1.3/src/ccd/ccd.h Examining data/gcx-1.3/src/ccd/edb.c Examining data/gcx-1.3/src/ccd/badpix.c Examining data/gcx-1.3/src/ccd/dslr.c Examining data/gcx-1.3/src/ccd/sources.c Examining data/gcx-1.3/src/ccd/recipy.c Examining data/gcx-1.3/src/ccd/warp.c Examining data/gcx-1.3/src/ccd/median.c Examining data/gcx-1.3/src/cameragui.c Examining data/gcx-1.3/src/guide.c Examining data/gcx-1.3/src/cameragui.h Examining data/gcx-1.3/src/reduce.h Examining data/gcx-1.3/src/obsdata.h Examining data/gcx-1.3/src/fwheel_indi.h Examining data/gcx-1.3/src/report.c Examining data/gcx-1.3/src/recipy.c Examining data/gcx-1.3/src/wcs.c Examining data/gcx-1.3/src/interface.h Examining data/gcx-1.3/src/plots.c Examining data/gcx-1.3/src/helpmsg.h Examining data/gcx-1.3/src/sourcesdraw.c Examining data/gcx-1.3/src/filegui.c Examining data/gcx-1.3/src/plots.h Examining data/gcx-1.3/src/basename.c Examining data/gcx-1.3/src/getline.h Examining data/gcx-1.3/src/psf.h Examining data/gcx-1.3/src/plate.c Examining data/gcx-1.3/src/mbandrep.c FINAL RESULTS: data/gcx-1.3/src/cameragui.c:186:2: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. snprintf(fn, 1023, AUTO_FILE_FORMAT, text, seq); data/gcx-1.3/src/catalogs.c:138:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(cats->name, tc[i].name); data/gcx-1.3/src/catalogs.c:422:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(ocats->name, cats->name); data/gcx-1.3/src/ccd/ccd_frame.c:899:9: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. fp = popen(cmd, "r"); data/gcx-1.3/src/ccd/ccd_frame.c:1097:13: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if (-1 == system(text)) data/gcx-1.3/src/ccd/ccd_frame.c:1390:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(lb, "%-8s= %-70s", kwd, val); data/gcx-1.3/src/ccd/ccd_frame.c:1449:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(lb, "HISTORY = %-70s", val); data/gcx-1.3/src/ccd/edb.c:134:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(cn, edbdir_default); data/gcx-1.3/src/ccd/edb.c:136:2: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(cn, catname); data/gcx-1.3/src/ccd/edb.c:172:4: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf(ln + off + 1, "%f,%f,%s", &magg, &epo, rst); data/gcx-1.3/src/ccd/edb.c:234:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(rename + 4, name + 3); data/gcx-1.3/src/ccd/edb.c:240:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(rename + 3, name + 2); data/gcx-1.3/src/ccd/edb.c:246:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(rename + 5, name + 4); data/gcx-1.3/src/ccd/edb.c:252:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(rename + 4, name + 3); data/gcx-1.3/src/ccd/edb.c:258:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(rename + 3, name + 3); data/gcx-1.3/src/ccd/edb.c:272:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(rename + 2, name + 1); data/gcx-1.3/src/ccd/edb.c:282:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(rename + 3, name + 2); data/gcx-1.3/src/ccd/edb.c:290:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(rename + 2, name + 1); data/gcx-1.3/src/ccd/errlog.c:47:8: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ret = vfprintf(stderr, fmt, ap); data/gcx-1.3/src/ccd/errlog.c:65:8: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ret = vsnprintf(lasterr_string, ERR_BUF_SIZE-1, fmt, ap2); data/gcx-1.3/src/ccd/errlog.c:68:8: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. ret = vfprintf(stderr, fmt, ap); data/gcx-1.3/src/ccd/recipy.c:171:52: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define v1_fprintf(fp, format, args...) if(verb&1) fprintf(fp, format, ## args) data/gcx-1.3/src/ccd/recipy.c:172:52: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define v2_fprintf(fp, format, args...) if(verb&2) fprintf(fp, format, ## args) data/gcx-1.3/src/ccd/recipy.c:405:9: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. ret = sscanf(val, "%s %s %f", ras, decs, &smag); data/gcx-1.3/src/ccd/recipy.c:455:9: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. ret = sscanf(val, "%s %s", ras, decs); data/gcx-1.3/src/ccd/recipy.c:607:4: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(fp, MAG_FORMAT, vs->s[i].aph.stdmag); data/gcx-1.3/src/ccd/recipy.c:610:5: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(fp, MAG_FORMAT, vs->s[i].aph.magerr); data/gcx-1.3/src/ccd/recipy.c:615:4: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(fp, MAG_FORMAT, vs->s[i].aph.absmag); data/gcx-1.3/src/ccd/recipy.c:618:5: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(fp, MAG_FORMAT, vs->s[i].aph.magerr); data/gcx-1.3/src/ccd/recipy.c:623:4: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(fp, FLUX_FORMAT, vs->s[i].aph.star); data/gcx-1.3/src/ccd/recipy.c:626:5: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(fp, FLUX_FORMAT, vs->s[i].aph.star_err); data/gcx-1.3/src/ccd/recipy.c:632:5: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(fp, MAG_FORMAT, vs->s[i].aph.residual); data/gcx-1.3/src/ccd/recipy.c:635:4: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(fp, FLUX_FORMAT, vs->s[i].aph.sky * vs->s[i].aph.star_all); data/gcx-1.3/src/ccd/recipy.c:638:5: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(fp, FLUX_FORMAT, data/gcx-1.3/src/ccd/use_dcraw.c:32:21: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. ret = WEXITSTATUS(system(cmd)); data/gcx-1.3/src/ccd/use_dcraw.c:202:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(timestr1, "\"%s\"", timestr); data/gcx-1.3/src/ccd/use_dcraw.c:228:12: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. handle = popen(cmd, "r"); data/gcx-1.3/src/ccd/use_dcraw.c:236:7: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. if (sscanf(line, "Timestamp: %s %s %d %s %d", daystr, month, &day, timestr, &year) ) data/gcx-1.3/src/ccd/use_dcraw.c:244:12: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. else if (sscanf(line, "Filter pattern: %s", cfa) ) { data/gcx-1.3/src/ccd/use_dcraw.c:280:12: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. handle = popen(cmd, "r"); data/gcx-1.3/src/ccd/worldpos.c:694:4: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(lb, fbuf, d1, d2, d3, d4); data/gcx-1.3/src/ccd/worldpos.c:709:4: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(lb, fbuf, d1, d2, d3, d4); data/gcx-1.3/src/filegui.c:132:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(fne, fn); data/gcx-1.3/src/filegui.c:135:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(fne, fn); data/gcx-1.3/src/filegui.c:138:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(fne+i+1, ext); data/gcx-1.3/src/filegui.c:165:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(fne+i+1, ext); data/gcx-1.3/src/filegui.c:168:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(fne, fn); data/gcx-1.3/src/filegui.c:171:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(fne+i+1, ext); data/gcx-1.3/src/filegui.c:327:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(objf, obj); data/gcx-1.3/src/filegui.c:355:11: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. rfn = popen(cmd, "r"); data/gcx-1.3/src/filegui.c:433:10: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. rfn = popen(cmd, "r"); data/gcx-1.3/src/gsc/embgsc.c:428:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(path, GSCDAT); data/gcx-1.3/src/gsc/embgsc.c:453:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(path, GSCBIN), strcat(path, REGBIN); data/gcx-1.3/src/gsc/embgsc.c:453:24: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcpy(path, GSCBIN), strcat(path, REGBIN); data/gcx-1.3/src/gsc/embgsc.c:458:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(path, GSCBIN), strcat(path, REGIND); data/gcx-1.3/src/gsc/embgsc.c:458:24: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcpy(path, GSCBIN), strcat(path, REGIND); data/gcx-1.3/src/gsc/find_reg.c:32:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(region,"%s/%s/%04d.gsc", data/gcx-1.3/src/gsc/prtgsc.c:77:3: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(line,form3,r->reg,r->id,sa1,sd1, data/gcx-1.3/src/gsc/prtgsc.c:84:3: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(line,form2,r->reg,r->id,r->ra,r->dec, data/gcx-1.3/src/gsc/prtgsc.c:98:3: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(line,form1,r->reg,r->id,sa1,sd1, data/gcx-1.3/src/gsc/prtgsc.c:102:3: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(line,form11,r->reg,r->id,sa1,sd1, data/gcx-1.3/src/gsc/prtgsc.c:106:3: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(line,form31,r->reg,r->id,sa1,sd1, data/gcx-1.3/src/gsc/prtgsc.c:116:3: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(line,form0,r->reg,r->id,r->ra,r->dec, data/gcx-1.3/src/gsc/prtgsc.c:120:3: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(line,form10,r->reg,r->id,r->ra,r->dec, data/gcx-1.3/src/gsc/prtgsc.c:124:3: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(line,form30,r->reg,r->id,r->ra,r->dec, data/gcx-1.3/src/gsc/prtgsc.c:129:13: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. if (r) sprintf(line,formol, r->reg,r->id,r->ra,r->dec, data/gcx-1.3/src/gui.c:190:8: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ret = vsnprintf(err_string, ERR_SIZE, fmt, ap2); data/gcx-1.3/src/gui.c:217:8: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ret = vsnprintf(err_string, ERR_SIZE, fmt, ap2); data/gcx-1.3/src/initparams.c:168:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(P_STR(p), val); data/gcx-1.3/src/initparams.c:171:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(PAR(p)->defval.s, val); data/gcx-1.3/src/libindiclient/indi.c:45:35: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define dbg_printf if(INDI_DEBUG) printf data/gcx-1.3/src/libindiclient/indi.c:264:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(msg, "<enableBLOB device=\"%s\">%s</enableBLOB>\n", idev->name, state ? "Also" : "Never"); data/gcx-1.3/src/libindiclient/indi.c:317:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. ptr += sprintf(msg, "<new%sVector device=\"%s\" name=\"%s\">\n", type, idev->name, iprop->name); data/gcx-1.3/src/libindiclient/indi.c:332:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(val, "%s", elem->value.set ? "On" : "Off"); data/gcx-1.3/src/libindiclient/indi.c:337:10: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. ptr += sprintf(ptr, " <one%s name=\"%s\">%s</one%s>\n", type, elem->name, valstr, type); data/gcx-1.3/src/libindiclient/indi.c:339:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. ptr += sprintf(ptr, "</new%sVector>\n", type); data/gcx-1.3/src/libindiclient/lilxml.c:526:8: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sl += sprintf (s+sl, "%*s<%s", indent, "", ep->tag.s); data/gcx-1.3/src/libindiclient/lilxml.c:528:12: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sl += sprintf (s+sl, " %s=\"%s\"", ep->at[i]->name.s, data/gcx-1.3/src/libindiclient/lilxml.c:539:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sl += sprintf (s+sl, "%s", entityXML(ep->pcdata.s)); data/gcx-1.3/src/libindiclient/lilxml.c:541:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (s+sl, ep->pcdata.s); data/gcx-1.3/src/libindiclient/lilxml.c:548:12: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sl += sprintf (s+sl, "%*s</%s>\n", indent, "", ep->tag.s); data/gcx-1.3/src/libindiclient/lilxml.c:763:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (errmsg, "Line %d: No value for attribute %s", lp->ln, data/gcx-1.3/src/libindiclient/lilxml.c:864:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (errmsg,"Line %d: closing tag %s does not match %s", data/gcx-1.3/src/libindiclient/lilxml.c:1010:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (&sp->s[sp->sl], str); data/gcx-1.3/src/mbandgui.c:91:8: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. ret = vsnprintf(err_string, ERR_SIZE, fmt, ap2); data/gcx-1.3/src/mbandrep.c:179:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(line+62, "%s ", P_STR(OBS_OBSERVER_CODE)); data/gcx-1.3/src/obsdata.c:214:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(lb, "'%s'", deg); data/gcx-1.3/src/obsdata.c:218:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(lb, "'%s'", deg); data/gcx-1.3/src/obsdata.c:232:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(lb, "'%s'", deg); data/gcx-1.3/src/obsdata.c:236:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(lb, "'%s'", deg); data/gcx-1.3/src/obsdata.c:259:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(lb, "'%s'", deg); data/gcx-1.3/src/obsdata.c:263:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(lb, "'%s' ", deg); data/gcx-1.3/src/obsdata.c:753:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(lb, "'%s'", deg); data/gcx-1.3/src/obsdata.c:757:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(lb, "'%s'", deg); data/gcx-1.3/src/params.c:257:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(P_STR(p), text); data/gcx-1.3/src/params.c:270:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(PAR(p)->defval.s, text); data/gcx-1.3/src/params.c:413:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(npath, "%s.