Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/glslang-8.13.3743/OGLCompilersDLL/InitializeDll.cpp
Examining data/glslang-8.13.3743/OGLCompilersDLL/InitializeDll.h
Examining data/glslang-8.13.3743/SPIRV/GLSL.ext.AMD.h
Examining data/glslang-8.13.3743/SPIRV/GLSL.ext.EXT.h
Examining data/glslang-8.13.3743/SPIRV/GLSL.ext.KHR.h
Examining data/glslang-8.13.3743/SPIRV/GLSL.ext.NV.h
Examining data/glslang-8.13.3743/SPIRV/GLSL.std.450.h
Examining data/glslang-8.13.3743/SPIRV/GlslangToSpv.cpp
Examining data/glslang-8.13.3743/SPIRV/GlslangToSpv.h
Examining data/glslang-8.13.3743/SPIRV/InReadableOrder.cpp
Examining data/glslang-8.13.3743/SPIRV/Logger.cpp
Examining data/glslang-8.13.3743/SPIRV/Logger.h
Examining data/glslang-8.13.3743/SPIRV/NonSemanticDebugPrintf.h
Examining data/glslang-8.13.3743/SPIRV/SPVRemapper.cpp
Examining data/glslang-8.13.3743/SPIRV/SPVRemapper.h
Examining data/glslang-8.13.3743/SPIRV/SpvBuilder.cpp
Examining data/glslang-8.13.3743/SPIRV/SpvBuilder.h
Examining data/glslang-8.13.3743/SPIRV/SpvPostProcess.cpp
Examining data/glslang-8.13.3743/SPIRV/SpvTools.cpp
Examining data/glslang-8.13.3743/SPIRV/SpvTools.h
Examining data/glslang-8.13.3743/SPIRV/bitutils.h
Examining data/glslang-8.13.3743/SPIRV/disassemble.cpp
Examining data/glslang-8.13.3743/SPIRV/disassemble.h
Examining data/glslang-8.13.3743/SPIRV/doc.cpp
Examining data/glslang-8.13.3743/SPIRV/doc.h
Examining data/glslang-8.13.3743/SPIRV/hex_float.h
Examining data/glslang-8.13.3743/SPIRV/spirv.hpp
Examining data/glslang-8.13.3743/SPIRV/spvIR.h
Examining data/glslang-8.13.3743/StandAlone/DirStackFileIncluder.h
Examining data/glslang-8.13.3743/StandAlone/ResourceLimits.cpp
Examining data/glslang-8.13.3743/StandAlone/ResourceLimits.h
Examining data/glslang-8.13.3743/StandAlone/StandAlone.cpp
Examining data/glslang-8.13.3743/StandAlone/Worklist.h
Examining data/glslang-8.13.3743/StandAlone/resource_limits_c.cpp
Examining data/glslang-8.13.3743/StandAlone/resource_limits_c.h
Examining data/glslang-8.13.3743/StandAlone/spirv-remap.cpp
Examining data/glslang-8.13.3743/Test/bar.h
Examining data/glslang-8.13.3743/Test/foo.h
Examining data/glslang-8.13.3743/Test/i1.h
Examining data/glslang-8.13.3743/Test/inc1/badInc.h
Examining data/glslang-8.13.3743/Test/inc1/bar.h
Examining data/glslang-8.13.3743/Test/inc1/foo.h
Examining data/glslang-8.13.3743/Test/inc1/path1/bar.h
Examining data/glslang-8.13.3743/Test/inc1/path1/local.h
Examining data/glslang-8.13.3743/Test/inc1/path1/notHere.h
Examining data/glslang-8.13.3743/Test/inc1/path2/bar.h
Examining data/glslang-8.13.3743/Test/inc1/path2/notHere.h
Examining data/glslang-8.13.3743/Test/inc1/path2/remote.h
Examining data/glslang-8.13.3743/Test/inc2/bar.h
Examining data/glslang-8.13.3743/Test/inc2/foo.h
Examining data/glslang-8.13.3743/Test/parent.h
Examining data/glslang-8.13.3743/glslang/CInterface/glslang_c_interface.cpp
Examining data/glslang-8.13.3743/glslang/GenericCodeGen/CodeGen.cpp
Examining data/glslang-8.13.3743/glslang/GenericCodeGen/Link.cpp
Examining data/glslang-8.13.3743/glslang/Include/BaseTypes.h
Examining data/glslang-8.13.3743/glslang/Include/Common.h
Examining data/glslang-8.13.3743/glslang/Include/ConstantUnion.h
Examining data/glslang-8.13.3743/glslang/Include/InfoSink.h
Examining data/glslang-8.13.3743/glslang/Include/InitializeGlobals.h
Examining data/glslang-8.13.3743/glslang/Include/PoolAlloc.h
Examining data/glslang-8.13.3743/glslang/Include/ResourceLimits.h
Examining data/glslang-8.13.3743/glslang/Include/ShHandle.h
Examining data/glslang-8.13.3743/glslang/Include/Types.h
Examining data/glslang-8.13.3743/glslang/Include/arrays.h
Examining data/glslang-8.13.3743/glslang/Include/glslang_c_interface.h
Examining data/glslang-8.13.3743/glslang/Include/glslang_c_shader_types.h
Examining data/glslang-8.13.3743/glslang/Include/intermediate.h
Examining data/glslang-8.13.3743/glslang/Include/revision.h
Examining data/glslang-8.13.3743/glslang/MachineIndependent/Constant.cpp
Examining data/glslang-8.13.3743/glslang/MachineIndependent/InfoSink.cpp