%s", path, PAR(p)->name); data/gcx-1.3/src/paramsgui.c:59:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s (changes)", PAR(p)->comment); data/gcx-1.3/src/paramsgui.c:61:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buf, "%s", PAR(p)->comment); data/gcx-1.3/src/photometry.c:659:10: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. plfp = popen(P_STR(FILE_GNUPLOT), "w"); data/gcx-1.3/src/plots.c:58:10: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. plfp = popen(P_STR(FILE_GNUPLOT), "w"); data/gcx-1.3/src/query.c:607:7: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. vq = popen(cmd, "r"); data/gcx-1.3/src/recipy.c:545:9: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. ret = sscanf(line, "%s %s %s", id, ras, decs); data/gcx-1.3/src/recipy.c:717:9: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. ret = sscanf(line, "%s %f %f %f %f", id, &ra, &raerr, &dec, &decerr); data/gcx-1.3/src/staredit.c:220:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(cats->comments, ncom); data/gcx-1.3/src/staredit.c:227:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(nc + cl, ncom); data/gcx-1.3/src/cameragui.c:208:31: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. dr = amount / 60.0 * (1.0 * random() / RAND_MAX - 0.5); data/gcx-1.3/src/cameragui.c:209:31: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. dd = amount / 60.0 * (1.0 * random() / RAND_MAX - 0.5); data/gcx-1.3/src/ccd/edb.c:125:7: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. e = getenv("CX_EDB_DIR"); data/gcx-1.3/src/gcx.c:657:15: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((oc = getopt_long(ac, av, shortopts, longopts, NULL)) > 0) { data/gcx-1.3/src/gsc/embgsc.c:418:12: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. GSCDAT = getenv("GSCDAT") ; data/gcx-1.3/src/gsc/embgsc.c:426:11: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. GSCBIN = getenv("GSCBIN"); data/gcx-1.3/src/report.c:282:2: [3] (random) srandom: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srandom(time(NULL)); data/gcx-1.3/src/basename.c:38:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char bname[MAXPATHLEN]; data/gcx-1.3/src/cameragui.c:102:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[20]; data/gcx-1.3/src/cameragui.c:111:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%.1f", fvalue); data/gcx-1.3/src/cameragui.c:120:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/gcx-1.3/src/cameragui.c:135:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%dx%d", binx, biny); data/gcx-1.3/src/cameragui.c:171:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mb[1024]; data/gcx-1.3/src/cameragui.c:173:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fn[1024]; data/gcx-1.3/src/cameragui.c:205:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[128]; data/gcx-1.3/src/cameragui.c:230:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mb[1024]; data/gcx-1.3/src/cameragui.c:255:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(mb, "%d", seq); data/gcx-1.3/src/cameragui.c:306:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[128]; data/gcx-1.3/src/cameragui.c:490:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/gcx-1.3/src/cameragui.c:518:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[256]; data/gcx-1.3/src/cameragui.c:558:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[128]; data/gcx-1.3/src/cameragui.c:702:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[64]; data/gcx-1.3/src/cameragui.c:744:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[512]; data/gcx-1.3/src/catalogs.c:120:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tc[j].name, "%04d-%04d", regs[i], ids[i]); data/gcx-1.3/src/catalogs.c:250:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(cats->name, "%04d-%04d", r, s); data/gcx-1.3/src/catalogs.c:652:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ncats, cats, sizeof(struct cat_star)); data/gcx-1.3/src/catalogs.c:1038:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). inf = fopen(fn, "r"); data/gcx-1.3/src/catalogs.c:1063:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/gcx-1.3/src/catalogs.c:1064:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathc[1024]; data/gcx-1.3/src/catalogs.c:1100:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). inf = fopen(fn, "r"); data/gcx-1.3/src/catalogs.c:1164:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/gcx-1.3/src/catalogs.c:1165:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathc[1024]; data/gcx-1.3/src/catalogs.h:106:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[CAT_STAR_NAME_SZ+1]; /* designation for the star */ data/gcx-1.3/src/ccd/badpix.c:139:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lb[81]; data/gcx-1.3/src/ccd/badpix.c:146:3: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(lb, ".badpix"); data/gcx-1.3/src/ccd/badpix.c:148:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(lb, "w"); data/gcx-1.3/src/ccd/badpix.c:170:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lb[81]; data/gcx-1.3/src/ccd/badpix.c:178:3: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(lb, ".badpix"); data/gcx-1.3/src/ccd/badpix.c:180:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(lb, "r"); data/gcx-1.3/src/ccd/ccd.h:54:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. typedef char FITS_row[FITS_HCOLS]; data/gcx-1.3/src/ccd/ccd.h:260:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[256]; // name of frame data/gcx-1.3/src/ccd/ccd.h:435:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char objname[RECIPY_TEXT+1]; data/gcx-1.3/src/ccd/ccd.h:436:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char chart[RECIPY_TEXT+1]; data/gcx-1.3/src/ccd/ccd.h:437:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char frame[RECIPY_TEXT+1]; data/gcx-1.3/src/ccd/ccd.h:438:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char repstar[RECIPY_TEXT+1]; // format of star report data/gcx-1.3/src/ccd/ccd.h:439:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char repinfo[RECIPY_TEXT+1]; // format of file info report data/gcx-1.3/src/ccd/ccd_frame.c:79:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dpo, dpi, all * fr->pix_size); data/gcx-1.3/src/ccd/ccd_frame.c:155:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(hd, fr, sizeof(struct ccd_frame) ); data/gcx-1.3/src/ccd/ccd_frame.c:165:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(var, hd->var, hd->nvar * sizeof(FITS_row)); data/gcx-1.3/src/ccd/ccd_frame.c:477:2: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(fn, ".fits"); data/gcx-1.3/src/ccd/ccd_frame.c:558:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ptr, mem->ptr, size); data/gcx-1.3/src/ccd/ccd_frame.c:611:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lb[FITS_HCOLS + 1]; data/gcx-1.3/src/ccd/ccd_frame.c:671:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cp + hd->nvar, lb, FITS_HCOLS); data/gcx-1.3/src/ccd/ccd_frame.c:761:21: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. d = ((unsigned char *)v)[i] * bs; data/gcx-1.3/src/ccd/ccd_frame.c:763:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. d = ((char *)v)[i] * bs + bz; data/gcx-1.3/src/ccd/ccd_frame.c:862:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fn[MAX_FILENAME + 1]; data/gcx-1.3/src/ccd/ccd_frame.c:872:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(fn, "r"); data/gcx-1.3/src/ccd/ccd_frame.c:886:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fn[MAX_FILENAME + 1]; data/gcx-1.3/src/ccd/ccd_frame.c:907:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(fn, "r"); data/gcx-1.3/src/ccd/ccd_frame.c:936:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lb[MAX_FILENAME]; data/gcx-1.3/src/ccd/ccd_frame.c:954:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(lb, "w"); data/gcx-1.3/src/ccd/ccd_frame.c:1084:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lb[MAX_FILENAME]; data/gcx-1.3/src/ccd/ccd_frame.c:1380:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lb[81]; data/gcx-1.3/src/ccd/ccd_frame.c:1393:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(v1, lb, sizeof(FITS_row)); data/gcx-1.3/src/ccd/ccd_frame.c:1401:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fr->nvar + v1, lb, FITS_HCOLS); data/gcx-1.3/src/ccd/ccd_frame.c:1422:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(v1, v1 + 1, FITS_HCOLS * (fr->nvar + fr->var - v1)); data/gcx-1.3/src/ccd/ccd_frame.c:1441:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lb[81]; data/gcx-1.3/src/ccd/ccd_frame.c:1457:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fr->nvar + v1, lb, FITS_HCOLS); data/gcx-1.3/src/ccd/ccd_frame.c:1580:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char vs[FITS_HCOLS+1]; data/gcx-1.3/src/ccd/ccd_frame.c:1588:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(vs, row, FITS_HCOLS); data/gcx-1.3/src/ccd/ccd_frame.c:1650:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dms[FITS_HCOLS]; data/gcx-1.3/src/ccd/dslr.c:700:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char datetime[21]; data/gcx-1.3/src/ccd/dslr.c:837:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char strbuf[64]; data/gcx-1.3/src/ccd/dslr.c:1121:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char datetime[21]; data/gcx-1.3/src/ccd/dslr.c:1330:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char strbuf[64]; data/gcx-1.3/src/ccd/dslr.c:1584:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). raw.fd = open(filename, O_RDONLY); data/gcx-1.3/src/ccd/dslr.c:1599:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[80]; data/gcx-1.3/src/ccd/dslr.c:1649:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[80]; data/gcx-1.3/src/ccd/dslr.c:1652:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(str, "\"RGGB\""); data/gcx-1.3/src/ccd/dslr.c:1660:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, "\"%6.4f,%6.4f,%6.4f,%6.4f\"", data/gcx-1.3/src/ccd/edb.c:49:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[200]; data/gcx-1.3/src/ccd/edb.c:55:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char constell[100][4] = { data/gcx-1.3/src/ccd/edb.c:112:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cn[200]; data/gcx-1.3/src/ccd/edb.c:113:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ln[300]; data/gcx-1.3/src/ccd/edb.c:116:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rst[100]; data/gcx-1.3/src/ccd/edb.c:138:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). caf = fopen(cn, "r"); data/gcx-1.3/src/ccd/edb.c:214:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[40]; data/gcx-1.3/src/ccd/edb.c:215:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rename[40]; data/gcx-1.3/src/ccd/edb.c:233:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(rename, "NGC "); data/gcx-1.3/src/ccd/edb.c:239:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(rename, "IC "); data/gcx-1.3/src/ccd/edb.c:245:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(rename, "UGCA "); data/gcx-1.3/src/ccd/edb.c:251:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(rename, "UGC "); data/gcx-1.3/src/ccd/edb.c:257:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(rename, "SAO "); data/gcx-1.3/src/ccd/errlog.c:36:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char lasterr_string[ERR_BUF_SIZE]; data/gcx-1.3/src/ccd/recipy.c:48:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sym[RECSYM_SIZE]; data/gcx-1.3/src/ccd/recipy.c:165:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(vs->repinfo, "ftns"); data/gcx-1.3/src/ccd/recipy.c:179:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ras[64]; data/gcx-1.3/src/ccd/recipy.c:180:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char decs[64]; data/gcx-1.3/src/ccd/recipy.c:393:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ras[64]; data/gcx-1.3/src/ccd/recipy.c:394:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char decs[64]; data/gcx-1.3/src/ccd/recipy.c:443:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ras[64]; data/gcx-1.3/src/ccd/recipy.c:444:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char decs[64]; data/gcx-1.3/src/ccd/recipy.c:487:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lb[RECIPY_TEXT + RECSYM_SIZE + 1]; data/gcx-1.3/src/ccd/sources.c:532:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(src->s + src->ns, s, sizeof(struct star)); data/gcx-1.3/src/ccd/sources.c:552:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&src->s[i+1], &src->s[i], sizeof(struct star)); data/gcx-1.3/src/ccd/sources.c:556:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&src->s[pos], s, sizeof(struct star)); data/gcx-1.3/src/ccd/sources.c:571:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&src->s[i], s, sizeof(struct star)); data/gcx-1.3/src/ccd/use_dcraw.c:63:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[80]; data/gcx-1.3/src/ccd/use_dcraw.c:82:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). return( atoi( buf ) ); data/gcx-1.3/src/ccd/use_dcraw.c:182:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mon_map[12][3] = { data/gcx-1.3/src/ccd/use_dcraw.c:188:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char date[15], timestr1[15]; data/gcx-1.3/src/ccd/use_dcraw.c:201:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(date, "\"%04d/%02d/%02d\"", year, mon, day); data/gcx-1.3/src/ccd/use_dcraw.c:210:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char strbuf[64]; data/gcx-1.3/src/ccd/use_dcraw.c:221:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[256], cfa[80]; data/gcx-1.3/src/ccd/use_dcraw.c:222:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *cmd, timestr[10], month[10], daystr[10]; data/gcx-1.3/src/ccd/warp.c:276:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dpo, dpi, all * fr->pix_size); data/gcx-1.3/src/ccd/worldpos.c:181:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char ctypes[8][5] ={"-SIN","-TAN","-ARC","-NCP", "-GLS", "-MER", data/gcx-1.3/src/ccd/worldpos.c:388:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char ctypes[8][5] ={"-SIN","-TAN","-ARC","-NCP", "-GLS", "-MER", data/gcx-1.3/src/ccd/worldpos.c:669:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fbuf[32]; data/gcx-1.3/src/ccd/worldpos.c:689:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(lb, "%02d:%02d:%02d", d1, d2, d3); data/gcx-1.3/src/ccd/worldpos.c:693:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(fbuf, "%%02d:%%02d:%%02d.%%0%dd", prec); data/gcx-1.3/src/ccd/worldpos.c:704:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(lb, "-%02d:%02d:%02d", d1, d2, d3); data/gcx-1.3/src/ccd/worldpos.c:708:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(fbuf, "-%%02d:%%02d:%%02d.%%0%dd", prec); data/gcx-1.3/src/common_indi.h:16:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[20]; \ data/gcx-1.3/src/demosaic.c:199:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char direction[4]; //any pair can be a part of at most 4 gradients data/gcx-1.3/src/demosaic.c:375:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(rgb_data[c] + (row-2) * fr->w + 2, queue[c][0] + 2, (fr->w - 4) * sizeof(float)); data/gcx-1.3/src/demosaic.c:381:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(rgb_data[c] + (row - 2) * fr->w +2, queue[c][0] + 2, (fr->w - 4) * sizeof(float)); data/gcx-1.3/src/demosaic.c:382:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(rgb_data[c] + (row - 1) * fr->w +2, queue[c][2] + 2, (fr->w - 4) * sizeof(float)); data/gcx-1.3/src/dirname.c:39:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char bname[MAXPATHLEN]; data/gcx-1.3/src/filegui.c:62:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file_filter[FILE_FILTER_SZ+1]; data/gcx-1.3/src/filegui.c:164:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fne, fn, i+1); data/gcx-1.3/src/filegui.c:304:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char obj[81]; data/gcx-1.3/src/filegui.c:305:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char objf[81]; data/gcx-1.3/src/filegui.c:328:4: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(objf, ".rcp"); data/gcx-1.3/src/filegui.c:360:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). rfn = fopen(name, "r"); data/gcx-1.3/src/filegui.c:438:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). rfn = fopen(name, "r"); data/gcx-1.3/src/filegui.c:816:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/gcx-1.3/src/filegui.c:817:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pathc[1024]; data/gcx-1.3/src/filegui.c:874:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(gl.gl_pathv[0], mode); data/gcx-1.3/src/gcx.c:89:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(fn, "r"); data/gcx-1.3/src/gcx.c:103:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(fn, "w"); data/gcx-1.3/src/gcx.c:158:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). infp = fopen(rcf, "r"); data/gcx-1.3/src/gcx.c:166:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). outfp = fopen(outf, "w"); data/gcx-1.3/src/gcx.c:206:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). infp = fopen(rcf, "r"); data/gcx-1.3/src/gcx.c:214:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). outfp = fopen(outf, "w"); data/gcx-1.3/src/gcx.c:255:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). infp = fopen(rcf, "r"); data/gcx-1.3/src/gcx.c:263:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). outfp = fopen(outf, "w"); data/gcx-1.3/src/gcx.c:293:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). infp = fopen(rcf, "r"); data/gcx-1.3/src/gcx.c:303:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). mfp = fopen(mergef, "r"); data/gcx-1.3/src/gcx.c:313:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). outfp = fopen(outf, "w"); data/gcx-1.3/src/gcx.c:333:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). infp = fopen(rcf, "r"); data/gcx-1.3/src/gcx.c:343:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). outfp = fopen(outf, "w"); data/gcx-1.3/src/gcx.c:364:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). outfp = fopen(outf, "w"); data/gcx-1.3/src/gcx.c:392:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). outfp = fopen(outf, "w"); data/gcx-1.3/src/gcx.c:400:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). infp = fopen(mband, "r"); data/gcx-1.3/src/gcx.c:457:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). of = fopen(outf, "w"); data/gcx-1.3/src/gcx.c:473:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). of = fopen(outf, "w"); data/gcx-1.3/src/gcx.c:553:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char repf[1024]=""; /* report file to be converted */ data/gcx-1.3/src/gcx.c:554:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rf[1024]=""; /* recipe file to load */ data/gcx-1.3/src/gcx.c:555:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ldf[1024]=""; /* landolt table file to be converted */ data/gcx-1.3/src/gcx.c:556:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rcf[1024]=""; /* recipe file to be converted */ data/gcx-1.3/src/gcx.c:557:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char outf[1024]=""; /* outfile */ data/gcx-1.3/src/gcx.c:558:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char of[1024]=""; /* obsfile */ data/gcx-1.3/src/gcx.c:559:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char obj[1024] = ""; /* object */ data/gcx-1.3/src/gcx.c:560:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mband[1024] = ""; /* argument to mband */ data/gcx-1.3/src/gcx.c:561:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char badpixf[1024] = ""; /* dark for badpix extraction */ data/gcx-1.3/src/gcx.c:574:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char extrf[1024]=""; /* frame we extract targets from */ data/gcx-1.3/src/gcx.c:575:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mergef[1024] = ""; /* rcp we merge stars from */ data/gcx-1.3/src/gcx.c:576:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tobj[1024] = ""; /* object we set as target in the rcp */ data/gcx-1.3/src/gcx.c:945:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). outfp = fopen(outf, "w"); data/gcx-1.3/src/gcx.c:1088:20: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). output_file = fopen(outf, "a"); data/gcx-1.3/src/gcx.h:44:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char telescop[OBSCOLS+1]; // telescope name data/gcx-1.3/src/gcx.h:45:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char focus[OBSCOLS+1]; // focus designation data/gcx-1.3/src/gcx.h:46:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filter[OBSCOLS+1]; // filter used data/gcx-1.3/src/gcx.h:47:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char object[OBSCOLS+1]; // object targeted data/gcx-1.3/src/gsc/dtos.c:35:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(string,"%c%02d %02d %06.3f",sign,h,m,s); data/gcx-1.3/src/gsc/dtos.c:37:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(string,"%c%02d %02d %04.1f",sign,h,m,s); data/gcx-1.3/src/gsc/dtos.c:39:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(string,"%c%02d %02d %02.0f",sign,h,m,s); data/gcx-1.3/src/gsc/dtos.c:41:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(string,"%c%02d %04.1f",sign,h,md); data/gcx-1.3/src/gsc/dtos.c:43:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(string,"%c%02d %02d %05.2f",sign,h,m,s); data/gcx-1.3/src/gsc/embgsc.c:388:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[256], *s, region[256], path[256]; data/gcx-1.3/src/gsc/embgsc.c:429:3: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat(path, "/bin"); data/gcx-1.3/src/gsc/embgsc.c:455:5: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fz=open(path, O_BINARY); data/gcx-1.3/src/gsc/embgsc.c:460:5: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f2=open(path, O_BINARY); data/gcx-1.3/src/gsc/embgsc.c:623:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fr = open(region,O_BINARY); data/gcx-1.3/src/gsc/get_head.c:19:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char ww[512]; data/gcx-1.3/src/gsc/get_head.c:29:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). lheader = atoi(w); data/gcx-1.3/src/gsc/get_head.c:37:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). h->vers = atoi(w); data/gcx-1.3/src/gsc/get_head.c:39:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). h->region = atoi(w); data/gcx-1.3/src/gsc/get_head.c:41:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). h->nobj = atoi(w); data/gcx-1.3/src/gsc/get_head.c:61:11: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). h->npl = atoi(w); data/gcx-1.3/src/gsc/gsc.h:44:9: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). #define atol atoi data/gcx-1.3/src/gsc/gsc.h:44:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). #define atol atoi data/gcx-1.3/src/gsc/gsc.h:68:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char plate[5],mu; data/gcx-1.3/src/gsc/prtgsc.c:49:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char line[256]; data/gcx-1.3/src/gsc/prtgsc.c:55:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sa1[20],sd1[20], epa[12]; data/gcx-1.3/src/gsc/prtgsc.c:63:41: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. if (r->epoch) ep = 2000.+r->epoch, sprintf(epa, "%9.3f", ep); data/gcx-1.3/src/gsc/prtgsc.c:64:11: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. else strcpy(epa, " ........"); data/gcx-1.3/src/gui.c:180:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char err_string[ERR_SIZE+1]; data/gcx-1.3/src/gui.c:207:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char err_string[ERR_SIZE+1]; data/gcx-1.3/src/imadjust.c:524:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[180]; data/gcx-1.3/src/imadjust.c:554:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "[%d,%d]=%.1f (%.1f, %.1f, %.1f) Region: Avg:%.0f Sigma:%.1f Min:%.0f Max:%.0f", data/gcx-1.3/src/imadjust.c:561:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "[%d,%d]=%.1f Region: Avg:%.0f Sigma:%.1f Min:%.0f Max:%.0f", data/gcx-1.3/src/imadjust.c:567:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "Pixel [%d,%d]=%.1f", data/gcx-1.3/src/imadjust.c:570:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "Pixel [%d,%d] unknown format", xi, yi); data/gcx-1.3/src/imadjust.c:580:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[180]; data/gcx-1.3/src/imadjust.c:599:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, " Z:%.2f Lcut:%.0f Hcut:%.0f", data/gcx-1.3/src/libindiclient/gtk/gtkled.c:35:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(xpm[ 0], "17 17 5 1"); data/gcx-1.3/src/libindiclient/gtk/gtkled.c:36:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(xpm[ 1], " c None"); data/gcx-1.3/src/libindiclient/gtk/gtkled.c:37:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(xpm[ 2], "- c #C0C0C0"); data/gcx-1.3/src/libindiclient/gtk/gtkled.c:38:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(xpm[ 3], "_ c #F8F8F8"); data/gcx-1.3/src/libindiclient/gtk/gtkled.c:39:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(xpm[ 4], "* c #FFFFFF"); data/gcx-1.3/src/libindiclient/gtk/gtkled.c:40:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(xpm[5], "X c #%02X%02X%02X", data/gcx-1.3/src/libindiclient/gtk/gtkled.c:44:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(xpm[ 6], " ----- "); data/gcx-1.3/src/libindiclient/gtk/gtkled.c:45:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(xpm[ 7], " --------- "); data/gcx-1.3/src/libindiclient/gtk/gtkled.c:46:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(xpm[ 8], " ----------- "); data/gcx-1.3/src/libindiclient/gtk/gtkled.c:47:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(xpm[ 9], " -----XXX----_ "); data/gcx-1.3/src/libindiclient/gtk/gtkled.c:48:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(xpm[10], " ----XX**XXX-___ "); data/gcx-1.3/src/libindiclient/gtk/gtkled.c:49:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(xpm[11], " ---X***XXXXX___ "); data/gcx-1.3/src/libindiclient/gtk/gtkled.c:50:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(xpm[12], "----X**XXXXXX____"); data/gcx-1.3/src/libindiclient/gtk/gtkled.c:51:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(xpm[13], "---X**XXXXXXXX___"); data/gcx-1.3/src/libindiclient/gtk/gtkled.c:52:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(xpm[14], "---XXXXXXXXXXX___"); data/gcx-1.3/src/libindiclient/gtk/gtkled.c:53:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(xpm[15], "---XXXXXXXXXXX___"); data/gcx-1.3/src/libindiclient/gtk/gtkled.c:54:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(xpm[16], "----XXXXXXXXX____"); data/gcx-1.3/src/libindiclient/gtk/gtkled.c:55:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(xpm[17], " ---XXXXXXXXX___ "); data/gcx-1.3/src/libindiclient/gtk/gtkled.c:56:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(xpm[18], " ---_XXXXXXX____ "); data/gcx-1.3/src/libindiclient/gtk/gtkled.c:57:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(xpm[19], " _____XXX_____ "); data/gcx-1.3/src/libindiclient/gtk/gtkled.c:58:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(xpm[20], " ___________ "); data/gcx-1.3/src/libindiclient/gtk/gtkled.c:59:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(xpm[21], " _________ "); data/gcx-1.3/src/libindiclient/gtk/gtkled.c:60:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(xpm[22], " _____ "); data/gcx-1.3/src/libindiclient/gtk/indi_config.c:97:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char num[20]; data/gcx-1.3/src/libindiclient/gtk/indi_config.c:120:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(num, "%f", ielem->value.num.value); data/gcx-1.3/src/libindiclient/gtk/indigui.c:107:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char val[80]; data/gcx-1.3/src/libindiclient/gtk/indigui.c:124:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(val, "%f", elem->value.num.value); data/gcx-1.3/src/libindiclient/gtk/indigui.c:161:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char timestr[30]; data/gcx-1.3/src/libindiclient/gtk/indigui.c:365:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char val[80]; data/gcx-1.3/src/libindiclient/gtk/indigui.c:376:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(val, "%f", elem->value.num.value); data/gcx-1.3/src/libindiclient/indi.c:58:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char indi_state[4][6] = { data/gcx-1.3/src/libindiclient/indi.c:65:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char indi_prop_type[6][8] = { data/gcx-1.3/src/libindiclient/indi.c:261:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[1024]; data/gcx-1.3/src/libindiclient/indi.c:309:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[4096], *ptr = msg; data/gcx-1.3/src/libindiclient/indi.c:310:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char val[80]; data/gcx-1.3/src/libindiclient/indi.c:328:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(val, "%f", elem->value.num.value); data/gcx-1.3/src/libindiclient/indi.c:644:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[4096]; data/gcx-1.3/src/libindiclient/indi.c:645:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errmsg[1024]; data/gcx-1.3/src/libindiclient/indi.c:675:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[1024]; data/gcx-1.3/src/libindiclient/indi.c:689:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(msg, "<getProperties version='%g'/>\n", INDIV); data/gcx-1.3/src/libindiclient/indi.h:47:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[80]; data/gcx-1.3/src/libindiclient/indi.h:48:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char label[80]; data/gcx-1.3/src/libindiclient/indi.h:50:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[80]; data/gcx-1.3/src/libindiclient/indi.h:57:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fmt[10]; data/gcx-1.3/src/libindiclient/indi.h:69:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fmt[40]; data/gcx-1.3/src/libindiclient/indi.h:88:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[80]; data/gcx-1.3/src/libindiclient/indi.h:89:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char message[256]; data/gcx-1.3/src/libindiclient/indi.h:103:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[80]; data/gcx-1.3/src/libindiclient/indi.h:112:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char devname[80]; data/gcx-1.3/src/libindiclient/lilxml.c:211:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (errmsg, "Line %d: early XML EOF", lp->ln); data/gcx-1.3/src/libindiclient/lilxml.c:531:12: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sl += sprintf (s+sl, ">\n"); data/gcx-1.3/src/libindiclient/lilxml.c:537:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sl += sprintf (s+sl, ">\n"); data/gcx-1.3/src/libindiclient/lilxml.c:550:12: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sl += sprintf (s+sl, "/>\n"); data/gcx-1.3/src/libindiclient/lilxml.c:611:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (malbuf+nmalbuf, s, nnew); data/gcx-1.3/src/libindiclient/lilxml.c:617:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. nmalbuf += sprintf (malbuf+nmalbuf, "&"); data/gcx-1.3/src/libindiclient/lilxml.c:620:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. nmalbuf += sprintf (malbuf+nmalbuf, "<"); data/gcx-1.3/src/libindiclient/lilxml.c:623:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. nmalbuf += sprintf (malbuf+nmalbuf, ">"); data/gcx-1.3/src/libindiclient/lilxml.c:626:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. nmalbuf += sprintf (malbuf+nmalbuf, "'"); data/gcx-1.3/src/libindiclient/lilxml.c:629:14: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. nmalbuf += sprintf (malbuf+nmalbuf, """); data/gcx-1.3/src/libindiclient/lilxml.c:647:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (malbuf+nmalbuf, s, nleft); data/gcx-1.3/src/libindiclient/lilxml.c:703:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (errmsg, "Line %d: Bogus tag char %c", lp->ln, c); data/gcx-1.3/src/libindiclient/lilxml.c:729:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (errmsg, "Line %d: Bogus leading attr name char: %c", data/gcx-1.3/src/libindiclient/lilxml.c:742:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (errmsg, "Line %d: Bogus char %c before >", lp->ln, c); data/gcx-1.3/src/libindiclient/lilxml.c:753:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (errmsg, "Line %d: Bogus attr name char: %c", lp->ln,c); data/gcx-1.3/src/libindiclient/lilxml.c:854:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (errmsg, "Line %d: Bogus preend tag char %c", lp->ln,c); data/gcx-1.3/src/libindiclient/lilxml.c:873:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (errmsg, "Line %d: Bogus end tag char %c", lp->ln, c); data/gcx-1.3/src/libindiclient/lilxml.c:1047:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errmsg[1024]; data/gcx-1.3/src/mbandgui.c:82:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char err_string[ERR_SIZE+1]; data/gcx-1.3/src/mbandgui.c:117:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char qu[1024]; data/gcx-1.3/src/mbandgui.c:133:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((repfp = fopen(fn, "r")) != NULL) { /* file exists */ data/gcx-1.3/src/mbandgui.c:143:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). repfp = fopen(fn, "a"); data/gcx-1.3/src/mbandgui.c:487:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char c[50 * 10]; data/gcx-1.3/src/mbandgui.c:785:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char c[50 * 10]; data/gcx-1.3/src/mbandgui.c:899:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char c[50 * 15]; data/gcx-1.3/src/mbandgui.c:906:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(c+50, "Std"); data/gcx-1.3/src/mbandgui.c:909:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(c+50, "Tgt"); data/gcx-1.3/src/mbandgui.c:912:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(c+50, "Obj"); data/gcx-1.3/src/mbandgui.c:915:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(c+50, "Field"); data/gcx-1.3/src/mbandgui.c:1065:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). inf = fopen(fn, "r"); data/gcx-1.3/src/mbandrep.c:50:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char constell[100][4] = { data/gcx-1.3/src/mbandrep.c:77:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[256]; data/gcx-1.3/src/mbandrep.c:118:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[256]; data/gcx-1.3/src/mbandrep.c:122:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char des[64]; data/gcx-1.3/src/mbandrep.c:159:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(line+18, "%12.4f ", mjd_to_jd(sob->ofr->mjd)); data/gcx-1.3/src/mbandrep.c:162:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(line+31, "%5.2fK ", sob->mag); data/gcx-1.3/src/mbandrep.c:166:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(line+30, "<%5.2fK ", sob->ofr->lmag); data/gcx-1.3/src/mbandrep.c:169:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(line+38, "CCD%c ", toupper(sob->ofr->trans->bname[0])); data/gcx-1.3/src/mbandrep.c:172:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(line+43, "%.0f ", 10*comp->ost->smag[sob->ofr->band]); data/gcx-1.3/src/mbandrep.c:174:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(line+43, " "); data/gcx-1.3/src/mbandrep.c:177:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(line+54, " "); data/gcx-1.3/src/mbandrep.c:183:8: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. i += sprintf(line+67, "Err:%.3f ", sob->err); data/gcx-1.3/src/mbandrep.c:185:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. i += sprintf(line+67+i, "Diff "); data/gcx-1.3/src/mbandrep.c:187:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. i += sprintf(line+67+i, "Transformed "); data/gcx-1.3/src/mbandrep.c:189:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. i += sprintf(line+67+i, "All-sky "); data/gcx-1.3/src/mbandrep.c:191:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. i += sprintf(line+67+i, "Possibly_saturated "); data/gcx-1.3/src/mbandrep.c:263:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/gcx-1.3/src/multiband.c:267:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&ofr->ltrans, &mbds->trans[band], sizeof(struct transform)); data/gcx-1.3/src/multiband.c:591:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[256]; data/gcx-1.3/src/multiband.c:701:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[64]; data/gcx-1.3/src/multiband.c:1108:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&ofr->ltrans, ofr->trans, sizeof(struct transform)); data/gcx-1.3/src/multiband.c:1483:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[128]; data/gcx-1.3/src/multiband.c:1551:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[64]; data/gcx-1.3/src/obsdata.c:203:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lb[128]; data/gcx-1.3/src/obsdata.c:204:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char deg[64]; data/gcx-1.3/src/obsdata.c:239:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(lb, "%20.1f / EQUINOX OF COORDINATES", obs->equinox); data/gcx-1.3/src/obsdata.c:249:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(lb, "%20.1f / TELESCOPE APERTURE IN CM", P_DBL(OBS_APERTURE)); data/gcx-1.3/src/obsdata.c:252:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(lb, "%20.1f / TELESCOPE FOCAL LENGTH IN CM", P_DBL(OBS_FLEN)); data/gcx-1.3/src/obsdata.c:264:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(lb+20, " / WESTERN LONGITUDE"); data/gcx-1.3/src/obsdata.c:267:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(lb, "%20.1f / OBSERVING SITE ALTITUDE (M)", P_DBL(OBS_ALTITUDE)); data/gcx-1.3/src/obsdata.c:485:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lb[128]; data/gcx-1.3/src/obsdata.c:486:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(lb, "%20.3f / ELECTRONS / ADU", exp->scale); data/gcx-1.3/src/obsdata.c:488:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(lb, "%20.3f / READ NOISE IN ADUs", exp->rdnoise); data/gcx-1.3/src/obsdata.c:490:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(lb, "%20.3f / MULTIPLICATIVE NOISE COEFF", exp->flat_noise); data/gcx-1.3/src/obsdata.c:492:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(lb, "%20.3f / BIAS IN ADUs", exp->bias); data/gcx-1.3/src/obsdata.c:523:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char date[64]; data/gcx-1.3/src/obsdata.c:615:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dms[64]; data/gcx-1.3/src/obsdata.c:720:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lb[80]; data/gcx-1.3/src/obsdata.c:721:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char deg[80]; data/gcx-1.3/src/obsdata.c:728:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(lb, "%20.8f / ", fr->fim.xref); data/gcx-1.3/src/obsdata.c:731:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(lb, "%20.8f / ", fr->fim.yref); data/gcx-1.3/src/obsdata.c:734:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(lb, "%20.8f / ", fr->fim.xinc); data/gcx-1.3/src/obsdata.c:737:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(lb, "%20.8f / ", fr->fim.yinc); data/gcx-1.3/src/obsdata.c:740:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(lb, "%20.8f / ", fr->fim.xrefpix); data/gcx-1.3/src/obsdata.c:743:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(lb, "%20.8f / ", fr->fim.yrefpix); data/gcx-1.3/src/obsdata.c:746:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(lb, "%20.8f / ", fr->fim.rot); data/gcx-1.3/src/obsdata.c:749:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(lb, "%20.1f / ", 1.0 * fr->fim.equinox); data/gcx-1.3/src/obsdata.c:760:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(lb, "%20.8f / IMAGE SCALE IN SECONDS PER PIXEL", data/gcx-1.3/src/obslist.c:553:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(P_STR(FILE_PHOT_OUT), "a"); data/gcx-1.3/src/obslist.c:846:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(name, "r"); data/gcx-1.3/src/params.c:310:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&(PAR(p)->val), &(PAR(p)->defval), sizeof(union pval)); data/gcx-1.3/src/params.c:357:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/gcx-1.3/src/params.c:407:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char npath[256]; data/gcx-1.3/src/params.c:939:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/gcx-1.3/src/paramsgui.c:52:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ret, iter, sizeof(GtkTreeIter)); data/gcx-1.3/src/paramsgui.c:69:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char text[256] = ""; data/gcx-1.3/src/paramsgui.c:88:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char text[256] = ""; data/gcx-1.3/src/paramsgui.c:151:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char text[256] = ""; data/gcx-1.3/src/paramsgui.c:208:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/gcx-1.3/src/paramsgui.c:264:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&(PAR(p)->val), &(PAR(p)->defval), sizeof(union pval)); data/gcx-1.3/src/paramsgui.c:320:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char val[256]; data/gcx-1.3/src/paramsgui.c:363:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256] = "Config file: "; data/gcx-1.3/src/photometry.c:186:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&ap->exp, &fr->exp, sizeof(struct exp_data)); data/gcx-1.3/src/photometry.c:289:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[80]; data/gcx-1.3/src/photometry.c:530:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char qu[1024]; data/gcx-1.3/src/photometry.c:539:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((repfp = fopen(fn, "r")) != NULL) { /* file exists */ data/gcx-1.3/src/photometry.c:549:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). repfp = fopen(fn, "a"); data/gcx-1.3/src/plots.c:55:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char qu[1024]; data/gcx-1.3/src/plots.c:71:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((plfp = fopen(fn, "r")) != NULL) { /* file exists */ data/gcx-1.3/src/plots.c:81:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). plfp = fopen(fn, "w"); data/gcx-1.3/src/psf.c:496:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&apdef.exp, &fr->exp, sizeof(struct exp_data)); data/gcx-1.3/src/psf.c:1054:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[256]; data/gcx-1.3/src/psf.c:1055:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char preamble[16384]; data/gcx-1.3/src/psf.c:1164:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[256]; data/gcx-1.3/src/query.c:171:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/gcx-1.3/src/query.c:274:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/gcx-1.3/src/query.c:409:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/gcx-1.3/src/query.c:568:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmd[1024]; data/gcx-1.3/src/query.c:580:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char prp[256]; data/gcx-1.3/src/query.c:727:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ras[64], decs[64]; data/gcx-1.3/src/recipy.c:61:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *symname[SYM_LAST] = SYM_NAMES_INIT; data/gcx-1.3/src/recipy.c:75:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ras[64], decs[64]; data/gcx-1.3/src/recipy.c:205:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char comment[256]; data/gcx-1.3/src/recipy.c:206:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[256], *smags = NULL; data/gcx-1.3/src/recipy.c:264:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char comment[256]; data/gcx-1.3/src/recipy.c:265:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[256]; data/gcx-1.3/src/recipy.c:448:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char id[64]; data/gcx-1.3/src/recipy.c:523:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char id[64]; data/gcx-1.3/src/recipy.c:524:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nam[64]; data/gcx-1.3/src/recipy.c:525:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ras[64], decs[64]; data/gcx-1.3/src/recipy.c:699:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char