Examining data/glslang-8.13.3743/glslang/MachineIndependent/Initialize.cpp
Examining data/glslang-8.13.3743/glslang/MachineIndependent/Initialize.h
Examining data/glslang-8.13.3743/glslang/MachineIndependent/IntermTraverse.cpp
Examining data/glslang-8.13.3743/glslang/MachineIndependent/Intermediate.cpp
Examining data/glslang-8.13.3743/glslang/MachineIndependent/LiveTraverser.h
Examining data/glslang-8.13.3743/glslang/MachineIndependent/ParseContextBase.cpp
Examining data/glslang-8.13.3743/glslang/MachineIndependent/ParseHelper.cpp
Examining data/glslang-8.13.3743/glslang/MachineIndependent/ParseHelper.h
Examining data/glslang-8.13.3743/glslang/MachineIndependent/PoolAlloc.cpp
Examining data/glslang-8.13.3743/glslang/MachineIndependent/RemoveTree.cpp
Examining data/glslang-8.13.3743/glslang/MachineIndependent/RemoveTree.h
Examining data/glslang-8.13.3743/glslang/MachineIndependent/Scan.cpp
Examining data/glslang-8.13.3743/glslang/MachineIndependent/Scan.h
Examining data/glslang-8.13.3743/glslang/MachineIndependent/ScanContext.h
Examining data/glslang-8.13.3743/glslang/MachineIndependent/ShaderLang.cpp
Examining data/glslang-8.13.3743/glslang/MachineIndependent/SymbolTable.cpp
Examining data/glslang-8.13.3743/glslang/MachineIndependent/SymbolTable.h
Examining data/glslang-8.13.3743/glslang/MachineIndependent/Versions.cpp
Examining data/glslang-8.13.3743/glslang/MachineIndependent/Versions.h
Examining data/glslang-8.13.3743/glslang/MachineIndependent/attribute.cpp
Examining data/glslang-8.13.3743/glslang/MachineIndependent/attribute.h
Examining data/glslang-8.13.3743/glslang/MachineIndependent/gl_types.h
Examining data/glslang-8.13.3743/glslang/MachineIndependent/glslang_tab.cpp
Examining data/glslang-8.13.3743/glslang/MachineIndependent/glslang_tab.cpp.h
Examining data/glslang-8.13.3743/glslang/MachineIndependent/intermOut.cpp
Examining data/glslang-8.13.3743/glslang/MachineIndependent/iomapper.cpp
Examining data/glslang-8.13.3743/glslang/MachineIndependent/iomapper.h
Examining data/glslang-8.13.3743/glslang/MachineIndependent/limits.cpp
Examining data/glslang-8.13.3743/glslang/MachineIndependent/linkValidate.cpp
Examining data/glslang-8.13.3743/glslang/MachineIndependent/localintermediate.h
Examining data/glslang-8.13.3743/glslang/MachineIndependent/parseConst.cpp
Examining data/glslang-8.13.3743/glslang/MachineIndependent/parseVersions.h
Examining data/glslang-8.13.3743/glslang/MachineIndependent/pch.cpp
Examining data/glslang-8.13.3743/glslang/MachineIndependent/pch.h
Examining data/glslang-8.13.3743/glslang/MachineIndependent/preprocessor/Pp.cpp
Examining data/glslang-8.13.3743/glslang/MachineIndependent/preprocessor/PpAtom.cpp
Examining data/glslang-8.13.3743/glslang/MachineIndependent/preprocessor/PpContext.cpp
Examining data/glslang-8.13.3743/glslang/MachineIndependent/preprocessor/PpContext.h
Examining data/glslang-8.13.3743/glslang/MachineIndependent/preprocessor/PpScanner.cpp
Examining data/glslang-8.13.3743/glslang/MachineIndependent/preprocessor/PpTokens.cpp
Examining data/glslang-8.13.3743/glslang/MachineIndependent/preprocessor/PpTokens.h
Examining data/glslang-8.13.3743/glslang/MachineIndependent/propagateNoContraction.cpp
Examining data/glslang-8.13.3743/glslang/MachineIndependent/propagateNoContraction.h
Examining data/glslang-8.13.3743/glslang/MachineIndependent/reflection.cpp
Examining data/glslang-8.13.3743/glslang/MachineIndependent/reflection.h
Examining data/glslang-8.13.3743/glslang/OSDependent/Unix/ossource.cpp
Examining data/glslang-8.13.3743/glslang/OSDependent/Web/glslang.js.cpp
Examining data/glslang-8.13.3743/glslang/OSDependent/Windows/main.cpp
Examining data/glslang-8.13.3743/glslang/OSDependent/Windows/ossource.cpp
Examining data/glslang-8.13.3743/glslang/OSDependent/osinclude.h
Examining data/glslang-8.13.3743/glslang/Public/ShaderLang.h
Examining data/glslang-8.13.3743/gtests/AST.FromFile.cpp
Examining data/glslang-8.13.3743/gtests/BuiltInResource.FromFile.cpp