id[64]; data/gcx-1.3/src/recipy.c:815:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char id[128]; data/gcx-1.3/src/recipy.c:816:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char comm[128]; data/gcx-1.3/src/recipy.c:985:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char phot[4]; data/gcx-1.3/src/recipy.c:987:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char spec[24]; data/gcx-1.3/src/recipy.c:988:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char type[24]; data/gcx-1.3/src/recipy.c:989:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char id[64]; data/gcx-1.3/src/recipy.c:1118:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char id[64]; data/gcx-1.3/src/recipy.c:1238:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char comment[64]; data/gcx-1.3/src/recipy.c:1453:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ras[64], decs[64]; data/gcx-1.3/src/recipy.c:1530:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ras[64], decs[64]; data/gcx-1.3/src/recipygui.c:164:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char qu[1024]; data/gcx-1.3/src/recipygui.c:203:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((rfp = fopen(fn2, "r")) != NULL) { /* file exists */ data/gcx-1.3/src/recipygui.c:213:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). rfp = fopen(fn2, "w"); data/gcx-1.3/src/reduce.c:190:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fn[16384]; data/gcx-1.3/src/reduce.c:192:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[256]; data/gcx-1.3/src/reduce.c:222:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fn[16384], ifn[16384]; data/gcx-1.3/src/reduce.c:224:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[256]; data/gcx-1.3/src/reduce.c:262:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fn[16384]; data/gcx-1.3/src/reduce.c:264:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[256]; data/gcx-1.3/src/reduce.c:449:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[256]; data/gcx-1.3/src/reduce.c:560:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[256]; data/gcx-1.3/src/reduce.c:635:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lb[81]; data/gcx-1.3/src/reduce.c:903:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lb[81]; data/gcx-1.3/src/reduce.c:968:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lb[80]; data/gcx-1.3/src/reduce.c:1030:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lb[81]; data/gcx-1.3/src/reduce.c:1062:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[64]; data/gcx-1.3/src/reduce.c:1121:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lb[81]; data/gcx-1.3/src/reduce.c:1153:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[64]; data/gcx-1.3/src/reduce.c:1210:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char lb[128]; data/gcx-1.3/src/reduce.c:1211:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char date[64]; data/gcx-1.3/src/reduce.c:1254:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(lb, "%20.3f / EXPOSURE TIME IN SECONDS", expsum); data/gcx-1.3/src/reduce.c:1256:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(lb, "%20.8f / JULIAN DATE OF EXPOSURE START (UTC)", data/gcx-1.3/src/reduce.c:1278:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[256]; data/gcx-1.3/src/reduce.c:1366:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(ofr->name, "stack_result"); data/gcx-1.3/src/reduce.c:1545:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[256]; data/gcx-1.3/src/reduce.c:1629:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[256]; data/gcx-1.3/src/reducegui.c:777:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg[128]; data/gcx-1.3/src/reducegui.c:1133:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ccdr->wcs, wcs, sizeof(struct wcs)); data/gcx-1.3/src/report.c:275:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[MAX_TBL_LINE]; data/gcx-1.3/src/report.c:409:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[64]; data/gcx-1.3/src/report.c:441:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[64]; data/gcx-1.3/src/report.c:454:32: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. snprintf(buf, 63, "s(%s)", (char *)cfmt[i].data); data/gcx-1.3/src/report.c:458:32: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. snprintf(buf, 63, "i(%s)", (char *)cfmt[i].data); data/gcx-1.3/src/report.c:462:33: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. snprintf(buf, 63, "se(%s)", (char *)cfmt[i].data); data/gcx-1.3/src/report.c:466:33: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. snprintf(buf, 63, "ie(%s)", (char *)cfmt[i].data); data/gcx-1.3/src/report.c:498:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dms[64]; data/gcx-1.3/src/report.c:896:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char d[DB_FIELD]; data/gcx-1.3/src/report.c:897:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[DB_FIELD]; data/gcx-1.3/src/report.c:898:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char t[DB_FIELD]; data/gcx-1.3/src/report.c:899:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char n[DB_FIELD]; data/gcx-1.3/src/report.c:900:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char w[DB_FIELD]; data/gcx-1.3/src/report.c:901:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char p[DB_FIELD]; data/gcx-1.3/src/report.c:902:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char f[DB_FIELD]; data/gcx-1.3/src/report.c:903:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sp[DB_FIELD]; data/gcx-1.3/src/report.c:904:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sc[DB_FIELD]; data/gcx-1.3/src/report.c:905:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sn[DB_FIELD]; data/gcx-1.3/src/report.c:906:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char si[DB_FIELD]; data/gcx-1.3/src/report.c:909:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char coord[64]; data/gcx-1.3/src/showimage.c:328:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cdat, cdat - cache->w*3, cache->w*3); data/gcx-1.3/src/showimage.c:370:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cdat, cdat - cache->w*3, cache->w*3); data/gcx-1.3/src/showimage.c:557:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cdat, cdat - cache->w, cache->w); data/gcx-1.3/src/showimage.c:577:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cdat, cdat - cache->w, cache->w); data/gcx-1.3/src/showimage.c:708:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cdat, cdat - cache->w, cache->w); data/gcx-1.3/src/showimage.c:728:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cdat, cdat - cache->w, cache->w); data/gcx-1.3/src/showimage.c:1060:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(wcs, nwcs, sizeof (struct wcs)); data/gcx-1.3/src/showimage.c:1200:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). pnmf = fopen(fn, "w"); data/gcx-1.3/src/sourcesdraw.c:80:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&(gsl->selected_color), &color, sizeof(GdkColor)); data/gcx-1.3/src/sourcesdraw.c:82:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&(gsl->color[STAR_TYPE_SIMPLE]), &color, sizeof(GdkColor)); data/gcx-1.3/src/sourcesdraw.c:84:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&(gsl->color[STAR_TYPE_SREF]), &color, sizeof(GdkColor)); data/gcx-1.3/src/sourcesdraw.c:86:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&(gsl->color[STAR_TYPE_APSTD]), &color, sizeof(GdkColor)); data/gcx-1.3/src/sourcesdraw.c:88:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&(gsl->color[STAR_TYPE_APSTAR]), &color, sizeof(GdkColor)); data/gcx-1.3/src/sourcesdraw.c:90:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&(gsl->color[STAR_TYPE_CAT]), &color, sizeof(GdkColor)); data/gcx-1.3/src/sourcesdraw.c:92:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&(gsl->color[STAR_TYPE_USEL]), &color, sizeof(GdkColor)); data/gcx-1.3/src/sourcesdraw.c:94:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&(gsl->color[STAR_TYPE_ALIGN]), &color, sizeof(GdkColor)); data/gcx-1.3/src/sourcesdraw.c:1414:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ras[32]; data/gcx-1.3/src/sourcesdraw.c:1415:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char decs[32]; data/gcx-1.3/src/sourcesdraw.c:1460:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[128]; data/gcx-1.3/src/staredit.c:126:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/gcx-1.3/src/staredit.c:497:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char com[256]; data/gcx-1.3/src/starfile.c:188:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen("test.rcp", "r"); data/gcx-1.3/src/starfile.c:906:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char decs[64]; data/gcx-1.3/src/starfile.c:907:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ras[64]; data/gcx-1.3/src/starlist.c:366:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[129]; data/gcx-1.3/src/textgui.c:78:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char title[256]; data/gcx-1.3/src/textgui.c:172:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[82]; data/gcx-1.3/src/textgui.c:186:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(line, fr->var[i], 80); data/gcx-1.3/src/tycho2.c:41:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char tyb[300]; // buffer for one tycho record data/gcx-1.3/src/tycho2.c:90:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). tf = fopen(tycho, "r"); data/gcx-1.3/src/tycho2.c:132:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). raf = fopen(raixx, "w"); data/gcx-1.3/src/tycho2.c:140:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). decf = fopen(decixx, "w"); data/gcx-1.3/src/tycho2.c:148:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). raf = fopen(raix, "w"); data/gcx-1.3/src/tycho2.c:156:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). decf = fopen(decix, "w"); data/gcx-1.3/src/tycho2.c:192:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). raf = fopen(raixx, "r"); data/gcx-1.3/src/tycho2.c:205:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). decf = fopen(decixx, "r"); data/gcx-1.3/src/tycho2.c:233:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). raf = fopen(raix, "r"); data/gcx-1.3/src/tycho2.c:248:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). decf = fopen(decix, "r"); data/gcx-1.3/src/tycho2.c:293:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(name, "r"); data/gcx-1.3/src/tycho2.c:327:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). tf = fopen(path, "r"); data/gcx-1.3/src/wcs.c:51:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[80]; data/gcx-1.3/src/wcs.c:114:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(wcs, &(fr->fim), sizeof (struct wcs)); data/gcx-1.3/src/wcs.c:125:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[80]; data/gcx-1.3/src/wcs.c:130:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(wcs, &(fr->fim), sizeof (struct wcs)); data/gcx-1.3/src/wcs.c:743:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/gcx-1.3/src/wcs.c:797:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "Fitted %d pairs, Error in R.A.: %.2f\", Error in dec: %.2f\". Fit Validated", data/gcx-1.3/src/wcs.c:800:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "Fitted %d pairs, Error in R.A.: %.2f\", Error