Examining data/glslang-8.13.3743/gtests/Config.FromFile.cpp
Examining data/glslang-8.13.3743/gtests/HexFloat.cpp
Examining data/glslang-8.13.3743/gtests/Hlsl.FromFile.cpp
Examining data/glslang-8.13.3743/gtests/Initializer.h
Examining data/glslang-8.13.3743/gtests/Link.FromFile.Vk.cpp
Examining data/glslang-8.13.3743/gtests/Link.FromFile.cpp
Examining data/glslang-8.13.3743/gtests/Pp.FromFile.cpp
Examining data/glslang-8.13.3743/gtests/Remap.FromFile.cpp
Examining data/glslang-8.13.3743/gtests/Settings.cpp
Examining data/glslang-8.13.3743/gtests/Settings.h
Examining data/glslang-8.13.3743/gtests/Spv.FromFile.cpp
Examining data/glslang-8.13.3743/gtests/TestFixture.cpp
Examining data/glslang-8.13.3743/gtests/TestFixture.h
Examining data/glslang-8.13.3743/gtests/main.cpp
Examining data/glslang-8.13.3743/gtests/pch.cpp
Examining data/glslang-8.13.3743/gtests/pch.h
Examining data/glslang-8.13.3743/hlsl/hlslAttributes.cpp
Examining data/glslang-8.13.3743/hlsl/hlslAttributes.h
Examining data/glslang-8.13.3743/hlsl/hlslGrammar.cpp
Examining data/glslang-8.13.3743/hlsl/hlslGrammar.h
Examining data/glslang-8.13.3743/hlsl/hlslOpMap.cpp
Examining data/glslang-8.13.3743/hlsl/hlslOpMap.h
Examining data/glslang-8.13.3743/hlsl/hlslParseHelper.cpp
Examining data/glslang-8.13.3743/hlsl/hlslParseHelper.h
Examining data/glslang-8.13.3743/hlsl/hlslParseables.cpp
Examining data/glslang-8.13.3743/hlsl/hlslParseables.h
Examining data/glslang-8.13.3743/hlsl/hlslScanContext.cpp
Examining data/glslang-8.13.3743/hlsl/hlslScanContext.h
Examining data/glslang-8.13.3743/hlsl/hlslTokenStream.cpp
Examining data/glslang-8.13.3743/hlsl/hlslTokenStream.h
Examining data/glslang-8.13.3743/hlsl/hlslTokens.h
Examining data/glslang-8.13.3743/hlsl/pch.cpp
Examining data/glslang-8.13.3743/hlsl/pch.h
Examining data/glslang-8.13.3743/ndk_test/test.cpp
FINAL RESULTS:
data/glslang-8.13.3743/StandAlone/resource_limits_c.cpp:52:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(c_str, cpp_str.c_str());
data/glslang-8.13.3743/glslang/Include/Common.h:55:13: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#ifndef snprintf
data/glslang-8.13.3743/glslang/Include/Common.h:56:13: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf sprintf_s
data/glslang-8.13.3743/glslang/Include/Common.h:60:48: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define safe_vsprintf(buf,max,format,args) vsnprintf((buf), (max), (format), (args))
data/glslang-8.13.3743/glslang/Include/Common.h:64:48: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define safe_vsprintf(buf,max,format,args) vsnprintf((buf), (max), (format), (args))
data/glslang-8.13.3743/glslang/Include/InfoSink.h:78:58: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, size, (fabs(n) > 1e-8 && fabs(n) < 1e8) || n == 0.0f ? "%f" : "%g", n);
data/glslang-8.13.3743/glslang/MachineIndependent/Initialize.cpp:1919:21: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, bufSize, op, floatTypes[j], floatTypes[j]);
data/glslang-8.13.3743/glslang/MachineIndependent/Initialize.cpp:1924:25: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, bufSize, op, doubleTypes[j], doubleTypes[j]);
data/glslang-8.13.3743/glslang/MachineIndependent/Initialize.cpp:1931:21: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, bufSize, op, boolTypes[j], boolTypes[j]);
data/glslang-8.13.3743/glslang/MachineIndependent/Initialize.cpp:1936:17: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buf, bufSize, op, intTypes[j], intTypes[j]);
data/glslang-8.13.3743/glslang/MachineIndependent/glslang_tab.cpp:3585:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define YYFPRINTF fprintf
data/glslang-8.13.3743/glslang/MachineIndependent/intermOut.cpp:1193:19: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int len = snprintf(buf, maxSize, format, value);
data/glslang-8.13.3743/glslang/MachineIndependent/preprocessor/PpTokens.cpp:89:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf sprintf_s
data/glslang-8.13.3743/SPIRV/hex_float.h:751:10: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
is.setstate(std::ios_base::failbit);
data/glslang-8.13.3743/SPIRV/hex_float.h:789:8: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
is.setstate(std::ios_base::failbit);
data/glslang-8.13.3743/SPIRV/hex_float.h:823:8: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
is.setstate(std::ios_base::failbit);
data/glslang-8.13.3743/SPIRV/hex_float.h:932:10: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
is.setstate(std::ios::failbit);
data/glslang-8.13.3743/SPIRV/hex_float.h:963:10: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
is.setstate(std::ios::failbit);
data/glslang-8.13.3743/SPIRV/hex_float.h:976:12: [3] (random) setstate:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
is.setstate(std::ios::failbit);
data/glslang-8.13.3743/SPIRV/GlslangToSpv.cpp:8610:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[bufSize];
data/glslang-8.13.3743/SPIRV/GlslangToSpv.cpp:8635:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out.open(baseName, std::ios::binary | std::ios::out);
data/glslang-8.13.3743/SPIRV/GlslangToSpv.cpp:8650:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out.open(baseName, std::ios::binary | std::ios::out);
data/glslang-8.13.3743/SPIRV/bitutils.h:29:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(static_cast<void*>(&dest), &source, sizeof(dest));
data/glslang-8.13.3743/StandAlone/ResourceLimits.cpp:284:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
const int value = std::atoi(valueStr.c_str());
data/glslang-8.13.3743/StandAlone/StandAlone.cpp:334:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
const int baseNum = atoi(argv[arg++]);
data/glslang-8.13.3743/StandAlone/StandAlone.cpp:335:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
const int setNum = atoi(argv[arg++]);
data/glslang-8.13.3743/StandAlone/StandAlone.cpp:340:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
singleBase = atoi(argv[arg++]);
data/glslang-8.13.3743/StandAlone/StandAlone.cpp:427:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int num = atoi(argv[0] + 2);
data/glslang-8.13.3743/StandAlone/StandAlone.cpp:1688:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* f = fopen(filename, mode);
data/glslang-8.13.3743/StandAlone/spirv-remap.cpp:86:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp.open(inFilename, std::fstream::in | std::fstream::binary);
data/glslang-8.13.3743/StandAlone/spirv-remap.cpp:118:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp.open(outFile, std::fstream::out | std::fstream::binary);
data/glslang-8.13.3743/glslang/CInterface/glslang_c_interface.cpp:421:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, program->spirv.data(), program->spirv.size() * sizeof(unsigned int));
data/glslang-8.13.3743/glslang/Include/Common.h:216:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[16]; // 32 bit ints are at most 10 digits in base 10
data/glslang-8.13.3743/glslang/Include/Common.h:223:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[16]; // 32 bit ints are at most 10 digits in base 10
data/glslang-8.13.3743/glslang/Include/InfoSink.h:77:79: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TInfoSinkBase& operator<<(float n) { const int size = 40; char buf[size];
data/glslang-8.13.3743/glslang/Include/InfoSink.h:99:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char locText[maxSize];
data/glslang-8.13.3743/glslang/MachineIndependent/Initialize.cpp:1915:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[bufSize];
data/glslang-8.13.3743/glslang/MachineIndependent/Initialize.cpp:6618:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char builtInConstant[maxSize];
data/glslang-8.13.3743/glslang/MachineIndependent/Initialize.cpp:8128:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *coopExt[2] = { E_GL_NV_cooperative_matrix, E_GL_NV_integer_cooperative_matrix };
data/glslang-8.13.3743/glslang/MachineIndependent/ParseContextBase.cpp:57:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szExtraInfo[maxSize];