in dec: %.2f\". Fit Not Validated", data/gcx-1.3/src/wcs.c:810:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&(i_chan->fr->fim), wcs, sizeof (struct wcs)); data/gcx-1.3/src/wcsedit.c:161:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/gcx-1.3/src/basename.c:48:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). endp = path + strlen(path) - 1; data/gcx-1.3/src/cameragui.c:178:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (text == NULL || strlen(text) < 1) { data/gcx-1.3/src/catalogs.c:548:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(cats->name, name, CAT_STAR_NAME_SZ); data/gcx-1.3/src/catalogs.c:1069:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(pathc, path, 1023); data/gcx-1.3/src/catalogs.c:1112:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (nm[-1] == '"' && nm[strlen(name)] == '"') data/gcx-1.3/src/catalogs.c:1131:7: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = fgetc(inf); data/gcx-1.3/src/catalogs.c:1172:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(pathc, path, 1023); data/gcx-1.3/src/ccd/badpix.c:144:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(lb, map->filename, 70); data/gcx-1.3/src/ccd/badpix.c:145:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(lb) <= 7 || strcmp(lb + strlen(lb) - 7, ".badpix") != 0) data/gcx-1.3/src/ccd/badpix.c:145:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(lb) <= 7 || strcmp(lb + strlen(lb) - 7, ".badpix") != 0) data/gcx-1.3/src/ccd/badpix.c:176:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(lb, map->filename, 70); data/gcx-1.3/src/ccd/badpix.c:177:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(lb) <= 7 || strcmp(lb + strlen(lb) - 7, ".badpix") != 0) data/gcx-1.3/src/ccd/badpix.c:177:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(lb) <= 7 || strcmp(lb + strlen(lb) - 7, ".badpix") != 0) data/gcx-1.3/src/ccd/ccd_frame.c:460:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(fn); data/gcx-1.3/src/ccd/ccd_frame.c:594:11: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). (_fngetc)fgetc, data/gcx-1.3/src/ccd/ccd_frame.c:839:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(hd->name, fn, 255); data/gcx-1.3/src/ccd/ccd_frame.c:866:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(fn, filename, MAX_FILENAME); data/gcx-1.3/src/ccd/ccd_frame.c:891:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(fn, filename, MAX_FILENAME); data/gcx-1.3/src/ccd/ccd_frame.c:950:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(lb, filename, MAX_FILENAME); data/gcx-1.3/src/ccd/ccd_frame.c:1090:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(lb, fn, MAX_FILENAME); data/gcx-1.3/src/ccd/ccd_frame.c:1367:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strncmp((char *)(var + i), kwd, strlen(kwd))) { data/gcx-1.3/src/ccd/dslr.c:75:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). r = read(fd, &val, 4); data/gcx-1.3/src/ccd/dslr.c:91:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). r = read(fd, &val, 2); data/gcx-1.3/src/ccd/dslr.c:108:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). r = read(fd, &val, 1); data/gcx-1.3/src/ccd/dslr.c:137:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). r = read(fd, buffer + sofar, len - sofar); data/gcx-1.3/src/ccd/dslr.c:728:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(datetime, (void *) mrw->ttw + t_data, 20); data/gcx-1.3/src/ccd/dslr.c:1067:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(frame->name, raw->filename, 255); data/gcx-1.3/src/ccd/dslr.c:1140:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(datetime, tagdata, 20); data/gcx-1.3/src/ccd/dslr.c:1482:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(frame->name, raw->filename, 255); data/gcx-1.3/src/ccd/dslr.c:1532:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(filename); data/gcx-1.3/src/ccd/dslr.c:1548:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(filename); data/gcx-1.3/src/ccd/dslr.c:1613:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(str, default_cfa, 80); data/gcx-1.3/src/ccd/edb.c:122:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). l = strlen(nm); data/gcx-1.3/src/ccd/edb.c:130:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(cn, e, 180); data/gcx-1.3/src/ccd/edb.c:131:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (cn[strlen(cn)] != '/') data/gcx-1.3/src/ccd/edb.c:132:4: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(cn, "/"); data/gcx-1.3/src/ccd/edb.c:267:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (is_constell(name + strlen(name) - 3)) { data/gcx-1.3/src/ccd/edb.c:268:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((strlen(name) == 4) && name[0] >= 'R' && name[0] <= 'Z') { data/gcx-1.3/src/ccd/edb.c:276:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((strlen(name) == 5) && name[0] >= 'A' && name[0] <= 'Z' && data/gcx-1.3/src/ccd/edb.c:286:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((strlen(name) >= 5) && (name[0] == 'V') && isdigit(name[1])) { data/gcx-1.3/src/ccd/edb.c:297:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). l = strlen(name); data/gcx-1.3/src/ccd/recipy.c:92:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strncmp(st[i].sym, lb+k, strlen(st[i].sym))) data/gcx-1.3/src/ccd/recipy.c:164:2: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy(vs->repstar, "m"); data/gcx-1.3/src/ccd/recipy.c:780:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((vs->cnt * strlen(rep) < PER_LINE) || d) { // we put all on one line data/gcx-1.3/src/ccd/recipy.c:801:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((vs->cnt * strlen(rep) < PER_LINE) || d) { // we put all on one line data/gcx-1.3/src/ccd/use_dcraw.c:43:15: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while( (ch = fgetc( fp )) != '\n' ) data/gcx-1.3/src/ccd/use_dcraw.c:50:23: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while( isspace( ch = fgetc( fp ) ) ) data/gcx-1.3/src/ccd/use_dcraw.c:72:42: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). for( i = 0; i < 80 - 1 && isdigit( ch = fgetc( fp ) ); i++ ) data/gcx-1.3/src/ccd/use_dcraw.c:94:14: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). prefix[0] = fgetc(handle); data/gcx-1.3/src/ccd/use_dcraw.c:95:14: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). prefix[1] = fgetc(handle); data/gcx-1.3/src/ccd/use_dcraw.c:118:33: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). d4_printf("next char: %02x\n", fgetc(handle)); data/gcx-1.3/src/common_indi.c:103:66: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else if (strcmp(iprop->name, "DEVICE_PORT") == 0 && portname && strlen(portname)) { data/gcx-1.3/src/common_indi.c:130:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(device->name, name, sizeof(device->name) - 1); data/gcx-1.3/src/dirname.c:49:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). endp = path + strlen(path) - 1; data/gcx-1.3/src/filegui.c:118:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). i = strlen(fn); data/gcx-1.3/src/filegui.c:119:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ns = strlen(ext) + i + 1; data/gcx-1.3/src/filegui.c:136:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). i = strlen(fn); data/gcx-1.3/src/filegui.c:150:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). i = strlen(fn); data/gcx-1.3/src/filegui.c:151:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ns = strlen(ext) + i + 5; data/gcx-1.3/src/filegui.c:169:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). i = strlen(fn); data/gcx-1.3/src/filegui.c:253:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = strlen(fn); i > 0; i--) data/gcx-1.3/src/filegui.c:321:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(obj, object, 70); data/gcx-1.3/src/filegui.c:629:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(fa->file_filter, filter, FILE_FILTER_SZ); data/gcx-1.3/src/filegui.c:662:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(fa->file_filter, filter, FILE_FILTER_SZ); data/gcx-1.3/src/filegui.c:694:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(fa->file_filter, filter, FILE_FILTER_SZ); data/gcx-1.3/src/filegui.c:721:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(fa->file_filter, "*.fits*", FILE_FILTER_SZ); data/gcx-1.3/src/filegui.c:821:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(pathc, path, 1023); data/gcx-1.3/src/filegui.c:849:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(fn); data/gcx-1.3/src/gcx.c:677:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(mband, optarg, 1023); data/gcx-1.3/src/gcx.c:680:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(extrf, optarg, 1023); data/gcx-1.3/src/gcx.c:684:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(mergef, optarg, 1023); data/gcx-1.3/src/gcx.c:688:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(tobj, optarg, 1023); data/gcx-1.3/src/gcx.c:731:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(of, optarg, 1023); data/gcx-1.3/src/gcx.c:734:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(outf, optarg, 1023); data/gcx-1.3/src/gcx.c:737:4: [1] (buffer) sscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. sscanf(optarg, "%800s", rf); data/gcx-1.3/src/gcx.c:740:4: [1] (buffer) sscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. sscanf(optarg, "%800s", rf); data/gcx-1.3/src/gcx.c:745:4: [1] (buffer) sscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. sscanf(optarg, "%800s", rf); data/gcx-1.3/src/gcx.c:754:6: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(rcf, optarg, 1023); data/gcx-1.3/src/gcx.c:764:6: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(rcf, optarg, 1023); data/gcx-1.3/src/gcx.c:783:6: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(repf, optarg, 1023); data/gcx-1.3/src/gcx.c:790:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(ldf, optarg, 1023); data/gcx-1.3/src/gcx.c:794:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(obj, optarg, 1023); data/gcx-1.3/src/gcx.c:890:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(badpixf, optarg, 1023); data/gcx-1.3/src/gcx.c:976:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(of, file, 1023); data/gcx-1.3/src/gcx.c:988:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(rf, file, 1023); data/gcx-1.3/src/gsc/decode_c.c:91:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(r->plate,p+(5*pl)+1,4); data/gcx-1.3/src/gsc/embgsc.c:465:5: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). cc=read(f2,ind2,size); data/gcx-1.3/src/gsc/embgsc.c:580:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). cc=read(fz,rec,sizeof(rec)); data/gcx-1.3/src/gsc/embgsc.c:640:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). size = read(fr, table, 12*MAXNSORT); data/gcx-1.3/src/gsc/get_head.c:27:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(fp,w,4) != 4) return((char *)0); data/gcx-1.3/src/gsc/get_head.c:31:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(fp,w,lheader-4) > 0) data/gcx-1.3/src/initparams.c:166:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). P_STR(p) = malloc(strlen(val)+1); data/gcx-1.3/src/initparams.c:169:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). PAR(p)->defval.s = malloc(strlen(val)+1); data/gcx-1.3/src/libindiclient/gtk/indi_config.c:156:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(ielem->value.str, value, sizeof(ielem->value.str)); data/gcx-1.3/src/libindiclient/gtk/indigui.c:159:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(message) > 