data/glslang-8.13.3743/glslang/MachineIndependent/ParseHelper.cpp:7662:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *extsrt[2] = { E_GL_NV_ray_tracing, E_GL_EXT_ray_tracing };
data/glslang-8.13.3743/glslang/MachineIndependent/PoolAlloc.cpp:163:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char assertMsg[maxSize];
data/glslang-8.13.3743/glslang/MachineIndependent/Scan.cpp:254:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char profileString[maxProfileLength];
data/glslang-8.13.3743/glslang/MachineIndependent/Scan.cpp:876:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2];
data/glslang-8.13.3743/glslang/MachineIndependent/SymbolTable.cpp:124:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[16]; // plenty enough space for the small integers.
data/glslang-8.13.3743/glslang/MachineIndependent/SymbolTable.cpp:165:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[maxSize];
data/glslang-8.13.3743/glslang/MachineIndependent/SymbolTable.h:413:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[20];
data/glslang-8.13.3743/glslang/MachineIndependent/Versions.cpp:530:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char numberBuf[numberBufSize];
data/glslang-8.13.3743/glslang/MachineIndependent/Versions.cpp:690:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[maxSize];
data/glslang-8.13.3743/glslang/MachineIndependent/glslang_tab.cpp:3832:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char const *yyarg[YYERROR_VERBOSE_ARGS_MAXIMUM];
data/glslang-8.13.3743/glslang/MachineIndependent/glslang_tab.cpp:4024:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char yymsgbuf[128];
data/glslang-8.13.3743/glslang/MachineIndependent/glslang_tab.cpp:4593:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errorOp[2] = {0, 0};
data/glslang-8.13.3743/glslang/MachineIndependent/intermOut.cpp:1189:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[maxSize];
data/glslang-8.13.3743/glslang/MachineIndependent/intermOut.cpp:1255:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[maxSize];
data/glslang-8.13.3743/glslang/MachineIndependent/intermOut.cpp:1264:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[maxSize];
data/glslang-8.13.3743/glslang/MachineIndependent/intermOut.cpp:1273:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[maxSize];
data/glslang-8.13.3743/glslang/MachineIndependent/intermOut.cpp:1282:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[maxSize];
data/glslang-8.13.3743/glslang/MachineIndependent/intermOut.cpp:1291:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[maxSize];
data/glslang-8.13.3743/glslang/MachineIndependent/intermOut.cpp:1300:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[maxSize];
data/glslang-8.13.3743/glslang/MachineIndependent/intermOut.cpp:1309:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[maxSize];
data/glslang-8.13.3743/glslang/MachineIndependent/intermOut.cpp:1318:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[maxSize];
data/glslang-8.13.3743/glslang/MachineIndependent/iomapper.cpp:302:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(inVarMaps, in, EShLangCount * (sizeof(TVarLiveMap*)));
data/glslang-8.13.3743/glslang/MachineIndependent/iomapper.cpp:303:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(outVarMaps, out, EShLangCount * (sizeof(TVarLiveMap*)));
data/glslang-8.13.3743/glslang/MachineIndependent/iomapper.cpp:304:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(uniformVarMap, uniform, EShLangCount * (sizeof(TVarLiveMap*)));
data/glslang-8.13.3743/glslang/MachineIndependent/iomapper.cpp:466:29: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return ent.newSet = atoi(getResourceSetBinding()[0].c_str());
data/glslang-8.13.3743/glslang/MachineIndependent/preprocessor/Pp.cpp:801:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char SrcStrName[2];
data/glslang-8.13.3743/glslang/MachineIndependent/preprocessor/Pp.cpp:858:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ppToken->ival = atoi(ppToken->name);