0) { data/gcx-1.3/src/libindiclient/gtk/indigui.c:190:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(elem->value.str, valstr, sizeof(elem->value.str)); data/gcx-1.3/src/libindiclient/indi.c:80:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(cb->devname) == 0 || strncmp(cb->devname, devname, sizeof(cb->devname)) == 0) { data/gcx-1.3/src/libindiclient/indi.c:96:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(dev) == 0 || strncmp(idev->name, dev, sizeof(idev->name)) == 0) { data/gcx-1.3/src/libindiclient/indi.c:120:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(idev->name, devname, sizeof(idev->name)); data/gcx-1.3/src/libindiclient/indi.c:129:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(cb->devname)) { data/gcx-1.3/src/libindiclient/indi.c:203:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(ielem->value.str, value, sizeof(ielem->value.str)); data/gcx-1.3/src/libindiclient/indi.c:238:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(ielem->value.str, value, sizeof(ielem->value.str)); data/gcx-1.3/src/libindiclient/indi.c:265:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dbg_printf("sending (%lu):\n%s", (unsigned long)strlen(msg), msg); data/gcx-1.3/src/libindiclient/indi.c:266:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). io_indi_sock_write(idev->indi->fh, msg, strlen(msg)); data/gcx-1.3/src/libindiclient/indi.c:341:58: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dbg_printf("sending %s(%lu):\n%s", type, (unsigned long)strlen(msg), msg); data/gcx-1.3/src/libindiclient/indi.c:343:49: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). io_indi_sock_write(iprop->idev->indi->fh, msg, strlen(msg)); data/gcx-1.3/src/libindiclient/indi.c:432:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(ielem->value.str, data, sizeof(ielem->value.str)); data/gcx-1.3/src/libindiclient/indi.c:465:57: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ielem->value.blob.compressed = (ielem->value.blob.fmt[strlen(ielem->value.blob.fmt)-2] == '.' data/gcx-1.3/src/libindiclient/indi.c:466:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). && ielem->value.blob.fmt[strlen(ielem->value.blob.fmt)-1] == 'z') data/gcx-1.3/src/libindiclient/indi.c:481:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(iprop->message, findXMLAttValu(root, "message"), sizeof(iprop->message) - 1); data/gcx-1.3/src/libindiclient/indi.c:490:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(ielem->value.blob.fmt, findXMLAttValu(ep, "format"), sizeof(ielem->value.blob.fmt)); data/gcx-1.3/src/libindiclient/indi.c:508:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(iprop->name, findXMLAttValu(root, "name"), sizeof(iprop->name)); data/gcx-1.3/src/libindiclient/indi.c:532:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(ielem->name, findXMLAttValu(ep, "name"), sizeof(ielem->name)); data/gcx-1.3/src/libindiclient/indi.c:534:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (label && strlen(label)) { data/gcx-1.3/src/libindiclient/indi.c:535:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(ielem->label, label, sizeof(ielem->label)); data/gcx-1.3/src/libindiclient/indi.c:537:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(ielem->label, ielem->name, sizeof(ielem->label)); data/gcx-1.3/src/libindiclient/indi.c:541:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(ielem->value.num.fmt, findXMLAttValu(ep, "format"), sizeof(ielem->value.num.fmt)); data/gcx-1.3/src/libindiclient/indi.c:583:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(cb->devname, devname, sizeof(cb->devname)); data/gcx-1.3/src/libindiclient/indi.c:691:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). io_indi_sock_write(indi->fh, msg, strlen(msg)); data/gcx-1.3/src/libindiclient/lilxml.c:286:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int tl = strlen (tag); data/gcx-1.3/src/libindiclient/lilxml.c:417:14: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while ((c = fgetc(fp)) != EOF) { data/gcx-1.3/src/libindiclient/lilxml.c:545:9: [1] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source is a constant character. sl += sprintf (s+sl, "\n"); data/gcx-1.3/src/libindiclient/lilxml.c:568:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). l += ep->at[i]->name.sl + 4 + strlen(entityXML(ep->at[i]->valu.s)); data/gcx-1.3/src/libindiclient/lilxml.c:579:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). l += strlen (entityXML(ep->pcdata.s)); data/gcx-1.3/src/libindiclient/lilxml.c:645:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int nleft = strlen (s) + 1; /* include \0 */ data/gcx-1.3/src/libindiclient/lilxml.c:1001:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int strl = strlen (str); data/gcx-1.3/src/mbandrep.c:132:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(line, "9999+99 ", 8); data/gcx-1.3/src/mbandrep.c:135:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(line, "9999+99 ", 8); data/gcx-1.3/src/mbandrep.c:137:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(line, des, 8); data/gcx-1.3/src/mbandrep.c:145:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). nl = strlen(sob->cats->name); data/gcx-1.3/src/misc.c:130:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sz = strlen(filen); data/gcx-1.3/src/misc.c:340:15: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = getc (stream); data/gcx-1.3/src/misc.c:433:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(r, str, n); data/gcx-1.3/src/misc.c:518:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (e = strlen(buf) - 1; e > 0 && isblank(buf[e]); e--); data/gcx-1.3/src/multiband.c:720:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(buf, start, l); data/gcx-1.3/src/multiband.c:739:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(buf, start, l); data/gcx-1.3/src/multiband.c:748:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(buf, start, l); data/gcx-1.3/src/params.c:255:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). P_STR(p) = malloc(strlen(text)+1); data/gcx-1.3/src/params.c:268:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). PAR(p)->defval.s = malloc(strlen(text)+1); data/gcx-1.3/src/params.c:793:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(line); data/gcx-1.3/src/recipy.c:210:8: [1] (buffer) sscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. ret = sscanf(line+7, " %255s %f %f PMAG=%f", data/gcx-1.3/src/recipy.c:245:9: [1] (buffer) sscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. ret = sscanf(line+i, "GSCL=%255s", name); data/gcx-1.3/src/recipy.c:253:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(cats->name, name, CAT_STAR_NAME_SZ); data/gcx-1.3/src/recipy.c:269:8: [1] (buffer) sscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. ret = sscanf(line+7, " %255s %f %f %*cMAG=(%f", data/gcx-1.3/src/recipy.c:310:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(cats->name, name, CAT_STAR_NAME_SZ); data/gcx-1.3/src/recipy.c:461:9: [1] (buffer) sscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. ret = sscanf(line, "%63s %f %f %*f %*f %f %*f %*f %*f %*f %f %f %f %f %f %f %f %f", data/gcx-1.3/src/recipy.c:473:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(cats->name, id, CAT_STAR_NAME_SZ); data/gcx-1.3/src/recipy.c:538:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((len = strlen(line)) < 48) data/gcx-1.3/src/recipy.c:564:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(cats->name, id, CAT_STAR_NAME_SZ); data/gcx-1.3/src/recipy.c:712:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((len = strlen(line)) < 48) data/gcx-1.3/src/recipy.c:851:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(line+i) < 14) data/gcx-1.3/src/recipy.c:868:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(cats->name, id, CAT_STAR_NAME_SZ); data/gcx-1.3/src/recipy.c:883:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((len = strlen(line)) < 5 && sn > 1) data/gcx-1.3/src/recipy.c:919:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((len = strlen(line)) < 5 && sn-seq > 1) data/gcx-1.3/src/recipy.c:1074:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(cats->name, id, CAT_STAR_NAME_SZ); data/gcx-1.3/src/recipy.c:1213:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(cats->name, id, CAT_STAR_NAME_SZ); data/gcx-1.3/src/reduce.c:174:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(fn); data/gcx-1.3/src/reduce.c:206:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = strlen(fn); i > 0; i--) data/gcx-1.3/src/reduce.c:232:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(ifn, imf->filename, 16383); data/gcx-1.3/src/reduce.c:241:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = strlen(fn); i > 0; i--) data/gcx-1.3/src/reduce.c:274:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(fn, outf, 16383); data/gcx-1.3/src/reduce.c:288:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i = strlen(fn); i > 0; i--) data/gcx-1.3/src/report.c:127:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). g_scanner_input_text(scan, format, strlen(format)); data/gcx-1.3/src/report.c:860:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). l = strlen(token); data/gcx-1.3/src/sourcesdraw.c:139:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). label, strlen(label)); data/gcx-1.3/src/sourcesdraw.c:147:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). label, strlen(label)); data/gcx-1.3/src/sourcesdraw.c:165:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). label, strlen(label)); data/gcx-1.3/src/sourcesdraw.c:175:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). label, strlen(label)); data/gcx-1.3/src/sourcesdraw.c:192:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). label, strlen(label)); data/gcx-1.3/src/sourcesdraw.c:215:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). label, strlen(label)); data/gcx-1.3/src/sourcesdraw.c:223:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). label, strlen(label)); data/gcx-1.3/src/staredit.c:217:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cats->comments = malloc(strlen(ncom) + 1); data/gcx-1.3/src/staredit.c:223:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cl = strlen(cats->comments); data/gcx-1.3/src/staredit.c:224:36: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). nc = realloc(cats->comments, cl + strlen(ncom) + 2); data/gcx-1.3/src/staredit.c:450:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(cats->name, text, CAT_STAR_NAME_SZ); data/gcx-1.3/src/staredit.c:485:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(cats->name, ocats->name, CAT_STAR_NAME_SZ); data/gcx-1.3/src/starfile.c:656:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(cats->name, stringval(scan), CAT_STAR_NAME_SZ); data/gcx-1.3/src/starfile.c:1059:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). l = strlen(STF_STRING(stf)); data/gcx-1.3/src/starlist.c:400:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(cats->name, name, CAT_STAR_NAME_SZ); ANALYSIS SUMMARY: Hits = 769 Lines analyzed = 58157 in approximately 3.60 seconds (16173 lines/second) Physical Source Lines of Code (SLOC) = 45367 Hits@level = [0] 639 [1] 179 [2] 477 [3] 7 [4] 106 [5] 0 Hits@level+ = [0+] 1408 [1+] 769 [2+] 590 [3+] 113 [4+] 106 [5+] 0 Hits/KSLOC@level+ = [0+] 31.0358 [1+] 16.9506 [2+] 13.005 [3+] 2.4908 [4+] 2.3365 [5+] 0 Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.