data/glslang-8.13.3743/glslang/MachineIndependent/preprocessor/Pp.cpp:889:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char extensionName[MaxTokenLength + 1];
data/glslang-8.13.3743/glslang/MachineIndependent/preprocessor/PpAtom.cpp:165:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char t[2];
data/glslang-8.13.3743/glslang/MachineIndependent/preprocessor/PpContext.h:127:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MaxTokenLength + 1];
data/glslang-8.13.3743/gtests/Config.FromFile.cpp:66:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(configChars, configContents.data(), len);
data/glslang-8.13.3743/hlsl/hlslParseHelper.cpp:1330:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char elementNumBuf[20]; // sufficient for MAXINT
data/glslang-8.13.3743/hlsl/hlslParseHelper.cpp:6042:50: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
unsigned int semanticNum = (unsigned int)atoi(semantic.c_str() + pos + 1);
data/glslang-8.13.3743/hlsl/hlslParseHelper.cpp:6108:35: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
qualifier.layoutOffset = 16 * atoi(location.substr(1, location.size()).c_str());
data/glslang-8.13.3743/hlsl/hlslParseHelper.cpp:6148:25: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
regNumber = atoi(desc.substr(1, desc.size()).c_str());
data/glslang-8.13.3743/hlsl/hlslParseHelper.cpp:6183:43: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
qualifier.layoutSet = atoi(it[1].c_str());
data/glslang-8.13.3743/hlsl/hlslParseHelper.cpp:6184:47: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
qualifier.layoutBinding = atoi(it[2].c_str()) + subComponent;
data/glslang-8.13.3743/hlsl/hlslParseHelper.cpp:6205:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
setNumber = atoi(spaceDesc->substr(spaceLen, spaceDesc->size()).c_str());
data/glslang-8.13.3743/hlsl/hlslScanContext.cpp:571:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[2];
data/glslang-8.13.3743/SPIRV/SPVRemapper.cpp:1232:25: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
return std::equal(spir.begin() + typeStart + range.first,
data/glslang-8.13.3743/SPIRV/SpvBuilder.cpp:116:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(filename, currentFile, strlen(currentFile) + 1) != 0) {
data/glslang-8.13.3743/SPIRV/SpvBuilder.cpp:484:15: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (! mismatch)
data/glslang-8.13.3743/SPIRV/SpvBuilder.cpp:1082:15: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (! mismatch) {
data/glslang-8.13.3743/SPIRV/SpvBuilder.cpp:1106:15: [1] (buffer) mismatch:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (! mismatch) {
data/glslang-8.13.3743/SPIRV/SpvBuilder.cpp:2151:85: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
Id Builder::createCompositeCompare(Decoration precision, Id value1, Id value2, bool equal)
data/glslang-8.13.3743/SPIRV/SpvBuilder.cpp:2169:18: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
op = equal ? OpFOrdEqual : OpFOrdNotEqual;
data/glslang-8.13.3743/SPIRV/SpvBuilder.cpp:2173:18: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
op = equal ? OpIEqual : OpINotEqual;
data/glslang-8.13.3743/SPIRV/SpvBuilder.cpp:2176:18: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
op = equal ? OpLogicalEqual : OpLogicalNotEqual;
data/glslang-8.13.3743/SPIRV/SpvBuilder.cpp:2189:38: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
resultId = createUnaryOp(equal ? OpAll : OpAny, boolType, resultId);
data/glslang-8.13.3743/SPIRV/SpvBuilder.cpp:2207:88: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
Id subResultId = createCompositeCompare(precision, constituent1, constituent2, equal);
data/glslang-8.13.3743/SPIRV/SpvBuilder.cpp:2212:49: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
resultId = setPrecision(createBinOp(equal ? OpLogicalAnd : OpLogicalOr, boolType, resultId, subResultId),
data/glslang-8.13.3743/StandAlone/DirStackFileIncluder.h:130:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
file.read(content, length);
data/glslang-8.13.3743/StandAlone/StandAlone.cpp:213:13: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if (equal != def.npos)
data/glslang-8.13.3743/StandAlone/StandAlone.cpp:214:17: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
def[equal] = ' ';
data/glslang-8.13.3743/StandAlone/StandAlone.cpp:728:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strncmp(&argv[0][1], "dumpversion", strlen(&argv[0][1]) + 1) == 0 ||
data/glslang-8.13.3743/StandAlone/StandAlone.cpp:729:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncmp(&argv[0][1], "dumpfullversion", strlen(&argv[0][1]) + 1) == 0)
data/glslang-8.13.3743/StandAlone/StandAlone.cpp:1470:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lengths[0] = (int)strlen(shaderString);
data/glslang-8.13.3743/StandAlone/StandAlone.cpp:1714:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (fgetc(in) != EOF)
data/glslang-8.13.3743/StandAlone/spirv-remap.cpp:78:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read(std::vector<SpvWord>& spv, const std::string& inFilename, int verbosity)
data/glslang-8.13.3743/StandAlone/spirv-remap.cpp:98:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fp.read((char *)&inWord, sizeof(inWord));
data/glslang-8.13.3743/StandAlone/spirv-remap.cpp:164:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(spv, filename, verbosity);
data/glslang-8.13.3743/glslang/MachineIndependent/InfoSink.cpp:47:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
checkMem(strlen(s));
data/glslang-8.13.3743/glslang/MachineIndependent/ShaderLang.cpp:833:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lengths[s + numPre] = strlen(shaderStrings[s]);
data/glslang-8.13.3743/glslang/MachineIndependent/ShaderLang.cpp:980:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lengths[0] = strlen(strings[0]);
data/glslang-8.13.3743/glslang/MachineIndependent/ShaderLang.cpp:983:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lengths[1] = strlen(strings[1]);
data/glslang-8.13.3743/glslang/MachineIndependent/ShaderLang.cpp:989:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lengths[postIndex] = strlen(strings[numStrings + numPre]);
data/glslang-8.13.3743/glslang/MachineIndependent/glslang_tab.cpp:3732:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
# define yystrlen strlen
data/glslang-8.13.3743/glslang/MachineIndependent/localintermediate.h:627:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(implicitCounterName);
data/glslang-8.13.3743/glslang/MachineIndependent/preprocessor/PpScanner.cpp:1287:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(ppToken.name) + strlen(pastedPpToken.name) > MaxTokenLength) {
data/glslang-8.13.3743/glslang/MachineIndependent/preprocessor/PpScanner.cpp:1287:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(ppToken.name) + strlen(pastedPpToken.name) > MaxTokenLength) {
data/glslang-8.13.3743/glslang/MachineIndependent/preprocessor/PpScanner.cpp:1291:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(&ppToken.name[0] + strlen(ppToken.name), sizeof(ppToken.name) - strlen(ppToken.name),
data/glslang-8.13.3743/glslang/MachineIndependent/preprocessor/PpScanner.cpp:1291:86: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(&ppToken.name[0] + strlen(ppToken.name), sizeof(ppToken.name) - strlen(ppToken.name),
data/glslang-8.13.3743/gtests/TestFixture.cpp:156:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fstream.read((char *)&inWord, sizeof(inWord));
data/glslang-8.13.3743/hlsl/hlslParseables.cpp:100:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int numArgs = int(std::count(argOrder, argOrder + strlen(argOrder), ',')) + 1;
ANALYSIS SUMMARY:
Hits = 114
Lines analyzed = 117252 in approximately 3.42 seconds (34241 lines/second)
Physical Source Lines of Code (SLOC) = 86864
Hits@level = [0] 227 [1] 35 [2] 60 [3] 6 [4] 13 [5] 0
Hits@level+ = [0+] 341 [1+] 114 [2+] 79 [3+] 19 [4+] 13 [5+] 0
Hits/KSLOC@level+ = [0+] 3.92568 [1+] 1.3124 [2+] 0.909468 [3+] 0.218733 [4+] 0.149659 [5+] 0
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.